use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdentityProjectionManagerIntegrationTest method testValidateBasicFieldsContractFailed.
@Transactional
@Test(expected = InvalidFormException.class)
public void testValidateBasicFieldsContractFailed() throws Exception {
// prepare projection
IdmFormProjectionDto formProjection = new IdmFormProjectionDto();
formProjection.setCode(getHelper().createName());
formProjection.setOwnerType(lookupService.getOwnerType(IdmIdentityDto.class));
formProjection.getProperties().put(IdentityFormProjectionRoute.PARAMETER_ALL_CONTRACTS, true);
IdmFormAttributeDto attributeExternalCode = new IdmFormAttributeDto();
attributeExternalCode.setCode(IdmIdentity_.externalCode.getName());
attributeExternalCode.setName(String.format("%s.%s", IdmIdentity.class.getSimpleName(), IdmIdentity_.externalCode.getName()));
attributeExternalCode.setRequired(true);
IdmFormAttributeDto attributeLastName = new IdmFormAttributeDto();
attributeLastName.setCode(IdmIdentity_.lastName.getName());
attributeLastName.setMax(BigDecimal.valueOf(3));
IdmFormAttributeDto attributeValidTill = new IdmFormAttributeDto();
attributeValidTill.setCode(IdmIdentityContract_.validTill.getName());
attributeValidTill.setName(String.format("%s.%s", IdmIdentityContract.class.getSimpleName(), IdmIdentityContract_.validTill.getName()));
attributeValidTill.setRequired(true);
attributeValidTill.setMax(BigDecimal.valueOf(3));
formProjection.setFormValidations(mapper.writeValueAsString(Lists.newArrayList(attributeExternalCode, attributeLastName, attributeValidTill)));
formProjection = projectionService.save(formProjection);
//
// create identity with projection is defined
IdmIdentityDto identity = new IdmIdentityDto(getHelper().createName());
identity.setExternalCode(getHelper().createName());
identity.setLastName("xxx");
identity.setFormProjection(formProjection.getId());
IdmIdentityProjectionDto projection = new IdmIdentityProjectionDto(identity);
//
// set contract
IdmIdentityContractDto primeContract = new IdmIdentityContractDto();
primeContract.setMain(true);
primeContract.setWorkPosition(getHelper().createTreeNode().getId());
primeContract.setPosition(getHelper().createName());
primeContract.setValidFrom(LocalDate.now().minus(1l, ChronoUnit.DAYS));
primeContract.setValidTill(LocalDate.now().plus(4l, ChronoUnit.DAYS));
projection.setContract(primeContract);
//
IdentityProjectionEvent identityProjectionEvent = new IdentityProjectionEvent(IdentityProjectionEventType.CREATE, projection);
identityProjectionEvent.setPriority(PriorityType.IMMEDIATE);
manager.publish(identityProjectionEvent);
}
use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdentityProjectionManagerIntegrationTest method testSaveProjectionEavSecuredException.
@Test
@Transactional
public void testSaveProjectionEavSecuredException() {
//
// create definition with two attributes
IdmFormAttributeDto formAttributeOne = new IdmFormAttributeDto(getHelper().createName());
IdmFormAttributeDto formAttributeTwo = new IdmFormAttributeDto(getHelper().createName());
IdmFormDefinitionDto formDefinition = formService.createDefinition(IdmIdentityDto.class, getHelper().createName(), Lists.newArrayList(formAttributeOne, formAttributeTwo));
formAttributeOne = formDefinition.getMappedAttributeByCode(formAttributeOne.getCode());
formAttributeTwo = formDefinition.getMappedAttributeByCode(formAttributeTwo.getCode());
//
// password is needed
IdmIdentityDto identityOne = getHelper().createIdentity();
// password is needed
IdmIdentityDto identityTwo = getHelper().createIdentity();
IdmIdentityDto identityOther = getHelper().createIdentity((GuardedString) null);
//
// assign self identity authorization policy - READ - to identityOne
IdmRoleDto roleReadIdentity = getHelper().createRole();
getHelper().createAuthorizationPolicy(roleReadIdentity.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, SelfIdentityEvaluator.class, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
// and other
getHelper().createUuidPolicy(roleReadIdentity.getId(), identityOther.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
getHelper().createIdentityRole(identityOne, roleReadIdentity);
//
// assign self identity authorization policy - UPDATE - to identityOne
IdmRoleDto roleUpdateIdentity = getHelper().createRole();
getHelper().createAuthorizationPolicy(roleUpdateIdentity.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, // self
SelfIdentityEvaluator.class, IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ, IdmBasePermission.UPDATE);
// and other
getHelper().createUuidPolicy(roleUpdateIdentity.getId(), identityOther.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ, IdmBasePermission.UPDATE);
getHelper().createIdentityRole(identityTwo, roleUpdateIdentity);
//
// assign autocomplete to form definition
getHelper().createUuidPolicy(roleReadIdentity.getId(), formDefinition.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
// and other
getHelper().createUuidPolicy(roleUpdateIdentity.getId(), formDefinition.getId(), IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ);
//
// save some values as admin to identity one
IdmFormValueDto formValueOne = new IdmFormValueDto(formAttributeOne);
formValueOne.setValue(getHelper().createName());
IdmFormValueDto formValueTwo = new IdmFormValueDto(formAttributeTwo);
formValueTwo.setValue(getHelper().createName());
List<IdmFormValueDto> formValues = Lists.newArrayList(formValueOne, formValueTwo);
identityOne.setEavs(Lists.newArrayList(new IdmFormInstanceDto(identityOne, formDefinition, formValues)));
manager.publish(new IdentityProjectionEvent(IdentityProjectionEventType.UPDATE, new IdmIdentityProjectionDto(identityOne)));
//
// values cannot be read as identity one
getHelper().login(identityOne);
try {
IdmIdentityProjectionDto projection = manager.get(identityOne.getId(), IdmBasePermission.READ);
IdmFormInstanceDto formInstance = projection.getIdentity().getEavs().stream().filter(i -> i.getFormDefinition().getId().equals(formDefinition.getId())).findFirst().get();
Assert.assertTrue(formInstance.getValues().isEmpty());
Assert.assertEquals(0, formInstance.getFormDefinition().getFormAttributes().size());
} finally {
logout();
}
getHelper().login(identityTwo);
try {
IdmIdentityProjectionDto projection = manager.get(identityOther.getId(), IdmBasePermission.READ);
IdmFormInstanceDto formInstance = projection.getIdentity().getEavs().stream().filter(i -> i.getFormDefinition().getId().equals(formDefinition.getId())).findFirst().get();
Assert.assertTrue(formInstance.getValues().isEmpty());
Assert.assertEquals(0, formInstance.getFormDefinition().getFormAttributes().size());
} finally {
logout();
}
//
// configure authorization policy to read attribute one and edit attribute two - for self
ConfigurationMap properties = new ConfigurationMap();
properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_DEFINITION, formDefinition.getId());
properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_ATTRIBUTES, formAttributeOne.getCode());
properties.put(IdentityFormValueEvaluator.PARAMETER_SELF_ONLY, true);
getHelper().createAuthorizationPolicy(roleReadIdentity.getId(), CoreGroupPermission.FORMVALUE, IdmIdentityFormValue.class, IdentityFormValueEvaluator.class, properties, IdmBasePermission.READ);
//
// read self attribute one
getHelper().login(identityOne);
try {
IdmIdentityProjectionDto projection = manager.get(identityOne.getId(), IdmBasePermission.READ);
IdmFormInstanceDto formInstance = projection.getIdentity().getEavs().stream().filter(i -> i.getFormDefinition().getId().equals(formDefinition.getId())).findFirst().get();
//
Assert.assertEquals(1, formInstance.getValues().size());
Assert.assertEquals(formValueOne.getShortTextValue(), formInstance.getValues().get(0).getShortTextValue());
Assert.assertEquals(1, formInstance.getFormDefinition().getFormAttributes().size());
Assert.assertEquals(formAttributeOne.getCode(), formInstance.getFormDefinition().getFormAttributes().get(0).getCode());
} finally {
logout();
}
//
// update is forbidden
getHelper().login(identityOne);
try {
identityOne.setEavs(Lists.newArrayList(new IdmFormInstanceDto(identityOne, formDefinition, Lists.newArrayList(formValueOne))));
manager.publish(new IdentityProjectionEvent(IdentityProjectionEventType.UPDATE, new IdmIdentityProjectionDto(identityOne)), IdmBasePermission.UPDATE).getContent();
} catch (ForbiddenEntityException ex) {
// ok
} finally {
logout();
}
getHelper().login(identityOne);
try {
identityTwo.setEavs(Lists.newArrayList(new IdmFormInstanceDto(identityOne, formDefinition, Lists.newArrayList(formValueOne))));
manager.publish(new IdentityProjectionEvent(IdentityProjectionEventType.UPDATE, new IdmIdentityProjectionDto(identityTwo)), IdmBasePermission.UPDATE).getContent();
} catch (ForbiddenEntityException ex) {
// ok
} finally {
logout();
}
//
// add policy to edit attribute two for identity one
properties = new ConfigurationMap();
properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_DEFINITION, formDefinition.getId());
properties.put(IdentityFormValueEvaluator.PARAMETER_FORM_ATTRIBUTES, formAttributeTwo.getCode());
properties.put(IdentityFormValueEvaluator.PARAMETER_SELF_ONLY, true);
getHelper().createAuthorizationPolicy(roleReadIdentity.getId(), CoreGroupPermission.FORMVALUE, IdmIdentityFormValue.class, IdentityFormValueEvaluator.class, properties, IdmBasePermission.READ, IdmBasePermission.UPDATE);
//
String updatedValue = getHelper().createName();
formValueTwo.setValue(updatedValue);
}
use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.
the class IdmIdentityProjectionController method get.
@ResponseBody
@RequestMapping(value = "/{backendId}", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.IDENTITY_READ + "')")
@ApiOperation(value = "Identity projection detail", nickname = "getIdentityProjection", response = IdmIdentityProjectionDto.class, tags = { IdmIdentityProjectionController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.IDENTITY_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.IDENTITY_READ, description = "") }) })
public ResponseEntity<?> get(@ApiParam(value = "Identity's uuid identifier or username.", required = true) @PathVariable @NotNull String backendId) {
IdmIdentityProjectionDto dto = getDto(backendId);
if (dto == null) {
throw new EntityNotFoundException(identityService.getEntityClass(), backendId);
}
ResourceSupport resource = toResource(dto);
if (resource == null) {
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
//
return new ResponseEntity<>(resource, HttpStatus.OK);
}
use of eu.bcvsolutions.idm.core.api.dto.projection.IdmIdentityProjectionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdentityProjectionManagerIntegrationTest method testValidateExtendedAttribute.
@Transactional
public void testValidateExtendedAttribute() throws Exception {
// prepare projection
IdmFormProjectionDto formProjection = new IdmFormProjectionDto();
formProjection.setCode(getHelper().createName());
formProjection.setOwnerType(lookupService.getOwnerType(IdmIdentityDto.class));
formProjection.getProperties().put(IdentityFormProjectionRoute.PARAMETER_ALL_CONTRACTS, true);
//
IdmFormAttributeDto attributeDefinitionOne = new IdmFormAttributeDto();
attributeDefinitionOne.setCode(getHelper().createName());
attributeDefinitionOne.setName(attributeDefinitionOne.getCode());
attributeDefinitionOne.setPersistentType(PersistentType.SHORTTEXT);
IdmFormDefinitionDto formDefinitionOne = formService.createDefinition(IdmIdentity.class, getHelper().createName(), Lists.newArrayList(attributeDefinitionOne));
attributeDefinitionOne = formDefinitionOne.getMappedAttributeByCode(attributeDefinitionOne.getCode());
//
IdmFormAttributeDto attribute = new IdmFormAttributeDto();
attribute.setId(attributeDefinitionOne.getId());
attribute.setPersistentType(attributeDefinitionOne.getPersistentType());
attribute.setFormDefinition(attributeDefinitionOne.getFormDefinition());
attribute.setCode(attributeDefinitionOne.getCode());
attribute.setRequired(true);
attribute.setLabel("overriden");
attribute.setPlaceholder("overriden");
attribute.setMin(BigDecimal.ONE);
attribute.setMax(BigDecimal.TEN);
attribute.setRegex("[abc]");
attribute.setValidationMessage("Test validation failed.");
formProjection.setFormValidations(mapper.writeValueAsString(Lists.newArrayList(attribute)));
formProjection = projectionService.save(formProjection);
//
// create identity with projection is defined
IdmIdentityDto identity = new IdmIdentityDto(getHelper().createName());
identity.setExternalCode(getHelper().createName());
identity.setLastName(getHelper().createName());
identity.setFormProjection(formProjection.getId());
//
// set eav
IdmFormInstanceDto instanceOne = new IdmFormInstanceDto();
instanceOne.setFormDefinition(formDefinitionOne);
IdmFormValueDto valueOne = new IdmFormValueDto(attribute);
valueOne.setValue("abc");
instanceOne.setValues(Lists.newArrayList(valueOne));
identity.setEavs(Lists.newArrayList(instanceOne));
//
IdmIdentityProjectionDto projection = new IdmIdentityProjectionDto(identity);
//
IdentityProjectionEvent identityProjectionEvent = new IdentityProjectionEvent(IdentityProjectionEventType.CREATE, projection);
identityProjectionEvent.setPriority(PriorityType.IMMEDIATE);
manager.publish(identityProjectionEvent);
}
Aggregations