use of eu.bcvsolutions.idm.ic.api.IcAttribute in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method generateUID.
/**
* Generate UID value from mapped attribute marked as UID (Unique ID). UID
* mapped attribute must exist and returned value must be not null and must be
* String.
*
* If is generated UID in the context, then will used.
*
* @param context
* @return
*/
private String generateUID(SynchronizationContext context) {
Assert.notNull(context, "Context is required!");
SysSystemDto system = context.getSystem();
List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
String generatedUid = context.getGeneratedUid();
if (generatedUid == null) {
context.addGeneratedUid(systemAttributeMappingService.getUidValueFromResource(icAttributes, mappedAttributes, system));
}
return context.getGeneratedUid();
}
use of eu.bcvsolutions.idm.ic.api.IcAttribute in project CzechIdMng by bcvsolutions.
the class ContractSynchronizationExecutor method fillEntity.
/**
* Fill entity with attributes from IC module (by mapped attributes).
*
* @param mappedAttributes
* @param uid
* @param icAttributes
* @param entity
* @param create
* (is create or update entity situation)
* @param context
* @return
*/
protected IdmIdentityContractDto fillEntity(List<SysSystemAttributeMappingDto> mappedAttributes, String uid, List<IcAttribute> icAttributes, IdmIdentityContractDto dto, boolean create, SynchronizationContext context) {
mappedAttributes.stream().filter(attribute -> {
// Skip disabled attributes
// Skip extended attributes (we need update/ create entity first)
// Skip confidential attributes (we need update/ create entity
// first)
boolean fastResult = !attribute.isDisabledAttribute() && attribute.isEntityAttribute() && !attribute.isConfidentialAttribute();
if (!fastResult) {
return false;
}
// Can be value set by attribute strategy?
return this.canSetValue(uid, attribute, dto, create);
}).forEach(attribute -> {
String attributeProperty = attribute.getIdmPropertyName();
Object transformedValue = getValueByMappedAttribute(attribute, icAttributes, context);
// they), but to the embedded map.
if (CONTRACT_GUARANTEES_FIELD.equals(attributeProperty)) {
if (transformedValue instanceof SyncIdentityContractDto) {
dto.getEmbedded().put(SYNC_CONTRACT_FIELD, (SyncIdentityContractDto) transformedValue);
} else {
dto.getEmbedded().put(SYNC_CONTRACT_FIELD, new SyncIdentityContractDto());
}
return;
}
// Set transformed value from target system to entity
try {
EntityUtils.setEntityValue(dto, attributeProperty, transformedValue);
} catch (IntrospectionException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | ProvisioningException e) {
throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_IDM_FIELD_NOT_SET, ImmutableMap.of("property", attributeProperty, "uid", uid), e);
}
});
return dto;
}
use of eu.bcvsolutions.idm.ic.api.IcAttribute in project CzechIdMng by bcvsolutions.
the class TreeSynchronizationExecutor method doUpdateEntity.
/**
* Fill data from IC attributes to entity (EAV and confidential storage too)
*
* @param account
* @param entityType
* @param uid
* @param icAttributes
* @param mappedAttributes
* @param log
* @param logItem
* @param actionLogs
*/
@Override
protected void doUpdateEntity(SynchronizationContext context) {
String uid = context.getUid();
SysSyncLogDto log = context.getLog();
SysSyncItemLogDto logItem = context.getLogItem();
List<SysSyncActionLogDto> actionLogs = context.getActionLogs();
List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
AccAccountDto account = context.getAccount();
List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
UUID entityId = getEntityByAccount(account.getId());
IdmTreeNodeDto treeNode = null;
if (entityId != null) {
treeNode = treeNodeService.get(entityId);
}
if (treeNode != null) {
// Update entity
treeNode = fillEntity(mappedAttributes, uid, icAttributes, treeNode, false, context);
treeNode = this.save(treeNode, true);
// Update extended attribute (entity must be persisted first)
updateExtendedAttributes(mappedAttributes, uid, icAttributes, treeNode, false, context);
// Update confidential attribute (entity must be persisted first)
updateConfidentialAttributes(mappedAttributes, uid, icAttributes, treeNode, false, context);
// TreeNode Updated
addToItemLog(logItem, MessageFormat.format("TreeNode with id {0} was updated", treeNode.getId()));
if (logItem != null) {
logItem.setDisplayName(treeNode.getName());
}
// Call provisioning for entity
this.callProvisioningForEntity(treeNode, context.getEntityType(), logItem);
return;
} else {
addToItemLog(logItem, "Tree - account relation (with ownership = true) was not found!");
initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, log, actionLogs);
return;
}
}
use of eu.bcvsolutions.idm.ic.api.IcAttribute in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method replaceGuardedStrings.
/**
* Replaces GuardedStrings as ConfidentialStrings in given {@link ProvisioningContext}.
*
* TODO: don't update accountObject in provisioningOperation (needs attribute defensive clone)
*
* @param context
* @return Returns values (key / value) to store in confidential storage.
*/
protected Map<String, Serializable> replaceGuardedStrings(ProvisioningContext context) {
try {
Map<String, Serializable> confidentialValues = new HashMap<>();
if (context == null) {
return confidentialValues;
}
//
Map<ProvisioningAttributeDto, Object> accountObject = context.getAccountObject();
if (accountObject != null) {
for (Entry<ProvisioningAttributeDto, Object> entry : accountObject.entrySet()) {
if (entry.getValue() == null) {
continue;
}
Object idmValue = entry.getValue();
// single value
if (idmValue instanceof GuardedString) {
GuardedString guardedString = (GuardedString) entry.getValue();
// save value into confidential storage
String confidentialStorageKey = createAccountObjectPropertyKey(entry.getKey().getKey(), 0);
confidentialValues.put(confidentialStorageKey, guardedString.asString());
accountObject.put(entry.getKey(), new ConfidentialString(confidentialStorageKey));
} else // array
if (idmValue.getClass().isArray()) {
if (!idmValue.getClass().getComponentType().isPrimitive()) {
// objects only, we dont want pto proces byte, boolean etc.
Object[] idmValues = (Object[]) idmValue;
List<ConfidentialString> processedValues = new ArrayList<>();
for (int j = 0; j < idmValues.length; j++) {
Object singleValue = idmValues[j];
if (singleValue instanceof GuardedString) {
GuardedString guardedString = (GuardedString) singleValue;
// save value into confidential storage
String confidentialStorageKey = createAccountObjectPropertyKey(entry.getKey().getKey(), j);
confidentialValues.put(confidentialStorageKey, guardedString.asString());
processedValues.add(new ConfidentialString(confidentialStorageKey));
}
}
if (!processedValues.isEmpty()) {
accountObject.put(entry.getKey(), processedValues.toArray(new ConfidentialString[processedValues.size()]));
}
}
} else // collection
if (idmValue instanceof Collection) {
Collection<?> idmValues = (Collection<?>) idmValue;
List<ConfidentialString> processedValues = new ArrayList<>();
idmValues.forEach(singleValue -> {
if (singleValue instanceof GuardedString) {
GuardedString guardedString = (GuardedString) singleValue;
// save value into confidential storage
String confidentialStorageKey = createAccountObjectPropertyKey(entry.getKey().getKey(), processedValues.size());
confidentialValues.put(confidentialStorageKey, guardedString.asString());
processedValues.add(new ConfidentialString(confidentialStorageKey));
}
});
if (!processedValues.isEmpty()) {
accountObject.put(entry.getKey(), processedValues);
}
}
}
}
//
IcConnectorObject connectorObject = context.getConnectorObject();
if (connectorObject != null) {
for (IcAttribute attribute : connectorObject.getAttributes()) {
if (attribute.getValues() != null) {
for (int j = 0; j < attribute.getValues().size(); j++) {
Object attributeValue = attribute.getValues().get(j);
if (attributeValue instanceof GuardedString) {
GuardedString guardedString = (GuardedString) attributeValue;
String confidentialStorageKey = createConnectorObjectPropertyKey(attribute, j);
confidentialValues.put(confidentialStorageKey, guardedString.asString());
attribute.getValues().set(j, new ConfidentialString(confidentialStorageKey));
}
}
}
}
}
//
return confidentialValues;
} catch (Exception ex) {
throw new CoreException("Replace guarded strings for provisioning operation failed.", ex);
}
}
use of eu.bcvsolutions.idm.ic.api.IcAttribute in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemAttributeMappingService method getValueByMappedAttribute.
@Override
public Object getValueByMappedAttribute(AttributeMapping attribute, List<IcAttribute> icAttributes) {
Object icValue = null;
Optional<IcAttribute> optionalIcAttribute = icAttributes.stream().filter(icAttribute -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
return schemaAttributeDto.getName().equals(icAttribute.getName());
}).findFirst();
if (optionalIcAttribute.isPresent()) {
IcAttribute icAttribute = optionalIcAttribute.get();
if (icAttribute.isMultiValue()) {
icValue = icAttribute.getValues();
} else {
icValue = icAttribute.getValue();
}
}
Object transformedValue = this.transformValueFromResource(icValue, attribute, icAttributes);
return transformedValue;
}
Aggregations