use of eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleService method toDto.
@Override
@SuppressWarnings("unchecked")
protected IdmRoleDto toDto(IdmRole entity, IdmRoleDto dto, IdmRoleFilter context) {
IdmRoleDto roleDto = super.toDto(entity, dto, context);
// Adds to result count of systems for this role, which are in cross-domain group.
if (context != null && context.getIncludeCrossDomainsSystemsCount() != null && context.getIncludeCrossDomainsSystemsCount() && roleDto != null && roleDto.getId() != null && roleSystemService instanceof AbstractReadDtoService) {
@SuppressWarnings(value = "rawtypes") AbstractReadDtoService roleSystemService = (AbstractReadDtoService) this.roleSystemService;
BaseFilter roleSystemFilter = roleSystemService.createFilterInstance();
if (roleSystemFilter instanceof IdmRoleSystemFilter) {
IdmRoleSystemFilter idmRoleSystemFilter = (IdmRoleSystemFilter) roleSystemFilter;
idmRoleSystemFilter.setIsInCrossDomainGroupRoleId(roleDto.getId());
// Permission: User can read role -> can read connected systems.
long count = roleSystemService.count(idmRoleSystemFilter);
roleDto.setSystemsInCrossDomains(count);
}
}
return roleDto;
}
use of eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService in project CzechIdMng by bcvsolutions.
the class DefaultIdmRequestIdentityRoleService method conceptToRequestIdentityRole.
/**
* Converts concept to the request-identity-roles.
*
* @param concept
* @param filter
* @return
*/
@SuppressWarnings("unchecked")
private IdmRequestIdentityRoleDto conceptToRequestIdentityRole(IdmConceptRoleRequestDto concept, IdmRequestIdentityRoleFilter filter) {
IdmRequestIdentityRoleDto requestIdentityRoleDto = modelMapper.map(concept, IdmRequestIdentityRoleDto.class);
// load permission from related contract or role (OR)
if (// from find method only
filter != null && // newly requested role only
ConceptRoleRequestOperation.ADD == concept.getOperation() && !concept.getState().isTerminatedState()) {
// not terminated concepts
// by related contract (backward compatible)
IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(concept, IdmConceptRoleRequest_.identityContract);
Set<String> contractPermissions = identityContractService.getPermissions(contract);
if (PermissionUtils.hasPermission(contractPermissions, ContractBasePermission.CHANGEPERMISSION)) {
Set<String> permissions = requestIdentityRoleDto.getPermissions();
if (permissions == null) {
permissions = new HashSet<>();
}
permissions.add(ContractBasePermission.CHANGEPERMISSION.getName());
requestIdentityRoleDto.setPermissions(permissions);
} else {
// by related role
IdmRoleDto role = lookupService.lookupEmbeddedDto(concept, IdmConceptRoleRequest_.role);
Set<String> rolePermissions = roleService.getPermissions(role);
if (PermissionUtils.hasPermission(rolePermissions, RoleBasePermission.CHANGEPERMISSION)) {
Set<String> permissions = requestIdentityRoleDto.getPermissions();
if (permissions == null) {
permissions = new HashSet<>();
}
permissions.add(RoleBasePermission.CHANGEPERMISSION.getName());
requestIdentityRoleDto.setPermissions(permissions);
}
}
}
if (filter != null && filter.isIncludeEav()) {
IdmFormInstanceDto formInstanceDto;
if (ConceptRoleRequestOperation.REMOVE == concept.getOperation()) {
IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(concept, IdmConceptRoleRequest_.identityRole, IdmIdentityRoleDto.class, (IdmIdentityRoleDto) null);
if (identityRole == null) {
// Identity-role was not found, remove concept was executed (identity-role was removed).
return addCandidates(requestIdentityRoleDto, concept, filter);
}
formInstanceDto = identityRoleService.getRoleAttributeValues(identityRole);
} else {
// Check on change of values is made only on ended request! 'Original' value is current value and in audit it was confusing (only 'new' value is show now).
formInstanceDto = conceptRoleService.getRoleAttributeValues(concept, !concept.getState().isTerminatedState());
}
addEav(requestIdentityRoleDto, formInstanceDto);
}
// Include info if is role in cross-domain group.
if (filter != null && filter.isIncludeCrossDomainsSystemsCount()) {
if (ConceptRoleRequestOperation.REMOVE != concept.getOperation()) {
IdmRoleDto roleDto = DtoUtils.getEmbedded(concept, IdmConceptRoleRequest_.role.getName(), IdmRoleDto.class, null);
if (roleDto != null && this.roleSystemService instanceof AbstractReadDtoService) {
AbstractReadDtoService<?, ?, IdmRoleSystemFilter> roleSystemService = (AbstractReadDtoService<?, ?, IdmRoleSystemFilter>) this.roleSystemService;
BaseFilter roleSystemFilter = roleSystemService.createFilterInstance();
if (roleSystemFilter instanceof IdmRoleSystemFilter) {
IdmRoleSystemFilter idmRoleSystemFilter = (IdmRoleSystemFilter) roleSystemFilter;
idmRoleSystemFilter.setIsInCrossDomainGroupRoleId(roleDto.getId());
long count = roleSystemService.count(idmRoleSystemFilter);
roleDto.setSystemsInCrossDomains(count);
}
}
}
}
return addCandidates(requestIdentityRoleDto, concept, filter);
}
use of eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService in project CzechIdMng by bcvsolutions.
the class DefaultIdmIdentityRoleService method toDto.
@Override
protected IdmIdentityRoleDto toDto(IdmIdentityRole entity, IdmIdentityRoleDto dto) {
dto = super.toDto(entity, dto);
if (dto == null) {
return null;
}
IdmAutomaticRole automaticRole = entity.getAutomaticRole();
if (automaticRole != null) {
dto.setAutomaticRole(automaticRole.getId());
BaseDto baseDto = null;
Map<String, BaseDto> embedded = dto.getEmbedded();
if (automaticRole instanceof IdmAutomaticRoleAttribute) {
baseDto = lookupService.getDtoService(IdmAutomaticRoleAttributeDto.class).get(automaticRole.getId());
} else {
baseDto = lookupService.getDtoService(IdmRoleTreeNodeDto.class).get(automaticRole.getId());
}
embedded.put(IdmIdentityRole_.automaticRole.getName(), baseDto);
dto.setEmbedded(embedded);
}
UUID roleSystemId = entity.getRoleSystem();
if (roleSystemId != null) {
Map<String, BaseDto> embedded = dto.getEmbedded();
if (roleSystemService instanceof AbstractReadDtoService) {
@SuppressWarnings("rawtypes") BaseDto baseDto = ((AbstractReadDtoService) roleSystemService).get(roleSystemId);
embedded.put(IdmIdentityRole_.roleSystem.getName(), baseDto);
dto.setEmbedded(embedded);
}
}
return dto;
}
Aggregations