Example 11 with ResultCodeException
use of eu.bcvsolutions.idm.core.api.exception.ResultCodeException in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountService method getConnectorObject.
@Override
public IcConnectorObject getConnectorObject(AccAccountDto account, BasePermission... permissions) {
Assert.notNull(account, "Account cannot be null!");
this.checkAccess(account, permissions);
List<SysSchemaAttributeDto> schemaAttributes = this.getSchemaAttributes(account.getSystem(), null);
if (schemaAttributes == null) {
return null;
}
try {
// Find connector-type.
SysSystemDto systemDto = lookupService.lookupEmbeddedDto(account, AccAccount_.system);
ConnectorType connectorType = connectorManager.findConnectorTypeBySystem(systemDto);
// Find first mapping for entity type and system, from the account and return his object class.
IcObjectClass icObjectClass = schemaObjectClassService.findByAccount(account.getSystem(), account.getEntityType());
IcConnectorObject fullObject = this.systemService.readConnectorObject(account.getSystem(), account.getRealUid(), icObjectClass, connectorType);
return this.getConnectorObjectForSchema(fullObject, schemaAttributes);
} catch (Exception ex) {
SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system, SysSystemDto.class);
throw new ResultCodeException(AccResultCode.ACCOUNT_CANNOT_BE_READ_FROM_TARGET, ImmutableMap.of("account", account.getUid(), "system", system != null ? system.getName() : account.getSystem()), ex);
}
}
Also used :
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Example 12 with ResultCodeException
use of eu.bcvsolutions.idm.core.api.exception.ResultCodeException in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method toPredicates.
@Override
protected List<Predicate> toPredicates(Root<SysProvisioningOperation> root, CriteriaQuery<?> query, CriteriaBuilder builder, SysProvisioningOperationFilter filter) {
List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
// quick - "fulltext"
if (StringUtils.isNotEmpty(filter.getText())) {
throw new ResultCodeException(CoreResultCode.BAD_FILTER, "Filter by text is not supported.");
}
// System Id
UUID systemId = filter.getSystemId();
if (systemId != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.system).get(SysSystem_.id), systemId));
}
// From
ZonedDateTime from = filter.getFrom();
if (from != null) {
predicates.add(builder.greaterThanOrEqualTo(root.get(SysProvisioningOperation_.created), from));
}
// Till
ZonedDateTime till = filter.getTill();
if (till != null) {
predicates.add(builder.lessThanOrEqualTo(root.get(SysProvisioningOperation_.created), till));
}
// Operation type
ProvisioningEventType operationType = filter.getOperationType();
if (operationType != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.operationType), operationType));
}
// Entity type
SystemEntityType entityType = filter.getEntityType();
if (entityType != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.entityType), entityType));
}
// Entity identifier
UUID entityIdentifier = filter.getEntityIdentifier();
if (entityIdentifier != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.entityIdentifier), entityIdentifier));
}
// System entity
UUID systemEntity = filter.getSystemEntity();
if (systemEntity != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.systemEntity).get(SysSystemEntity_.id), systemEntity));
}
// System entity UID
String systemEntityUid = filter.getSystemEntityUid();
if (StringUtils.isNotEmpty(systemEntityUid)) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.systemEntity).get(SysSystemEntity_.uid), systemEntityUid));
}
// Operation result and his state
OperationState resultState = filter.getResultState();
if (resultState != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_STATE), resultState));
}
// Is not in this operation state
OperationState notInState = filter.getNotInState();
if (notInState != null) {
predicates.add(builder.notEqual(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_STATE), notInState));
}
// Batch ID
UUID batchId = filter.getBatchId();
if (batchId != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.batch).get(SysProvisioningBatch_.id), batchId));
}
// Role-request ID
UUID roleRequestId = filter.getRoleRequestId();
if (roleRequestId != null) {
predicates.add(builder.equal(root.get(SysProvisioningOperation_.roleRequestId), roleRequestId));
}
// updated attributes
List<String> attributeUpdated = filter.getAttributeUpdated();
if (!CollectionUtils.isEmpty(attributeUpdated)) {
Subquery<SysProvisioningAttribute> subquery = query.subquery(SysProvisioningAttribute.class);
Root<SysProvisioningAttribute> subRoot = subquery.from(SysProvisioningAttribute.class);
subquery.select(subRoot);
subquery.where(builder.and(// correlation attr
builder.equal(subRoot.get(SysProvisioningAttribute_.provisioningId), root.get(SysProvisioningArchive_.id)), subRoot.get(SysProvisioningAttribute_.name).in(attributeUpdated), builder.isFalse(subRoot.get(SysProvisioningAttribute_.removed))));
predicates.add(builder.exists(subquery));
}
// removed attributes
List<String> attributeRemoved = filter.getAttributeRemoved();
if (!CollectionUtils.isEmpty(attributeRemoved)) {
Subquery<SysProvisioningAttribute> subquery = query.subquery(SysProvisioningAttribute.class);
Root<SysProvisioningAttribute> subRoot = subquery.from(SysProvisioningAttribute.class);
subquery.select(subRoot);
subquery.where(builder.and(// correlation attr
builder.equal(subRoot.get(SysProvisioningAttribute_.provisioningId), root.get(SysProvisioningArchive_.id)), subRoot.get(SysProvisioningAttribute_.name).in(attributeRemoved), builder.isTrue(subRoot.get(SysProvisioningAttribute_.removed))));
predicates.add(builder.exists(subquery));
}
// empty provisioning
Boolean emptyProvisioning = filter.getEmptyProvisioning();
EmptyProvisioningType emptyProvisioningType = filter.getEmptyProvisioningType();
if (emptyProvisioning != null || emptyProvisioningType != null) {
if (BooleanUtils.isTrue(emptyProvisioning) && emptyProvisioningType != null && emptyProvisioningType != EmptyProvisioningType.EMPTY) {
// empty + not empty => nothing
predicates.add(builder.disjunction());
} else if (BooleanUtils.isFalse(emptyProvisioning) && emptyProvisioningType != null && emptyProvisioningType != EmptyProvisioningType.NON_EMPTY) {
// not empty + filled somehow => nothing
predicates.add(builder.disjunction());
} else if (emptyProvisioningType == null) {
// fill by boolean value
emptyProvisioningType = emptyProvisioning ? EmptyProvisioningType.EMPTY : EmptyProvisioningType.NON_EMPTY;
}
Subquery<SysProvisioningAttribute> subquery = query.subquery(SysProvisioningAttribute.class);
Root<SysProvisioningAttribute> subRoot = subquery.from(SysProvisioningAttribute.class);
subquery.select(subRoot);
subquery.where(// correlation attr)
builder.and(builder.equal(subRoot.get(SysProvisioningAttribute_.provisioningId), root.get(SysProvisioningArchive_.id))));
//
// has attributes
Predicate provisioningPredicate = builder.exists(subquery);
Predicate notProcessedPredicate = builder.or(// Not executed operations (already in queue, created) are not wanted - attributes are not computed in this phase.
builder.equal(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_STATE), OperationState.CREATED), builder.equal(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_STATE), OperationState.RUNNING), builder.equal(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_STATE), OperationState.BLOCKED), builder.and(builder.equal(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_STATE), OperationState.NOT_EXECUTED), // only readOnly has attributes evaluated
builder.or(builder.isNull(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_CODE)), builder.notEqual(root.get(SysProvisioningOperation_.result).get(OperationResultDto.PROPERTY_CODE), AccResultCode.PROVISIONING_SYSTEM_READONLY.name()))));
switch(emptyProvisioningType) {
case EMPTY:
{
provisioningPredicate = builder.and(// empty
builder.not(provisioningPredicate), // delete operations are not considered as empty
builder.notEqual(root.get(SysProvisioningOperation_.operationType), ProvisioningEventType.DELETE), builder.not(notProcessedPredicate));
break;
}
case NON_EMPTY:
{
// delete operations are not considered as empty or filled => show all time
provisioningPredicate = builder.and(builder.or(provisioningPredicate, builder.equal(root.get(SysProvisioningOperation_.operationType), ProvisioningEventType.DELETE)), builder.not(notProcessedPredicate));
break;
}
case NOT_PROCESSED:
{
provisioningPredicate = notProcessedPredicate;
break;
}
default:
{
throw new UnsupportedOperationException(String.format("Empty profisioning type [%s] is not supported by filter predicates.", emptyProvisioningType));
}
}
predicates.add(provisioningPredicate);
}
return predicates;
}
Also used :
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
Predicate(javax.persistence.criteria.Predicate)
SysProvisioningAttribute(eu.bcvsolutions.idm.acc.entity.SysProvisioningAttribute)
ZonedDateTime(java.time.ZonedDateTime)
UUID(java.util.UUID)
EmptyProvisioningType(eu.bcvsolutions.idm.acc.domain.EmptyProvisioningType)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
Example 13 with ResultCodeException
use of eu.bcvsolutions.idm.core.api.exception.ResultCodeException in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method handleFailed.
/**
* REQUIRES_NEW => we want to have log in queue / archive all time, even original transaction ends with exception.
*/
@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public SysProvisioningOperationDto handleFailed(SysProvisioningOperationDto operation, Exception ex) {
ResultModel resultModel;
if (ex instanceof ResultCodeException) {
resultModel = ((ResultCodeException) ex).getError().getError();
} else {
String uid = getByProvisioningOperation(operation).getUid();
resultModel = new DefaultResultModel(AccResultCode.PROVISIONING_FAILED, ImmutableMap.of("name", uid, "system", getSystem(operation).getName(), "operationType", operation.getOperationType(), "objectClass", operation.getProvisioningContext().getConnectorObject().getObjectClass().getType()));
}
LOG.error(resultModel.toString(), ex);
//
operation.increaseAttempt();
operation.setMaxAttempts(provisioningConfiguration.getRetryMaxAttempts());
operation.setResult(new OperationResult.Builder(OperationState.EXCEPTION).setModel(resultModel).setCause(ex).build());
//
if (!operation.isDryRun()) {
operation = save(operation);
// create archive operation for the current attempt
provisioningArchiveService.archive(operation);
//
// calculate next attempt
SysProvisioningOperationDto firstOperation = getFirstOperationByBatchId(operation.getBatch());
if (firstOperation.equals(operation)) {
SysProvisioningBatchDto batch = batchService.get(operation.getBatch());
batch.setNextAttempt(batchService.calculateNextAttempt(operation));
batch = batchService.save(batch);
}
//
if (securityService.getCurrentId() != null) {
// TODO: check account owner
// TODO: notification is moved into console ... simple LOG instead?
notificationManager.send(AccModuleDescriptor.TOPIC_PROVISIONING, new IdmMessageDto.Builder().setModel(resultModel).build());
}
}
return operation;
}
Also used :
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
IdmMessageDto(eu.bcvsolutions.idm.core.notification.api.dto.IdmMessageDto)
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
ResultModel(eu.bcvsolutions.idm.core.api.dto.ResultModel)
SysProvisioningBatchDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningBatchDto)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 14 with ResultCodeException
use of eu.bcvsolutions.idm.core.api.exception.ResultCodeException in project CzechIdMng by bcvsolutions.
the class DefaultSysRoleSystemAttributeService method getSchemaAttr.
/**
* Returns schema attribute
*
* @param systemId
* @param attributeName
* @param objectClassName
* @return
*/
private SysSchemaAttributeDto getSchemaAttr(UUID systemId, String attributeName, String objectClassName) {
SysSchemaAttributeFilter filter = new SysSchemaAttributeFilter();
filter.setObjectClassId(getObjectClassId(systemId, objectClassName));
filter.setName(attributeName);
List<SysSchemaAttributeDto> schemas = schemaAttributeService.find(filter, null).getContent();
if (schemas.isEmpty()) {
throw new ResultCodeException(AccResultCode.SYSTEM_SCHEMA_ATTRIBUTE_NOT_FOUND, ImmutableMap.of("objectClassName", objectClassName, "attributeName", attributeName));
}
return schemas.get(0);
}
Also used :
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Example 15 with ResultCodeException
use of eu.bcvsolutions.idm.core.api.exception.ResultCodeException in project CzechIdMng by bcvsolutions.
the class DefaultProvisioningExecutor method executeInternal.
/**
* We need to wait to transaction commit, when provisioning is executed - all accounts have to be prepared.
* Next processing is executed outside a transaction
* => operation states has to be saved in new transactions
* => rollback on the target system is not possible anyway
*
* @param provisioningOperation
* @return
*/
@TransactionalEventListener
@Transactional(propagation = Propagation.NOT_SUPPORTED)
public SysProvisioningOperationDto executeInternal(SysProvisioningOperationDto provisioningOperation) {
Assert.notNull(provisioningOperation, "Provisioning operation is required.");
Assert.notNull(provisioningOperation.getSystemEntity(), "System entity is required.");
Assert.notNull(provisioningOperation.getProvisioningContext(), "Provisioning context is required.");
//
try {
boolean checkNotExecuted = provisioningOperation.isSynchronousProvisioning();
if (provisioningOperationService.isNew(provisioningOperation)) {
provisioningOperation = persistOperation(provisioningOperation);
checkNotExecuted = true;
}
if (checkNotExecuted && provisioningOperation.getResult() != null && OperationState.NOT_EXECUTED == provisioningOperation.getResult().getState()) {
return provisioningOperation;
}
//
CoreEvent<SysProvisioningOperationDto> event = new CoreEvent<SysProvisioningOperationDto>(provisioningOperation.getOperationType(), provisioningOperation);
try {
// set a global provisioning timeout even for synchronous call
FutureTask<EventContext<SysProvisioningOperationDto>> futureTask = new FutureTask<EventContext<SysProvisioningOperationDto>>(new Callable<EventContext<SysProvisioningOperationDto>>() {
@Override
public EventContext<SysProvisioningOperationDto> call() {
return entityEventManager.process(event);
}
});
// thread pool is not used here
Thread thread = new Thread(new DelegatingSecurityContextRunnable(new DelegatingTransactionContextRunnable(futureTask)));
thread.start();
//
// global timeout by configuration
long timeout = provisioningConfiguration.getTimeout();
try {
// TODO: non blocking wait if possible (refactoring is needed + java 9 helps)
EventContext<SysProvisioningOperationDto> context = futureTask.get(timeout, TimeUnit.MILLISECONDS);
//
return context.getContent();
} catch (InterruptedException ex) {
futureTask.cancel(true);
// propagate exception to upper catch
throw ex;
} catch (TimeoutException ex) {
futureTask.cancel(true);
// put thread into queue and wait => timeout too => retry mecchanism will work
throw new ResultCodeException(AccResultCode.PROVISIONING_TIMEOUT, ImmutableMap.of("name", provisioningOperation.getSystemEntityUid(), "system", provisioningOperation.getSystem(), "operationType", provisioningOperation.getOperationType(), "objectClass", provisioningOperation.getProvisioningContext().getConnectorObject().getObjectClass(), "timeout", String.valueOf(timeout)), ex);
}
} catch (Exception ex) {
return provisioningOperationService.handleFailed(provisioningOperation, ex);
} finally {
try {
UUID roleRequestId = provisioningOperation.getRoleRequestId();
if (roleRequestId != null) {
// Check of the state for whole request
// Create mock request -> we don't wont load request from DB -> optimization
IdmRoleRequestDto mockRequest = new IdmRoleRequestDto();
mockRequest.setId(roleRequestId);
mockRequest.setState(RoleRequestState.EXECUTED);
IdmRoleRequestDto returnedReqeust = roleRequestService.refreshSystemState(mockRequest);
OperationResultDto systemState = returnedReqeust.getSystemState();
if (systemState == null) {
// State on system of request was not changed (may be not all provisioning operations are
// resolved)
} else {
// We have final state on systems
IdmRoleRequestDto requestDto = roleRequestService.get(roleRequestId);
if (requestDto != null) {
requestDto.setSystemState(systemState);
roleRequestService.save(requestDto);
} else {
LOG.info(MessageFormat.format("Refresh role-request system state: Role-request with ID [{0}] was not found (maybe was deleted).", roleRequestId));
}
}
}
} catch (Exception ex) {
return provisioningOperationService.handleFailed(provisioningOperation, ex);
}
}
} finally {
UUID eventId = provisioningOperation.getManualEventId();
if (eventId != null) {
IdmEntityEventDto startEvent = entityEventManager.getEvent(eventId);
if (startEvent != null) {
// Complete a manual event (for ensure end of the sync).
entityEventManager.completeManualEvent(startEvent);
}
}
}
}
Also used :
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
TimeoutException(java.util.concurrent.TimeoutException)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
EventContext(eu.bcvsolutions.idm.core.api.event.EventContext)
FutureTask(java.util.concurrent.FutureTask)
CoreEvent(eu.bcvsolutions.idm.core.api.event.CoreEvent)
DelegatingSecurityContextRunnable(org.springframework.security.concurrent.DelegatingSecurityContextRunnable)
UUID(java.util.UUID)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
DelegatingTransactionContextRunnable(eu.bcvsolutions.idm.core.config.DelegatingTransactionContextRunnable)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
TimeoutException(java.util.concurrent.TimeoutException)
IdmEntityEventDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityEventDto)
TransactionalEventListener(org.springframework.transaction.event.TransactionalEventListener)
Transactional(org.springframework.transaction.annotation.Transactional)
Aggregations
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)430
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)107
ApiOperation (io.swagger.annotations.ApiOperation)104
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)101
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)99
UUID (java.util.UUID)90
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)89
Test (org.junit.Test)70
Transactional (org.springframework.transaction.annotation.Transactional)54
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)53
IdmFormDefinitionDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)53
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)49
IOException (java.io.IOException)48
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)47
ResponseEntity (org.springframework.http.ResponseEntity)43
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)38
ArrayList (java.util.ArrayList)33
HashMap (java.util.HashMap)31
IdmPasswordPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)27
OperationResult (eu.bcvsolutions.idm.core.api.entity.OperationResult)26
