Search in sources :

Example 11 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class ProcessAllAutomaticRoleByAttributeTaskExecutor method processAutomaticRoleForContract.

/**
 * Start recalculation for automatic role. All identity roles (newly added and removed) will be added by {@link IdmRoleRequestDto}.
 * But role request is created for each contract twice. One for newly added and one for newly removed. This is now only solutions.
 *
 * @param automaticRolAttributeDto
 */
private void processAutomaticRoleForContract(IdmAutomaticRoleAttributeDto automaticRolAttributeDto) {
    UUID automaticRoleId = automaticRolAttributeDto.getId();
    // 
    // process contracts
    List<UUID> newPassedContracts = automaticRoleAttributeService.getContractsForAutomaticRole(automaticRoleId, true, null).getContent();
    List<UUID> newNotPassedContracts = automaticRoleAttributeService.getContractsForAutomaticRole(automaticRoleId, false, null).getContent();
    // 
    boolean canContinue = true;
    for (UUID contractId : newPassedContracts) {
        // Concepts that will be added
        List<IdmConceptRoleRequestDto> concepts = new ArrayList<IdmConceptRoleRequestDto>();
        // 
        IdmIdentityContractDto contract = identityContractService.get(contractId);
        // 
        IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
        concept.setIdentityContract(contract.getId());
        concept.setValidFrom(contract.getValidFrom());
        concept.setValidTill(contract.getValidTill());
        concept.setRole(automaticRolAttributeDto.getRole());
        concept.setAutomaticRole(automaticRoleId);
        concept.setOperation(ConceptRoleRequestOperation.ADD);
        concepts.add(concept);
        IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
        roleRequest.setConceptRoles(concepts);
        roleRequest.setApplicant(contract.getIdentity());
        roleRequest = roleRequestService.startConcepts(new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest), null);
        canContinue = updateState();
        if (!canContinue) {
            break;
        }
    }
    // 
    if (canContinue) {
        for (UUID contractId : newNotPassedContracts) {
            // Identity id is get from embedded identity role. This is little speedup.
            UUID identityId = null;
            // 
            IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
            filter.setIdentityContractId(contractId);
            filter.setAutomaticRoleId(automaticRoleId);
            List<IdmIdentityRoleDto> identityRoles = identityRoleService.find(filter, null).getContent();
            // Concepts that will be added
            List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(identityRoles.size());
            for (IdmIdentityRoleDto identityRole : identityRoles) {
                IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
                concept.setIdentityContract(contractId);
                concept.setRole(automaticRolAttributeDto.getRole());
                concept.setAutomaticRole(automaticRoleId);
                concept.setIdentityRole(identityRole.getId());
                concept.setOperation(ConceptRoleRequestOperation.REMOVE);
                concepts.add(concept);
                if (identityId == null) {
                    IdmIdentityContractDto contractDto = DtoUtils.getEmbedded(identityRole, IdmIdentityRole_.identityContract, IdmIdentityContractDto.class, null);
                    identityId = contractDto.getIdentity();
                }
            }
            IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
            roleRequest.setConceptRoles(concepts);
            roleRequest.setApplicant(identityId);
            roleRequest = roleRequestService.startConcepts(new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest), null);
            canContinue = updateState();
            if (!canContinue) {
                break;
            }
        }
    }
}
Also used : ArrayList(java.util.ArrayList) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) UUID(java.util.UUID) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Example 12 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class ProcessSkippedAutomaticRoleByTreeForContractTaskExecutor method removeAllAutomaticRoles.

private void removeAllAutomaticRoles(IdmIdentityContractDto invalidContract) {
    UUID contractId = invalidContract.getId();
    UUID identityId = invalidContract.getIdentity();
    // 
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setIdentityContractId(contractId);
    filter.setAutomaticRole(Boolean.TRUE);
    filter.setDirectRole(Boolean.TRUE);
    // 
    List<IdmIdentityRoleDto> contractRoles = identityRoleService.find(filter, null).getContent();
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(contractRoles.size());
    for (IdmIdentityRoleDto identityRole : contractRoles) {
        IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
        conceptRoleRequest.setIdentityRole(identityRole.getId());
        conceptRoleRequest.setAutomaticRole(identityRole.getAutomaticRole());
        conceptRoleRequest.setRole(identityRole.getRole());
        conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
        conceptRoleRequest.setIdentityContract(contractId);
        // 
        concepts.add(conceptRoleRequest);
    }
    if (concepts.isEmpty()) {
        LOG.debug("invalid contract [{}] does not have assigned roles.", contractId);
        // 
        return;
    }
    IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
    roleRequest.setState(RoleRequestState.CONCEPT);
    // without approval
    roleRequest.setExecuteImmediately(true);
    roleRequest.setApplicant(identityId);
    roleRequest.setRequestedByType(RoleRequestedByType.AUTOMATICALLY);
    roleRequest = roleRequestService.save(roleRequest);
    // 
    for (IdmConceptRoleRequestDto concept : concepts) {
        concept.setRoleRequest(roleRequest.getId());
        // 
        conceptRoleRequestService.save(concept);
    }
    // 
    // start event with skip check authorities
    RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
    requestEvent.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
    // prevent to start asynchronous event before previous update event is completed.
    requestEvent.setSuperOwnerId(identityId);
    // 
    roleRequestService.startRequestInternal(requestEvent);
}
Also used : ArrayList(java.util.ArrayList) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) UUID(java.util.UUID) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Example 13 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleAttributeService method createIdentityRoles.

/**
 * Create identity roles by request and concepts.
 *
 * @param contract
 * @param contractPosition
 * @param automaticRoles
 */
private void createIdentityRoles(IdmIdentityContractDto contract, IdmContractPositionDto contractPosition, Set<AbstractIdmAutomaticRoleDto> automaticRoles) {
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(automaticRoles.size());
    for (AbstractIdmAutomaticRoleDto autoRole : automaticRoles) {
        IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
        concept.setIdentityContract(contract.getId());
        concept.setValidFrom(contract.getValidFrom());
        concept.setValidTill(contract.getValidTill());
        concept.setRole(autoRole.getRole());
        concept.setAutomaticRole(autoRole.getId());
        concept.setOperation(ConceptRoleRequestOperation.ADD);
        concepts.add(concept);
    }
    // 
    IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
    roleRequest.setConceptRoles(concepts);
    roleRequest.setApplicant(contract.getIdentity());
    roleRequest = roleRequestService.startConcepts(new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest), null);
}
Also used : ArrayList(java.util.ArrayList) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) AbstractIdmAutomaticRoleDto(eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Example 14 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class RemoveRoleCompositionTaskExecutor method processItem.

@Override
public Optional<OperationResult> processItem(IdmIdentityRoleDto identityRole) {
    try {
        // create request
        IdmIdentityContractDto contract = DtoUtils.getEmbedded(identityRole, IdmIdentityRole_.identityContract);
        UUID identityId = contract.getIdentity();
        IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
        roleRequest.setState(RoleRequestState.CONCEPT);
        // without approval
        roleRequest.setExecuteImmediately(true);
        roleRequest.setApplicant(identityId);
        roleRequest.setRequestedByType(RoleRequestedByType.AUTOMATICALLY);
        roleRequest = roleRequestService.save(roleRequest);
        // create concepts
        createConcepts(roleRequest, new ArrayList<>(), identityRole);
        // start event with skip check authorities
        RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
        requestEvent.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
        // prevent to start asynchronous event before previous update event is completed.
        requestEvent.setSuperOwnerId(identityId);
        // 
        roleRequestService.startRequestInternal(requestEvent);
        // 
        return Optional.of(new OperationResult.Builder(OperationState.EXECUTED).build());
    } catch (Exception ex) {
        return Optional.of(new OperationResult.Builder(OperationState.EXCEPTION).setModel(new DefaultResultModel(CoreResultCode.ROLE_COMPOSITION_ASSIGNED_ROLE_REMOVAL_FAILED, ImmutableMap.of("identityRole", identityRole.getId().toString()))).setCause(ex).build());
    }
}
Also used : DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) UUID(java.util.UUID) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException)

Example 15 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class IdentityRoleByIdentityDeduplicationBulkAction method processDto.

@Override
protected OperationResult processDto(IdmIdentityDto identity) {
    UUID identityId = identity.getId();
    // Result will be list of concepts.
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>();
    List<IdmIdentityContractDto> contracts = identityContractService.findAllValidForDate(identityId, LocalDate.now(), null);
    for (IdmIdentityContractDto contract : contracts) {
        // Check access for contract.
        try {
            identityContractService.checkAccess(contract, PermissionUtils.toPermissions(getAuthoritiesForIdentityContract()).toArray(new BasePermission[] {}));
        } catch (ForbiddenEntityException e) {
            continue;
        }
        // Process deduplication per identity contract.
        concepts.addAll(processDuplicitiesForContract(contract));
    }
    // If result is empty for identity will be removed any roles.
    if (concepts.isEmpty()) {
        return new OperationResult.Builder(OperationState.EXECUTED).build();
    }
    IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
    roleRequest.setApplicant(identityId);
    roleRequest.setRequestedByType(RoleRequestedByType.MANUALLY);
    roleRequest.setLog("Request was created by bulk action (deduplication).");
    // if set approve, dont execute immediately
    roleRequest.setExecuteImmediately(!isApprove());
    roleRequest = roleRequestService.save(roleRequest, IdmBasePermission.CREATE);
    for (IdmConceptRoleRequestDto concept : concepts) {
        concept.setRoleRequest(roleRequest.getId());
        concept = conceptRoleRequestService.save(concept, IdmBasePermission.CREATE);
    }
    Map<String, Serializable> properties = new HashMap<>();
    properties.put(RoleRequestApprovalProcessor.CHECK_RIGHT_PROPERTY, Boolean.TRUE);
    RoleRequestEvent event = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest, properties);
    event.setPriority(PriorityType.HIGH);
    IdmRoleRequestDto request = roleRequestService.startRequestInternal(event);
    // 
    if (request.getState() == RoleRequestState.EXECUTED) {
        return new OperationResult.Builder(OperationState.EXECUTED).build();
    } else {
        return new OperationResult.Builder(OperationState.CREATED).build();
    }
}
Also used : Serializable(java.io.Serializable) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission) IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) UUID(java.util.UUID) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ForbiddenEntityException(eu.bcvsolutions.idm.core.api.exception.ForbiddenEntityException)

Aggregations

RoleRequestEvent (eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)34 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)33 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)26 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)21 UUID (java.util.UUID)21 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)16 ArrayList (java.util.ArrayList)13 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)12 DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)10 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)10 IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)10 Serializable (java.io.Serializable)10 HashMap (java.util.HashMap)10 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)7 ConceptRoleRequestOperation (eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)6 CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)6 OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)6 AbstractIdmAutomaticRoleDto (eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto)6 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)6 Transactional (org.springframework.transaction.annotation.Transactional)6