Examples with IcConnectorObject eu.bcvsolutions.idm.ic.api.IcConnectorObject used on opensource projects

Search in sources :

Example 6 with IcConnectorObject

use of eu.bcvsolutions.idm.ic.api.IcConnectorObject in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceTest method getConnectorObjectNotFullForbiddenTest.

/**
 * We do not create relation Identity account ... we must not have the
 * permissions on the account
 */
@Test(expected = ForbiddenEntityException.class)
public void getConnectorObjectNotFullForbiddenTest() {
    String userOneName = "UserOne";
    String eavAttributeName = "EAV_ATTRIBUTE";
    SysSystemDto system = initData();
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    // Find and delete EAV schema attribute.
    SysSchemaAttributeDto eavAttribute = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase(eavAttributeName)).findFirst().orElse(null);
    Assert.assertNotNull(eavAttribute);
    schemaAttributeService.delete(eavAttribute);
    Assert.assertNotNull(system);
    // Change resources (set state on exclude) .. must be call in transaction
    this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
    AccAccountDto account = new AccAccountDto();
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystem(system.getId());
    account.setAccountType(AccountType.PERSONAL);
    account.setUid(userOneName);
    account = accountService.save(account);
    IdmIdentityDto identity = helper.createIdentity();
    // Create role with evaluator
    IdmRoleDto role = helper.createRole();
    IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
    policyAccount.setRole(role.getId());
    policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
    policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
    policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
    authorizationPolicyService.save(policyAccount);
    // Assign role with evaluator
    helper.createIdentityRole(identity, role);
    logout();
    loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
    IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
    Assert.assertNotNull(connectorObject);
    Assert.assertEquals(userOneName, connectorObject.getUidValue());
    // EAV attribute must be null, because we deleted the schema definition
    Assert.assertNull(connectorObject.getAttributeByName(eavAttributeName));
}
Also used : LocalDateTime(org.joda.time.LocalDateTime) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 7 with IcConnectorObject

use of eu.bcvsolutions.idm.ic.api.IcConnectorObject in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceTest method getConnectorObjectNotFullTest.

@Test
public void getConnectorObjectNotFullTest() {
    String userOneName = "UserOne";
    String eavAttributeName = "EAV_ATTRIBUTE";
    SysSystemDto system = initData();
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    // Find and delete EAV schema attribute.
    SysSchemaAttributeDto eavAttribute = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase(eavAttributeName)).findFirst().orElse(null);
    Assert.assertNotNull(eavAttribute);
    schemaAttributeService.delete(eavAttribute);
    Assert.assertNotNull(system);
    // Change resources (set state on exclude) .. must be call in transaction
    this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
    AccAccountDto account = new AccAccountDto();
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystem(system.getId());
    account.setAccountType(AccountType.PERSONAL);
    account.setUid(userOneName);
    account = accountService.save(account);
    IdmIdentityDto identity = helper.createIdentity();
    AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
    accountIdentityOne.setIdentity(identity.getId());
    accountIdentityOne.setOwnership(true);
    accountIdentityOne.setAccount(account.getId());
    accountIdentityOne = identityAccountService.save(accountIdentityOne);
    // Create role with evaluator
    IdmRoleDto role = helper.createRole();
    IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
    policyAccount.setRole(role.getId());
    policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
    policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
    policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
    authorizationPolicyService.save(policyAccount);
    // Assign role with evaluator
    helper.createIdentityRole(identity, role);
    logout();
    loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
    IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
    Assert.assertNotNull(connectorObject);
    Assert.assertEquals(userOneName, connectorObject.getUidValue());
    // EAV attribute must be null, because we deleted the schema definition
    Assert.assertNull(connectorObject.getAttributeByName(eavAttributeName));
}
Also used : LocalDateTime(org.joda.time.LocalDateTime) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 8 with IcConnectorObject

use of eu.bcvsolutions.idm.ic.api.IcConnectorObject in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceTest method getConnectorObjectForbiddenTest.

/**
 * We do not create relation Identity account ... we must not have the
 * permissions on the account
 */
@Test(expected = ForbiddenEntityException.class)
public void getConnectorObjectForbiddenTest() {
    String userOneName = "UserOne";
    String eavAttributeName = "EAV_ATTRIBUTE";
    SysSystemDto system = initData();
    Assert.assertNotNull(system);
    IdmIdentityDto identity = helper.createIdentity();
    // Create role with evaluator
    IdmRoleDto role = helper.createRole();
    IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
    policyAccount.setRole(role.getId());
    policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
    policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
    policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
    authorizationPolicyService.save(policyAccount);
    // Change resources (set state on exclude) .. must be call in transaction
    this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
    AccAccountDto account = new AccAccountDto();
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystem(system.getId());
    account.setAccountType(AccountType.PERSONAL);
    account.setUid(userOneName);
    account = accountService.save(account);
    // Assign role with evaluator
    helper.createIdentityRole(identity, role);
    logout();
    loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
    IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
    Assert.assertNotNull(connectorObject);
    Assert.assertEquals(userOneName, connectorObject.getUidValue());
    Assert.assertNotNull(connectorObject.getAttributeByName(eavAttributeName));
    Assert.assertEquals(userOneName, connectorObject.getAttributeByName(eavAttributeName).getValue());
}
Also used : LocalDateTime(org.joda.time.LocalDateTime) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 9 with IcConnectorObject

use of eu.bcvsolutions.idm.ic.api.IcConnectorObject in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method prepareProvisioning.

private SysProvisioningOperationDto prepareProvisioning(SysSystemEntityDto systemEntity, DTO dto, UUID entityId, ProvisioningOperationType operationType, List<? extends AttributeMapping> attributes) {
    Assert.notNull(systemEntity);
    Assert.notNull(systemEntity.getUid());
    Assert.notNull(systemEntity.getEntityType());
    SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
    Assert.notNull(system);
    // If are input attributes null, then we load default mapped attributes
    if (attributes == null) {
        attributes = findAttributeMappings(system, systemEntity.getEntityType());
    }
    if (attributes == null || attributes.isEmpty()) {
        return null;
    }
    // Find connector identification persisted in system
    IcConnectorKey connectorKey = system.getConnectorKey();
    if (connectorKey == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_KEY_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // Find connector configuration persisted in system
    IcConnectorConfiguration connectorConfig = systemService.getConnectorConfiguration(system);
    if (connectorConfig == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_CONFIGURATION_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // One IDM object can be mapped to one connector object (= one connector
    // class).
    SysSystemMappingDto mapping = getMapping(system, systemEntity.getEntityType());
    if (mapping == null) {
        // TODO: delete operation?
        return null;
    }
    // 
    Map<ProvisioningAttributeDto, Object> accountAttributes = prepareMappedAttributesValues(dto, operationType, systemEntity, attributes);
    // public provisioning event
    SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
    IcConnectorObject connectorObject = new IcConnectorObjectImpl(systemEntity.getUid(), new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName()), null);
    SysProvisioningOperationDto.Builder operationBuilder = new SysProvisioningOperationDto.Builder().setOperationType(operationType).setSystemEntity(systemEntity).setEntityIdentifier(entityId).setProvisioningContext(new ProvisioningContext(accountAttributes, connectorObject));
    // 
    return operationBuilder.build();
}
Also used : IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl) IcConnectorKey(eu.bcvsolutions.idm.ic.api.IcConnectorKey) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)

Example 10 with IcConnectorObject

use of eu.bcvsolutions.idm.ic.api.IcConnectorObject in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method handleIcObject.

/**
 * Handle IC connector object
 *
 * @param tokenAttribute
 * @param itemContext
 * @return
 */
protected boolean handleIcObject(SynchronizationContext itemContext) {
    Assert.notNull(itemContext);
    String uid = itemContext.getUid();
    IcConnectorObject icObject = itemContext.getIcObject();
    AbstractSysSyncConfigDto config = itemContext.getConfig();
    SysSyncLogDto log = itemContext.getLog();
    List<SysSyncActionLogDto> actionLogs = itemContext.getActionLogs();
    AttributeMapping tokenAttribute = itemContext.getTokenAttribute();
    SysSyncItemLogDto itemLog = new SysSyncItemLogDto();
    // Synchronization by custom filter not supported DELETE
    // event
    IcSyncDeltaTypeEnum type = IcSyncDeltaTypeEnum.CREATE_OR_UPDATE;
    itemContext.addLogItem(itemLog).addType(type);
    // Find token by token attribute
    // For Reconciliation can be token attribute null
    Object tokenObj = null;
    if (tokenAttribute != null) {
        tokenObj = getValueByMappedAttribute(tokenAttribute, icObject.getAttributes(), itemContext);
    }
    // Token is saved in Sync as String, therefore we transform token (from
    // IcObject) to String too.
    String token = tokenObj != null ? tokenObj.toString() : null;
    if (token != null && config.getToken() != null && token.compareTo(config.getToken()) <= -1) {
        token = config.getToken();
    }
    // Save token
    log.setToken(token);
    config.setToken(token);
    boolean result = startItemSynchronization(itemContext);
    // We reload log (maybe was synchronization canceled)
    longRunningTaskExecutor.increaseCounter();
    log.setRunning(synchronizationLogService.get(log.getId()).isRunning());
    if (!log.isRunning()) {
        result = false;
    }
    if (!result) {
        log.setRunning(false);
        log.addToLog(MessageFormat.format("Synchronization canceled during resolve UID [{0}]", uid));
        addToItemLog(itemLog, "Canceled!");
        initSyncActionLog(SynchronizationActionType.IGNORE, OperationResultType.WARNING, itemLog, log, actionLogs);
    }
    return result;
}
Also used : SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) IcSyncDeltaTypeEnum(eu.bcvsolutions.idm.ic.impl.IcSyncDeltaTypeEnum) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)

Aggregations

IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)39 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)21 IcObjectClass (eu.bcvsolutions.idm.ic.api.IcObjectClass)17 IcUidAttribute (eu.bcvsolutions.idm.ic.api.IcUidAttribute)13 SysProvisioningOperationDto (eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)12 IcAttribute (eu.bcvsolutions.idm.ic.api.IcAttribute)12 ProvisioningAttributeDto (eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)11 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 SysSystemEntityDto (eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)10 ProvisioningException (eu.bcvsolutions.idm.acc.exception.ProvisioningException)10 IcConnectorObjectImpl (eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)9 ArrayList (java.util.ArrayList)9 ProvisioningContext (eu.bcvsolutions.idm.acc.domain.ProvisioningContext)8 SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)8 IcConnectorConfiguration (eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)8 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)8 Test (org.junit.Test)8 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)7 SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)7 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial