use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleRequestService method executeConceptsImmediate.
@Override
@Transactional
public IdmRoleRequestDto executeConceptsImmediate(UUID applicant, List<IdmConceptRoleRequestDto> concepts, Map<String, Serializable> additionalProperties) {
if (concepts == null || concepts.isEmpty()) {
LOG.debug("No concepts are given, request for applicant [{}] will be not executed, returning null.", applicant);
//
return null;
}
Assert.notNull(applicant, "Applicant is required.");
//
IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
roleRequest.setState(RoleRequestState.CONCEPT);
// without approval
roleRequest.setExecuteImmediately(true);
roleRequest.setApplicant(applicant);
roleRequest.setRequestedByType(RoleRequestedByType.AUTOMATICALLY);
roleRequest = save(roleRequest);
//
for (IdmConceptRoleRequestDto concept : concepts) {
concept.setRoleRequest(roleRequest.getId());
//
roleRequest.getConceptRoles().add(conceptRoleRequestService.save(concept));
}
//
// start event with skip check authorities
RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
requestEvent.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
// execute request synchronously (asynchronicity schould be added from outside).
requestEvent.setPriority(PriorityType.IMMEDIATE);
// Add additional properties
if (additionalProperties != null) {
requestEvent.getProperties().putAll(additionalProperties);
}
//
return startRequestInternal(requestEvent);
}
use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleRequestService method executeRequest.
@Override
@Transactional
public IdmRoleRequestDto executeRequest(UUID requestId) {
// We can`t catch and log exception to request, because this transaction will be
// marked as to rollback.
// We can`t run this method in new transaction, because changes on request
// (state modified in WF for example) is in uncommited transaction!
//
// prepare request event
Assert.notNull(requestId, "Role request ID is required!");
IdmRoleRequestDto request = this.get(requestId, new IdmRoleRequestFilter(true));
Assert.notNull(request, "Role request is required!");
RoleRequestEvent event = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, request);
//
return this.executeRequestInternal(event);
}
use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.
the class RoleSynchronizationExecutor method syncEnd.
@Override
protected void syncEnd(SysSyncLogDto log, SynchronizationContext syncContext) {
// Execute all role-requests for this sync.
getRoleRequestCache().values().forEach(roleRequestId -> {
IdmRoleRequestDto roleRequestDto = roleRequestService.get(roleRequestId);
if (roleRequestDto == null) {
log.addToLog(MessageFormat.format("Role-request with ID [{1}] was not found with result!!!", roleRequestId));
return;
}
Map<String, Serializable> properties = new HashMap<>();
properties.put(RoleRequestApprovalProcessor.CHECK_RIGHT_PROPERTY, Boolean.TRUE);
RoleRequestEvent event = new RoleRequestEvent(RoleRequestEvent.RoleRequestEventType.EXCECUTE, roleRequestDto, properties);
// Async start of request.
roleRequestDto = roleRequestService.startRequestInternal(event);
IdmIdentityDto applicant = DtoUtils.getEmbedded(roleRequestDto, IdmRoleRequest_.applicant, IdmIdentityDto.class);
log.addToLog(MessageFormat.format("Role-request with ID [{1}] for applicant [{0}] was executed with result [{2}].", applicant.getUsername(), roleRequestDto.getId(), roleRequestDto.getState().name()));
});
super.syncEnd(log, syncContext);
}
use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.
the class IdentityContractDeleteProcessor method process.
@Override
public EventResult<IdmIdentityContractDto> process(EntityEvent<IdmIdentityContractDto> event) {
IdmIdentityContractDto contract = event.getContent();
UUID contractId = contract.getId();
Assert.notNull(contractId, "Contract must have a ID!");
boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
//
// check contract can be deleted - cannot be deleted, when is controlled by slices
IdmContractSliceFilter sliceFilter = new IdmContractSliceFilter();
sliceFilter.setParentContract(contractId);
if (contractSliceService.find(sliceFilter, null).getTotalElements() > 0) {
// Cannot be enforced => contract cannot be deleted at all.
throw new ResultCodeException(CoreResultCode.CONTRACT_IS_CONTROLLED_CANNOT_BE_DELETED, ImmutableMap.of("contractId", contractId));
}
//
// Find all concepts and remove relation on contract
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setIdentityContractId(contractId);
conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("IdentityContract [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", contractId, concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityContract [{1}] was deleted (not from this role request)!", concept.getId(), contractId);
// Cancel concept and WF
concept = conceptRequestService.cancel(concept);
}
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
roleRequestService.addToLog(request, message);
conceptRequestService.addToLog(concept, message);
roleRequestService.save(request);
conceptRequestService.save(concept);
});
//
// delete referenced roles
List<IdmConceptRoleRequestDto> concepts = new ArrayList<>();
identityRoleService.findAllByContract(contractId).forEach(identityRole -> {
// but automatic roles has to be removed in the same request.
if (identityRole.getDirectRole() == null) {
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
// ignore not found
conceptRoleRequest.setIdentityContract(contractId);
//
concepts.add(conceptRoleRequest);
}
});
if (forceDelete) {
// ~ async with force
IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
roleRequest.setApplicant(contract.getIdentity());
roleRequest.setConceptRoles(concepts);
//
RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
requestEvent.setPriority(PriorityType.HIGH);
//
roleRequestService.startConcepts(requestEvent, event);
} else {
// ~ sync
roleRequestService.executeConceptsImmediate(contract.getIdentity(), concepts);
}
// delete contract guarantees
IdmContractGuaranteeFilter filter = new IdmContractGuaranteeFilter();
filter.setIdentityContractId(contractId);
contractGuaranteeService.find(filter, null).forEach(guarantee -> {
contractGuaranteeService.delete(guarantee);
});
// delete contract positions
IdmContractPositionFilter positionFilter = new IdmContractPositionFilter();
positionFilter.setIdentityContractId(contractId);
contractPositionService.find(positionFilter, null).forEach(position -> {
contractPositionService.delete(position);
});
//
// delete all contract's delegations
IdmDelegationDefinitionFilter delegationFilter = new IdmDelegationDefinitionFilter();
delegationFilter.setDelegatorContractId(contractId);
delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
delegationDefinitionService.delete(delegation);
});
// delete identity contract
if (forceDelete) {
LOG.debug("Contract [{}] should be deleted by caller after all asynchronus processes are completed.", contractId);
//
// dirty flag only - will be processed after asynchronous events ends
IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
stateDeleted.setEvent(event.getId());
stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
entityStateManager.saveState(contract, stateDeleted);
//
// set disabled
contract.setState(ContractState.DISABLED);
service.saveInternal(contract);
} else {
service.deleteInternal(contract);
}
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.
the class ContractPositionAutomaticRoleProcessor method process.
@Override
public EventResult<IdmContractPositionDto> process(EntityEvent<IdmContractPositionDto> event) {
// flag can be processed afterwards
if (getBooleanProperty(AutomaticRoleManager.SKIP_RECALCULATION, event.getProperties())) {
IdmContractPositionDto contractPosition = event.getContent();
LOG.debug("Automatic roles are skipped for position [{}], state [AUTOMATIC_ROLE_SKIPPED] for position will be created only.", contractPosition.getId());
//
entityStateManager.createState(contractPosition, OperationState.BLOCKED, CoreResultCode.AUTOMATIC_ROLE_SKIPPED, null);
//
return new DefaultEventResult<>(event, this);
}
//
IdmContractPositionDto contractPosition = event.getContent();
IdmIdentityContractDto contract = DtoUtils.getEmbedded(contractPosition, IdmContractPosition_.identityContract);
//
UUID newPosition = contractPosition.getWorkPosition();
//
// check automatic roles - if position or contract was enabled
// work positions has some difference or validity changes
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByContractPosition(contractPosition.getId());
// and automatic roles given by contracts position
if (!assignedRoles.isEmpty()) {
assignedRoles = assignedRoles.stream().filter(autoRole -> {
// just for sure, other contract position supports automatic role by tree structure only for now
AbstractIdmAutomaticRoleDto automaticRoleDto = DtoUtils.getEmbedded(autoRole, IdmIdentityRole_.automaticRole, (AbstractIdmAutomaticRoleDto) null);
if (automaticRoleDto instanceof IdmRoleTreeNodeDto) {
return true;
}
return false;
}).collect(Collectors.toList());
}
//
Set<UUID> previousAutomaticRoles = assignedRoles.stream().filter(identityRole -> {
return identityRole.getAutomaticRole() != null;
}).map(identityRole -> {
return identityRole.getAutomaticRole();
}).collect(Collectors.toSet());
Set<IdmRoleTreeNodeDto> addedAutomaticRoles = new HashSet<>();
if (newPosition != null) {
addedAutomaticRoles = roleTreeNodeService.getAutomaticRolesByTreeNode(newPosition);
}
// prevent to remove newly added or still exists roles
Set<UUID> removedAutomaticRoles = new HashSet<>(previousAutomaticRoles);
removedAutomaticRoles.removeAll(addedAutomaticRoles.stream().map(IdmRoleTreeNodeDto::getId).collect(Collectors.toList()));
addedAutomaticRoles.removeIf(a -> {
return previousAutomaticRoles.contains(a.getId());
});
List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(removedAutomaticRoles.size() + addedAutomaticRoles.size());
//
for (UUID removedAutomaticRole : removedAutomaticRoles) {
Iterator<IdmIdentityRoleDto> iter = assignedRoles.iterator();
while (iter.hasNext()) {
IdmIdentityRoleDto identityRole = iter.next();
if (Objects.equals(identityRole.getAutomaticRole(), removedAutomaticRole)) {
// check, if role will be added by new automatic roles and prevent removing
IdmRoleTreeNodeDto addedAutomaticRole = getByRole(identityRole.getRole(), addedAutomaticRoles);
if (addedAutomaticRole == null) {
// remove assigned role
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
//
concepts.add(conceptRoleRequest);
//
iter.remove();
} else {
// change relation only
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setAutomaticRole(addedAutomaticRole.getId());
conceptRoleRequest.setIdentityContract(contract.getId());
conceptRoleRequest.setContractPosition(contractPosition.getId());
conceptRoleRequest.setValidFrom(contract.getValidFrom());
conceptRoleRequest.setValidTill(contract.getValidTill());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.UPDATE);
//
concepts.add(conceptRoleRequest);
//
// new automatic role is not needed
addedAutomaticRoles.remove(addedAutomaticRole);
}
}
}
}
// add identity roles
for (AbstractIdmAutomaticRoleDto autoRole : addedAutomaticRoles) {
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityContract(contract.getId());
conceptRoleRequest.setContractPosition(contractPosition.getId());
conceptRoleRequest.setValidFrom(contract.getValidFrom());
conceptRoleRequest.setValidTill(contract.getValidTill());
conceptRoleRequest.setRole(autoRole.getRole());
conceptRoleRequest.setAutomaticRole(autoRole.getId());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.ADD);
//
concepts.add(conceptRoleRequest);
}
//
if (!concepts.isEmpty()) {
IdmRoleRequestDto roleRequest = (IdmRoleRequestDto) event.getProperties().get(IdentityContractUpdateByAutomaticRoleProcessor.EVENT_PROPERTY_REQUEST);
if (roleRequest != null) {
// add concept into single request
// single request will be executed by parent event
roleRequest.getConceptRoles().addAll(concepts);
} else {
// execute new request
roleRequest = new IdmRoleRequestDto();
roleRequest.setConceptRoles(concepts);
roleRequest.setApplicant(contract.getIdentity());
roleRequest = roleRequestService.startConcepts(new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest), event);
}
event.getProperties().put(IdentityContractUpdateByAutomaticRoleProcessor.EVENT_PROPERTY_REQUEST, roleRequest);
}
//
return new DefaultEventResult<>(event, this);
}
Aggregations