Search in sources :

Example 31 with IdmIdentityProjectionDto

use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.

the class DefaultIdentityProjectionManagerIntegrationTest method testValidateBasicFieldsContractFailed.

@Transactional
@Test(expected = InvalidFormException.class)
public void testValidateBasicFieldsContractFailed() throws Exception {
    // prepare projection
    IdmFormProjectionDto formProjection = new IdmFormProjectionDto();
    formProjection.setCode(getHelper().createName());
    formProjection.setOwnerType(lookupService.getOwnerType(IdmIdentityDto.class));
    formProjection.getProperties().put(IdentityFormProjectionRoute.PARAMETER_ALL_CONTRACTS, true);
    IdmFormAttributeDto attributeExternalCode = new IdmFormAttributeDto();
    attributeExternalCode.setCode(IdmIdentity_.externalCode.getName());
    attributeExternalCode.setName(String.format("%s.%s", IdmIdentity.class.getSimpleName(), IdmIdentity_.externalCode.getName()));
    attributeExternalCode.setRequired(true);
    IdmFormAttributeDto attributeLastName = new IdmFormAttributeDto();
    attributeLastName.setCode(IdmIdentity_.lastName.getName());
    attributeLastName.setMax(BigDecimal.valueOf(3));
    IdmFormAttributeDto attributeValidTill = new IdmFormAttributeDto();
    attributeValidTill.setCode(IdmIdentityContract_.validTill.getName());
    attributeValidTill.setName(String.format("%s.%s", IdmIdentityContract.class.getSimpleName(), IdmIdentityContract_.validTill.getName()));
    attributeValidTill.setRequired(true);
    attributeValidTill.setMax(BigDecimal.valueOf(3));
    formProjection.setFormValidations(mapper.writeValueAsString(Lists.newArrayList(attributeExternalCode, attributeLastName, attributeValidTill)));
    formProjection = projectionService.save(formProjection);
    // 
    // create identity with projection is defined
    IdmIdentityDto identity = new IdmIdentityDto(getHelper().createName());
    identity.setExternalCode(getHelper().createName());
    identity.setLastName("xxx");
    identity.setFormProjection(formProjection.getId());
    IdmIdentityProjectionDto projection = new IdmIdentityProjectionDto(identity);
    // 
    // set contract
    IdmIdentityContractDto primeContract = new IdmIdentityContractDto();
    primeContract.setMain(true);
    primeContract.setWorkPosition(getHelper().createTreeNode().getId());
    primeContract.setPosition(getHelper().createName());
    primeContract.setValidFrom(LocalDate.now().minus(1l, ChronoUnit.DAYS));
    primeContract.setValidTill(LocalDate.now().plus(4l, ChronoUnit.DAYS));
    projection.setContract(primeContract);
    // 
    IdentityProjectionEvent identityProjectionEvent = new IdentityProjectionEvent(IdentityProjectionEventType.CREATE, projection);
    identityProjectionEvent.setPriority(PriorityType.IMMEDIATE);
    manager.publish(identityProjectionEvent);
}
Also used : IdmFormProjectionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormProjectionDto) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdentityProjectionEvent(eu.bcvsolutions.idm.core.eav.api.event.IdentityProjectionEvent) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmIdentityProjectionDto(eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto) AbstractRestTest(eu.bcvsolutions.idm.test.api.AbstractRestTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 32 with IdmIdentityProjectionDto

use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.

the class DefaultIdentityProjectionManagerIntegrationTest method testSaveProjectionEavSecuredException.

@Test
@Transactional
public void testSaveProjectionEavSecuredException() {
    // 
    // create definition with two attributes
    IdmFormAttributeDto formAttributeOne = new IdmFormAttributeDto(getHelper().createName());
    IdmFormAttributeDto formAttributeTwo = new IdmFormAttributeDto(getHelper().createName());
    IdmFormDefinitionDto formDefinition = formService.createDefinition(IdmIdentityDto.class, getHelper().createName(), Lists.newArrayList(formAttributeOne, formAttributeTwo));
    formAttributeOne = formDefinition.getMappedAttributeByCode(formAttributeOne.getCode());
    formAttributeTwo = formDefinition.getMappedAttributeByCode(formAttributeTwo.getCode());
    // 
    // password is needed
    IdmIdentityDto identityOne = getHelper().createIdentity();
    // password is needed
    IdmIdentityDto identityTwo = getHelper().createIdentity();
    IdmIdentityDto identityOther = getHelper().createIdentity((GuardedString) null);
    // 
    // assign self identity authorization policy - READ - to identityOne
    IdmRoleDto roleReadIdentity = getHelper().createRole();
    getHelper().createAuthorizationPolicy(roleReadIdentity.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, SelfIdentityEvaluator.class, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
    // and other
    getHelper().createUuidPolicy(roleReadIdentity.getId(), identityOther.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
    getHelper().createIdentityRole(identityOne, roleReadIdentity);
    // 
    // assign self identity authorization policy - UPDATE - to identityOne
    IdmRoleDto roleUpdateIdentity = getHelper().createRole();
    getHelper().createAuthorizationPolicy(roleUpdateIdentity.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, // self
    SelfIdentityEvaluator.class, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ, IdmBasePermission.UPDATE);
    // and other
    getHelper().createUuidPolicy(roleUpdateIdentity.getId(), identityOther.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ, IdmBasePermission.UPDATE);
    getHelper().createIdentityRole(identityTwo, roleUpdateIdentity);
    // 
    // assign autocomplete to form definition
    getHelper().createUuidPolicy(roleReadIdentity.getId(), formDefinition.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
    // and other
    getHelper().createUuidPolicy(roleUpdateIdentity.getId(), formDefinition.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
    // 
    // save some values as admin to identity one
    IdmFormValueDto formValueOne = new IdmFormValueDto(formAttributeOne);
    formValueOne.setValue(getHelper().createName());
    IdmFormValueDto formValueTwo = new IdmFormValueDto(formAttributeTwo);
    formValueTwo.setValue(getHelper().createName());
    List<IdmFormValueDto> formValues = Lists.newArrayList(formValueOne, formValueTwo);
    identityOne.setEavs(Lists.newArrayList(new IdmFormInstanceDto(identityOne, formDefinition, formValues)));
    manager.publish(new IdentityProjectionEvent(IdentityProjectionEventType.UPDATE, new IdmIdentityProjectionDto(identityOne)));
    // 
    // values cannot be read as identity one
    getHelper().login(identityOne);
    try {
        IdmIdentityProjectionDto projection = manager.get(identityOne.getId(), IdmBasePermission.READ);
        IdmFormInstanceDto formInstance = projection.getIdentity().getEavs().stream().filter(i -> i.getFormDefinition().getId().equals(formDefinition.getId())).findFirst().get();
        Assert.assertTrue(formInstance.getValues().isEmpty());
        Assert.assertEquals(0, formInstance.getFormDefinition().getFormAttributes().size());
    } finally {
        logout();
    }
    getHelper().login(identityTwo);
    try {
        IdmIdentityProjectionDto projection = manager.get(identityOther.getId(), IdmBasePermission.READ);
        IdmFormInstanceDto formInstance = projection.getIdentity().getEavs().stream().filter(i -> i.getFormDefinition().getId().equals(formDefinition.getId())).findFirst().get();
        Assert.assertTrue(formInstance.getValues().isEmpty());
        Assert.assertEquals(0, formInstance.getFormDefinition().getFormAttributes().size());
    } finally {
        logout();
    }
    // 
    // configure authorization policy to read attribute one and edit attribute two - for self
    ConfigurationMap properties = new ConfigurationMap();
    properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_DEFINITION, formDefinition.getId());
    properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_ATTRIBUTES, formAttributeOne.getCode());
    properties.put(IdentityFormValueEvaluator.PARAMETER_SELF_ONLY, true);
    getHelper().createAuthorizationPolicy(roleReadIdentity.getId(), CoreGroupPermission.FORMVALUE, IdmIdentityFormValue.class, IdentityFormValueEvaluator.class, properties, IdmBasePermission.READ);
    // 
    // read self attribute one
    getHelper().login(identityOne);
    try {
        IdmIdentityProjectionDto projection = manager.get(identityOne.getId(), IdmBasePermission.READ);
        IdmFormInstanceDto formInstance = projection.getIdentity().getEavs().stream().filter(i -> i.getFormDefinition().getId().equals(formDefinition.getId())).findFirst().get();
        // 
        Assert.assertEquals(1, formInstance.getValues().size());
        Assert.assertEquals(formValueOne.getShortTextValue(), formInstance.getValues().get(0).getShortTextValue());
        Assert.assertEquals(1, formInstance.getFormDefinition().getFormAttributes().size());
        Assert.assertEquals(formAttributeOne.getCode(), formInstance.getFormDefinition().getFormAttributes().get(0).getCode());
    } finally {
        logout();
    }
    // 
    // update is forbidden
    getHelper().login(identityOne);
    try {
        identityOne.setEavs(Lists.newArrayList(new IdmFormInstanceDto(identityOne, formDefinition, Lists.newArrayList(formValueOne))));
        manager.publish(new IdentityProjectionEvent(IdentityProjectionEventType.UPDATE, new IdmIdentityProjectionDto(identityOne)), IdmBasePermission.UPDATE).getContent();
    } catch (ForbiddenEntityException ex) {
    // ok
    } finally {
        logout();
    }
    getHelper().login(identityOne);
    try {
        identityTwo.setEavs(Lists.newArrayList(new IdmFormInstanceDto(identityOne, formDefinition, Lists.newArrayList(formValueOne))));
        manager.publish(new IdentityProjectionEvent(IdentityProjectionEventType.UPDATE, new IdmIdentityProjectionDto(identityTwo)), IdmBasePermission.UPDATE).getContent();
    } catch (ForbiddenEntityException ex) {
    // ok
    } finally {
        logout();
    }
    // 
    // add policy to edit attribute two for identity one
    properties = new ConfigurationMap();
    properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_DEFINITION, formDefinition.getId());
    properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_ATTRIBUTES, formAttributeTwo.getCode());
    properties.put(IdentityFormValueEvaluator.PARAMETER_SELF_ONLY, true);
    getHelper().createAuthorizationPolicy(roleReadIdentity.getId(), CoreGroupPermission.FORMVALUE, IdmIdentityFormValue.class, IdentityFormValueEvaluator.class, properties, IdmBasePermission.READ, IdmBasePermission.UPDATE);
    // 
    String updatedValue = getHelper().createName();
    formValueTwo.setValue(updatedValue);
}
Also used : IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto) IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto) IdentityProjectionEvent(eu.bcvsolutions.idm.core.eav.api.event.IdentityProjectionEvent) ConfigurationMap(eu.bcvsolutions.idm.core.api.domain.ConfigurationMap) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityProjectionDto(eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto) ForbiddenEntityException(eu.bcvsolutions.idm.core.api.exception.ForbiddenEntityException) AbstractRestTest(eu.bcvsolutions.idm.test.api.AbstractRestTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 33 with IdmIdentityProjectionDto

use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.

the class IdmIdentityProjectionController method get.

@ResponseBody
@RequestMapping(value = "/{backendId}", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.IDENTITY_READ + "')")
@ApiOperation(value = "Identity projection detail", nickname = "getIdentityProjection", response = IdmIdentityProjectionDto.class, tags = { IdmIdentityProjectionController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.IDENTITY_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.IDENTITY_READ, description = "") }) })
public ResponseEntity<?> get(@ApiParam(value = "Identity's uuid identifier or username.", required = true) @PathVariable @NotNull String backendId) {
    IdmIdentityProjectionDto dto = getDto(backendId);
    if (dto == null) {
        throw new EntityNotFoundException(identityService.getEntityClass(), backendId);
    }
    ResourceSupport resource = toResource(dto);
    if (resource == null) {
        return new ResponseEntity<>(HttpStatus.NO_CONTENT);
    }
    // 
    return new ResponseEntity<>(resource, HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException) ResourceSupport(org.springframework.hateoas.ResourceSupport) IdmIdentityProjectionDto(eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) ResponseBody(org.springframework.web.bind.annotation.ResponseBody) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 34 with IdmIdentityProjectionDto

use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.

the class DefaultIdentityProjectionManagerIntegrationTest method testValidateExtendedAttribute.

@Transactional
public void testValidateExtendedAttribute() throws Exception {
    // prepare projection
    IdmFormProjectionDto formProjection = new IdmFormProjectionDto();
    formProjection.setCode(getHelper().createName());
    formProjection.setOwnerType(lookupService.getOwnerType(IdmIdentityDto.class));
    formProjection.getProperties().put(IdentityFormProjectionRoute.PARAMETER_ALL_CONTRACTS, true);
    // 
    IdmFormAttributeDto attributeDefinitionOne = new IdmFormAttributeDto();
    attributeDefinitionOne.setCode(getHelper().createName());
    attributeDefinitionOne.setName(attributeDefinitionOne.getCode());
    attributeDefinitionOne.setPersistentType(PersistentType.SHORTTEXT);
    IdmFormDefinitionDto formDefinitionOne = formService.createDefinition(IdmIdentity.class, getHelper().createName(), Lists.newArrayList(attributeDefinitionOne));
    attributeDefinitionOne = formDefinitionOne.getMappedAttributeByCode(attributeDefinitionOne.getCode());
    // 
    IdmFormAttributeDto attribute = new IdmFormAttributeDto();
    attribute.setId(attributeDefinitionOne.getId());
    attribute.setPersistentType(attributeDefinitionOne.getPersistentType());
    attribute.setFormDefinition(attributeDefinitionOne.getFormDefinition());
    attribute.setCode(attributeDefinitionOne.getCode());
    attribute.setRequired(true);
    attribute.setLabel("overriden");
    attribute.setPlaceholder("overriden");
    attribute.setMin(BigDecimal.ONE);
    attribute.setMax(BigDecimal.TEN);
    attribute.setRegex("[abc]");
    attribute.setValidationMessage("Test validation failed.");
    formProjection.setFormValidations(mapper.writeValueAsString(Lists.newArrayList(attribute)));
    formProjection = projectionService.save(formProjection);
    // 
    // create identity with projection is defined
    IdmIdentityDto identity = new IdmIdentityDto(getHelper().createName());
    identity.setExternalCode(getHelper().createName());
    identity.setLastName(getHelper().createName());
    identity.setFormProjection(formProjection.getId());
    // 
    // set eav
    IdmFormInstanceDto instanceOne = new IdmFormInstanceDto();
    instanceOne.setFormDefinition(formDefinitionOne);
    IdmFormValueDto valueOne = new IdmFormValueDto(attribute);
    valueOne.setValue("abc");
    instanceOne.setValues(Lists.newArrayList(valueOne));
    identity.setEavs(Lists.newArrayList(instanceOne));
    // 
    IdmIdentityProjectionDto projection = new IdmIdentityProjectionDto(identity);
    // 
    IdentityProjectionEvent identityProjectionEvent = new IdentityProjectionEvent(IdentityProjectionEventType.CREATE, projection);
    identityProjectionEvent.setPriority(PriorityType.IMMEDIATE);
    manager.publish(identityProjectionEvent);
}
Also used : IdmFormProjectionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormProjectionDto) IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto) IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto) IdentityProjectionEvent(eu.bcvsolutions.idm.core.eav.api.event.IdentityProjectionEvent) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityProjectionDto(eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

IdmIdentityProjectionDto (eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto)34 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)32 Transactional (org.springframework.transaction.annotation.Transactional)24 AbstractRestTest (eu.bcvsolutions.idm.test.api.AbstractRestTest)23 Test (org.junit.Test)23 IdmFormProjectionDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormProjectionDto)22 IdentityProjectionEvent (eu.bcvsolutions.idm.core.eav.api.event.IdentityProjectionEvent)22 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)21 IdmFormAttributeDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)18 IdmFormDefinitionDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)15 IdmFormInstanceDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)15 IdmFormValueDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)15 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)10 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)9 IdmContractPositionDto (eu.bcvsolutions.idm.core.api.dto.IdmContractPositionDto)8 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)8 ForbiddenEntityException (eu.bcvsolutions.idm.core.api.exception.ForbiddenEntityException)8 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)7 IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)7 FormDefinitionAttributes (eu.bcvsolutions.idm.core.eav.api.dto.FormDefinitionAttributes)7