Examples with RoleRequestEvent eu.bcvsolutions.idm.core.model.event.RoleRequestEvent used on opensource projects

Example 16 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestService method executeConceptsImmediate.

@Override
@Transactional
public IdmRoleRequestDto executeConceptsImmediate(UUID applicant, List<IdmConceptRoleRequestDto> concepts, Map<String, Serializable> additionalProperties) {
    if (concepts == null || concepts.isEmpty()) {
        LOG.debug("No concepts are given, request for applicant [{}] will be not executed, returning null.", applicant);
        // 
        return null;
    }
    Assert.notNull(applicant, "Applicant is required.");
    // 
    IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
    roleRequest.setState(RoleRequestState.CONCEPT);
    // without approval
    roleRequest.setExecuteImmediately(true);
    roleRequest.setApplicant(applicant);
    roleRequest.setRequestedByType(RoleRequestedByType.AUTOMATICALLY);
    roleRequest = save(roleRequest);
    // 
    for (IdmConceptRoleRequestDto concept : concepts) {
        concept.setRoleRequest(roleRequest.getId());
        // 
        roleRequest.getConceptRoles().add(conceptRoleRequestService.save(concept));
    }
    // 
    // start event with skip check authorities
    RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
    requestEvent.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
    // execute request synchronously (asynchronicity schould be added from outside).
    requestEvent.setPriority(PriorityType.IMMEDIATE);
    // Add additional properties
    if (additionalProperties != null) {
        requestEvent.getProperties().putAll(additionalProperties);
    }
    // 
    return startRequestInternal(requestEvent);
}

Example 17 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestService method executeRequest.

@Override
@Transactional
public IdmRoleRequestDto executeRequest(UUID requestId) {
    // We can`t catch and log exception to request, because this transaction will be
    // marked as to rollback.
    // We can`t run this method in new transaction, because changes on request
    // (state modified in WF for example) is in uncommited transaction!
    // 
    // prepare request event
    Assert.notNull(requestId, "Role request ID is required!");
    IdmRoleRequestDto request = this.get(requestId, new IdmRoleRequestFilter(true));
    Assert.notNull(request, "Role request is required!");
    RoleRequestEvent event = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, request);
    // 
    return this.executeRequestInternal(event);
}

Example 18 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class RoleSynchronizationExecutor method syncEnd.

@Override
protected void syncEnd(SysSyncLogDto log, SynchronizationContext syncContext) {
    // Execute all role-requests for this sync.
    getRoleRequestCache().values().forEach(roleRequestId -> {
        IdmRoleRequestDto roleRequestDto = roleRequestService.get(roleRequestId);
        if (roleRequestDto == null) {
            log.addToLog(MessageFormat.format("Role-request with ID [{1}] was not found with result!!!", roleRequestId));
            return;
        }
        Map<String, Serializable> properties = new HashMap<>();
        properties.put(RoleRequestApprovalProcessor.CHECK_RIGHT_PROPERTY, Boolean.TRUE);
        RoleRequestEvent event = new RoleRequestEvent(RoleRequestEvent.RoleRequestEventType.EXCECUTE, roleRequestDto, properties);
        // Async start of request.
        roleRequestDto = roleRequestService.startRequestInternal(event);
        IdmIdentityDto applicant = DtoUtils.getEmbedded(roleRequestDto, IdmRoleRequest_.applicant, IdmIdentityDto.class);
        log.addToLog(MessageFormat.format("Role-request with ID [{1}] for applicant [{0}] was executed with result [{2}].", applicant.getUsername(), roleRequestDto.getId(), roleRequestDto.getState().name()));
    });
    super.syncEnd(log, syncContext);
}

Example 19 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class IdentityContractDeleteProcessor method process.

@Override
public EventResult<IdmIdentityContractDto> process(EntityEvent<IdmIdentityContractDto> event) {
    IdmIdentityContractDto contract = event.getContent();
    UUID contractId = contract.getId();
    Assert.notNull(contractId, "Contract must have a ID!");
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // 
    // check contract can be deleted - cannot be deleted, when is controlled by slices
    IdmContractSliceFilter sliceFilter = new IdmContractSliceFilter();
    sliceFilter.setParentContract(contractId);
    if (contractSliceService.find(sliceFilter, null).getTotalElements() > 0) {
        // Cannot be enforced => contract cannot be deleted at all.
        throw new ResultCodeException(CoreResultCode.CONTRACT_IS_CONTROLLED_CANNOT_BE_DELETED, ImmutableMap.of("contractId", contractId));
    }
    // 
    // Find all concepts and remove relation on contract
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setIdentityContractId(contractId);
    conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("IdentityContract [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", contractId, concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityContract [{1}] was deleted (not from this role request)!", concept.getId(), contractId);
            // Cancel concept and WF
            concept = conceptRequestService.cancel(concept);
        }
        IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
        roleRequestService.addToLog(request, message);
        conceptRequestService.addToLog(concept, message);
        roleRequestService.save(request);
        conceptRequestService.save(concept);
    });
    // 
    // delete referenced roles
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>();
    identityRoleService.findAllByContract(contractId).forEach(identityRole -> {
        // but automatic roles has to be removed in the same request.
        if (identityRole.getDirectRole() == null) {
            IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
            conceptRoleRequest.setIdentityRole(identityRole.getId());
            conceptRoleRequest.setRole(identityRole.getRole());
            conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
            // ignore not found
            conceptRoleRequest.setIdentityContract(contractId);
            // 
            concepts.add(conceptRoleRequest);
        }
    });
    if (forceDelete) {
        // ~ async with force
        IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
        roleRequest.setApplicant(contract.getIdentity());
        roleRequest.setConceptRoles(concepts);
        // 
        RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
        requestEvent.setPriority(PriorityType.HIGH);
        // 
        roleRequestService.startConcepts(requestEvent, event);
    } else {
        // ~ sync
        roleRequestService.executeConceptsImmediate(contract.getIdentity(), concepts);
    }
    // delete contract guarantees
    IdmContractGuaranteeFilter filter = new IdmContractGuaranteeFilter();
    filter.setIdentityContractId(contractId);
    contractGuaranteeService.find(filter, null).forEach(guarantee -> {
        contractGuaranteeService.delete(guarantee);
    });
    // delete contract positions
    IdmContractPositionFilter positionFilter = new IdmContractPositionFilter();
    positionFilter.setIdentityContractId(contractId);
    contractPositionService.find(positionFilter, null).forEach(position -> {
        contractPositionService.delete(position);
    });
    // 
    // delete all contract's delegations
    IdmDelegationDefinitionFilter delegationFilter = new IdmDelegationDefinitionFilter();
    delegationFilter.setDelegatorContractId(contractId);
    delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
        delegationDefinitionService.delete(delegation);
    });
    // delete identity contract
    if (forceDelete) {
        LOG.debug("Contract [{}] should be deleted by caller after all asynchronus processes are completed.", contractId);
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(contract, stateDeleted);
        // 
        // set disabled
        contract.setState(ContractState.DISABLED);
        service.saveInternal(contract);
    } else {
        service.deleteInternal(contract);
    }
    return new DefaultEventResult<>(event, this);
}

Example 20 with RoleRequestEvent

use of eu.bcvsolutions.idm.core.model.event.RoleRequestEvent in project CzechIdMng by bcvsolutions.

the class ContractPositionAutomaticRoleProcessor method process.

@Override
public EventResult<IdmContractPositionDto> process(EntityEvent<IdmContractPositionDto> event) {
    // flag can be processed afterwards
    if (getBooleanProperty(AutomaticRoleManager.SKIP_RECALCULATION, event.getProperties())) {
        IdmContractPositionDto contractPosition = event.getContent();
        LOG.debug("Automatic roles are skipped for position [{}], state [AUTOMATIC_ROLE_SKIPPED] for position will be created only.", contractPosition.getId());
        // 
        entityStateManager.createState(contractPosition, OperationState.BLOCKED, CoreResultCode.AUTOMATIC_ROLE_SKIPPED, null);
        // 
        return new DefaultEventResult<>(event, this);
    }
    // 
    IdmContractPositionDto contractPosition = event.getContent();
    IdmIdentityContractDto contract = DtoUtils.getEmbedded(contractPosition, IdmContractPosition_.identityContract);
    // 
    UUID newPosition = contractPosition.getWorkPosition();
    // 
    // check automatic roles - if position or contract was enabled
    // work positions has some difference or validity changes
    List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByContractPosition(contractPosition.getId());
    // and automatic roles given by contracts position
    if (!assignedRoles.isEmpty()) {
        assignedRoles = assignedRoles.stream().filter(autoRole -> {
            // just for sure, other contract position supports automatic role by tree structure only for now
            AbstractIdmAutomaticRoleDto automaticRoleDto = DtoUtils.getEmbedded(autoRole, IdmIdentityRole_.automaticRole, (AbstractIdmAutomaticRoleDto) null);
            if (automaticRoleDto instanceof IdmRoleTreeNodeDto) {
                return true;
            }
            return false;
        }).collect(Collectors.toList());
    }
    // 
    Set<UUID> previousAutomaticRoles = assignedRoles.stream().filter(identityRole -> {
        return identityRole.getAutomaticRole() != null;
    }).map(identityRole -> {
        return identityRole.getAutomaticRole();
    }).collect(Collectors.toSet());
    Set<IdmRoleTreeNodeDto> addedAutomaticRoles = new HashSet<>();
    if (newPosition != null) {
        addedAutomaticRoles = roleTreeNodeService.getAutomaticRolesByTreeNode(newPosition);
    }
    // prevent to remove newly added or still exists roles
    Set<UUID> removedAutomaticRoles = new HashSet<>(previousAutomaticRoles);
    removedAutomaticRoles.removeAll(addedAutomaticRoles.stream().map(IdmRoleTreeNodeDto::getId).collect(Collectors.toList()));
    addedAutomaticRoles.removeIf(a -> {
        return previousAutomaticRoles.contains(a.getId());
    });
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(removedAutomaticRoles.size() + addedAutomaticRoles.size());
    // 
    for (UUID removedAutomaticRole : removedAutomaticRoles) {
        Iterator<IdmIdentityRoleDto> iter = assignedRoles.iterator();
        while (iter.hasNext()) {
            IdmIdentityRoleDto identityRole = iter.next();
            if (Objects.equals(identityRole.getAutomaticRole(), removedAutomaticRole)) {
                // check, if role will be added by new automatic roles and prevent removing
                IdmRoleTreeNodeDto addedAutomaticRole = getByRole(identityRole.getRole(), addedAutomaticRoles);
                if (addedAutomaticRole == null) {
                    // remove assigned role
                    IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
                    conceptRoleRequest.setIdentityRole(identityRole.getId());
                    conceptRoleRequest.setRole(identityRole.getRole());
                    conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
                    // 
                    concepts.add(conceptRoleRequest);
                    // 
                    iter.remove();
                } else {
                    // change relation only
                    IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
                    conceptRoleRequest.setIdentityRole(identityRole.getId());
                    conceptRoleRequest.setAutomaticRole(addedAutomaticRole.getId());
                    conceptRoleRequest.setIdentityContract(contract.getId());
                    conceptRoleRequest.setContractPosition(contractPosition.getId());
                    conceptRoleRequest.setValidFrom(contract.getValidFrom());
                    conceptRoleRequest.setValidTill(contract.getValidTill());
                    conceptRoleRequest.setRole(identityRole.getRole());
                    conceptRoleRequest.setOperation(ConceptRoleRequestOperation.UPDATE);
                    // 
                    concepts.add(conceptRoleRequest);
                    // 
                    // new automatic role is not needed
                    addedAutomaticRoles.remove(addedAutomaticRole);
                }
            }
        }
    }
    // add identity roles
    for (AbstractIdmAutomaticRoleDto autoRole : addedAutomaticRoles) {
        IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
        conceptRoleRequest.setIdentityContract(contract.getId());
        conceptRoleRequest.setContractPosition(contractPosition.getId());
        conceptRoleRequest.setValidFrom(contract.getValidFrom());
        conceptRoleRequest.setValidTill(contract.getValidTill());
        conceptRoleRequest.setRole(autoRole.getRole());
        conceptRoleRequest.setAutomaticRole(autoRole.getId());
        conceptRoleRequest.setOperation(ConceptRoleRequestOperation.ADD);
        // 
        concepts.add(conceptRoleRequest);
    }
    // 
    if (!concepts.isEmpty()) {
        IdmRoleRequestDto roleRequest = (IdmRoleRequestDto) event.getProperties().get(IdentityContractUpdateByAutomaticRoleProcessor.EVENT_PROPERTY_REQUEST);
        if (roleRequest != null) {
            // add concept into single request
            // single request will be executed by parent event
            roleRequest.getConceptRoles().addAll(concepts);
        } else {
            // execute new request
            roleRequest = new IdmRoleRequestDto();
            roleRequest.setConceptRoles(concepts);
            roleRequest.setApplicant(contract.getIdentity());
            roleRequest = roleRequestService.startConcepts(new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest), event);
        }
        event.getProperties().put(IdentityContractUpdateByAutomaticRoleProcessor.EVENT_PROPERTY_REQUEST, roleRequest);
    }
    // 
    return new DefaultEventResult<>(event, this);
}