use of eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto in project CzechIdMng by bcvsolutions.
the class IdmFormDefinitionController method secureAttributes.
/**
* Secure form attributes by configured authorization policies. Usable, when
* owner not exists (is created together with eavs).
*
* @param formInstance
*
* @since 10.2.0
*/
public void secureAttributes(IdmFormInstanceDto formInstance) {
Assert.notNull(formInstance, "Form instance is required.");
IdmFormDefinitionDto formDefinition = formInstance.getFormDefinition();
Assert.notNull(formDefinition, "Form definition is required.");
Class<? extends Identifiable> ownerType = formInstance.getOwnerType();
Assert.notNull(ownerType, "Form instance owner type is required.");
//
FormValueService<FormableEntity> formValueService = formService.getFormValueService(ownerType);
List<IdmFormAttributeDto> attributes = formDefinition.getFormAttributes();
Set<UUID> removeAttributes = new HashSet<>(attributes.size());
attributes.forEach(attribute -> {
IdmFormValueDto formValue = new IdmFormValueDto(attribute);
formValue.setOwner(formService.getEmptyOwner(formDefinition));
if (formInstance.getOwnerId() != null) {
formValue.getOwner().setId(formInstance.getOwnerId());
}
Set<String> valuePermissions = formValueService.getPermissions(formValue);
if (!PermissionUtils.hasPermission(valuePermissions, IdmBasePermission.READ)) {
removeAttributes.add(attribute.getId());
} else if (!PermissionUtils.hasAnyPermission(valuePermissions, IdmBasePermission.CREATE, IdmBasePermission.UPDATE)) {
if (formInstance.getOwnerId() == null) {
// new owner - remove readonly fields
removeAttributes.add(attribute.getId());
} else {
formDefinition.getMappedAttribute(attribute.getId()).setReadonly(true);
}
}
});
removeAttributes.forEach(attributeId -> {
formDefinition.removeFormAttribute(attributeId);
});
}
use of eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto in project CzechIdMng by bcvsolutions.
the class FormInstanceValidateProcessor method process.
@Override
public EventResult<IdmFormInstanceDto> process(EntityEvent<IdmFormInstanceDto> event) {
IdmFormInstanceDto formInstance = event.getContent();
Assert.notNull(formInstance.getFormDefinition(), "Form definition is required for form instance validation.");
//
// resolve given / configured / overridden / default form definition
// configured definition is loaded only once and applied twice (optimization)
IdmFormDefinitionDto configuredFormDefinition = formProjectionManager.getConfiguredFormDefinition(getOwner(formInstance), formInstance.getFormDefinition());
IdmFormDefinitionDto formDefinition = formProjectionManager.overrideFormDefinition(formService.getDefinition(formInstance.getFormDefinition().getId()), configuredFormDefinition);
Assert.notNull(formDefinition, "Form definition is required for form instance validation.");
IdmFormDefinitionDto formInstanceDefinition = formProjectionManager.overrideFormDefinition(formInstance.getFormDefinition(), configuredFormDefinition);
Assert.notNull(formInstanceDefinition, "Form definition is required for form instance validation.");
//
Map<String, Serializable> properties = event.getProperties();
//
// get distinct attributes from the sent values
// PATCH is used - only sent attributes are validated
Set<IdmFormAttributeDto> sentAttributes = formInstance.getValues().stream().map(IdmFormValueDto::getFormAttribute).map(attributeId -> {
IdmFormAttributeDto mappedAttribute = formInstanceDefinition.getMappedAttribute(attributeId);
if (mappedAttribute != null) {
return mappedAttribute;
}
return formDefinition.getMappedAttribute(attributeId);
}).collect(Collectors.toSet());
// only sent attributes in definition and instance
formDefinition.setFormAttributes(Lists.newArrayList(sentAttributes));
formInstance.setFormDefinition(formDefinition);
// validate
List<InvalidFormAttributeDto> errors = formService.validate(formInstance);
// skip <required> validation if contract update is performed from time slice
if (getBooleanProperty(ContractSliceManager.SKIP_CHECK_FOR_SLICES, properties)) {
errors = errors.stream().filter(error -> {
return !error.isMissingValue();
}).collect(Collectors.toList());
}
if (!errors.isEmpty()) {
throw new InvalidFormException(errors);
}
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto in project CzechIdMng by bcvsolutions.
the class FormDefinitionValidateProcessor method process.
@Override
public EventResult<IdmFormDefinitionDto> process(EntityEvent<IdmFormDefinitionDto> event) {
IdmFormDefinitionDto dto = event.getContent();
IdmFormDefinitionDto original = event.getOriginalSource();
//
if (event.hasType(FormDefinitionEventType.DELETE) && dto.isMain()) {
throw new ResultCodeException(CoreResultCode.FORM_DEFINITION_DELETE_FAILED_MAIN_FORM, ImmutableMap.of("code", dto.getCode()));
}
if (original != null && original.isMain() && !dto.isMain()) {
throw new ResultCodeException(CoreResultCode.FORM_DEFINITION_UPDATE_FAILED_MAIN_FORM, ImmutableMap.of("code", dto.getCode()));
}
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto in project CzechIdMng by bcvsolutions.
the class IdmConceptRoleRequestController method saveFormValues.
/**
* Saves entity's form values
*
* @param backendId
* @param formValues
* @return
*/
@ResponseBody
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLE_REQUEST_UPDATE + "')")
@RequestMapping(value = "/{backendId}/form-values", method = { RequestMethod.POST, RequestMethod.PATCH })
@ApiOperation(value = "Concept form definition - save values", nickname = "postIdentityRoleFormValues", tags = { IdmIdentityRoleController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_UPDATE, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_UPDATE, description = "") }) })
public Resource<?> saveFormValues(@ApiParam(value = "Concept's uuid identifier or code.", required = true) @PathVariable @NotNull String backendId, @ApiParam(value = "Code of form definition (default will be used if no code is given).", required = false, defaultValue = FormService.DEFAULT_DEFINITION_CODE) @RequestParam(name = "definitionCode", required = false) String definitionCode, @RequestBody @Valid List<IdmFormValueDto> formValues) {
IdmConceptRoleRequestDto dto = getDto(backendId);
if (dto == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
}
checkAccess(dto, IdmBasePermission.UPDATE);
//
IdmFormDefinitionDto formDefinition = formDefinitionController.getDefinition(IdmConceptRoleRequest.class, definitionCode);
//
return formDefinitionController.saveFormValues(dto, formDefinition, formValues);
}
use of eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto in project CzechIdMng by bcvsolutions.
the class IdmConceptRoleRequestController method getFormValues.
/**
* Returns entity's filled form values
*
* @param backendId
* @return
*/
@ResponseBody
@RequestMapping(value = "/{backendId}/form-values", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLE_REQUEST_READ + "')")
@ApiOperation(value = "Concept form definition - read values", nickname = "getRoleFormValues", tags = { IdmIdentityRoleController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_READ, description = "") }) })
public Resource<?> getFormValues(@ApiParam(value = "Concept's uuid identifier or code.", required = true) @PathVariable @NotNull String backendId, @ApiParam(value = "Code of form definition (default will be used if no code is given).", required = false, defaultValue = FormService.DEFAULT_DEFINITION_CODE) @RequestParam(name = "definitionCode", required = false) String definitionCode) {
IdmConceptRoleRequestDto dto = getDto(backendId);
if (dto == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
}
//
IdmFormDefinitionDto formDefinition = formDefinitionController.getDefinition(IdmConceptRoleRequest.class, definitionCode);
//
return formDefinitionController.getFormValues(dto, formDefinition);
}
Aggregations