use of io.gravitee.am.model.Membership in project gravitee-access-management by gravitee-io.
the class AuthenticationServiceImpl method updateRoles.
/**
* Update ORGANIZATION role to an existing user if the identity provider role mapper has changed
*/
private Completable updateRoles(User principal, io.gravitee.am.model.User existingUser) {
// no role defined, continue
if (principal.getRoles() == null || principal.getRoles().isEmpty()) {
return Completable.complete();
}
// role to update if it's different from the current one
final String roleId = principal.getRoles().get(0);
// update membership if necessary
return membershipService.findByMember(existingUser.getId(), MemberType.USER).filter(membership -> ReferenceType.ORGANIZATION == membership.getReferenceType()).firstElement().map(membership -> !membership.getRoleId().equals(roleId)).switchIfEmpty(Maybe.just(false)).flatMapCompletable(mustChangeOrganizationRole -> {
if (!mustChangeOrganizationRole) {
return Completable.complete();
}
Membership membership = new Membership();
membership.setMemberType(MemberType.USER);
membership.setMemberId(existingUser.getId());
membership.setReferenceType(existingUser.getReferenceType());
membership.setReferenceId(existingUser.getReferenceId());
membership.setRoleId(roleId);
// check role and then update membership
return roleService.findById(existingUser.getReferenceType(), existingUser.getReferenceId(), roleId).flatMap(__ -> membershipService.addOrUpdate(existingUser.getReferenceId(), membership)).ignoreElement();
});
}
use of io.gravitee.am.model.Membership in project gravitee-access-management by gravitee-io.
the class DomainNotificationServiceTest method shouldNotifyUser_EmailAndUI.
@Test
public void shouldNotifyUser_EmailAndUI() throws Exception {
ReflectionTestUtils.setField(cut, "uiNotifierEnabled", true);
final Membership member = new Membership();
member.setMemberType(MemberType.USER);
member.setMemberId("userid");
when(membershipService.findByCriteria(eq(ReferenceType.DOMAIN), eq(DOMAIN_ID), any())).thenReturn(Flowable.just(member), Flowable.empty());
final User user = new User();
user.setEmail("user@acme.fr");
when(userService.findById(ReferenceType.ORGANIZATION, env.getOrganizationId(), member.getMemberId())).thenReturn(Single.just(user));
when(emailService.getFinalEmail(any(), any(), any(), any(), any())).thenReturn(new Email());
cut.registerCertificateExpiration(certificate);
// wait subscription execution
Thread.sleep(1000);
verify(notifierService).register(argThat(def -> def.getType().equals(TYPE_UI_NOTIFIER)), any(), any());
verify(notifierService).register(argThat(def -> def.getType().equals(TYPE_EMAIL_NOTIFIER)), any(), any());
verify(groupService, never()).findMembers(any(), any(), any(), anyInt(), anyInt());
}
use of io.gravitee.am.model.Membership in project gravitee-access-management by gravitee-io.
the class DomainNotificationServiceTest method shouldNotifyUser_EmailOnly.
@Test
public void shouldNotifyUser_EmailOnly() throws Exception {
final Membership member = new Membership();
member.setMemberType(MemberType.USER);
member.setMemberId("userid");
when(membershipService.findByCriteria(eq(ReferenceType.DOMAIN), eq(DOMAIN_ID), any())).thenReturn(Flowable.just(member), Flowable.empty());
final User user = new User();
user.setEmail("user@acme.fr");
when(userService.findById(ReferenceType.ORGANIZATION, env.getOrganizationId(), member.getMemberId())).thenReturn(Single.just(user));
when(emailService.getFinalEmail(any(), any(), any(), any(), any())).thenReturn(new Email());
cut.registerCertificateExpiration(certificate);
// wait subscription execution
Thread.sleep(1000);
verify(notifierService).register(any(), any(), any());
verify(groupService, never()).findMembers(any(), any(), any(), anyInt(), anyInt());
}
use of io.gravitee.am.model.Membership in project gravitee-access-management by gravitee-io.
the class MembershipCommandHandler method handle.
@Override
public Single<MembershipReply> handle(MembershipCommand command) {
MembershipPayload membershipPayload = command.getPayload();
ReferenceType assignableType;
try {
assignableType = ReferenceType.valueOf(membershipPayload.getReferenceType());
} catch (Exception e) {
logger.error("Invalid referenceType [{}].", membershipPayload.getReferenceType());
return Single.just(new MembershipReply(command.getId(), CommandStatus.ERROR));
}
Single<String> userObs = userService.findByExternalIdAndSource(ReferenceType.ORGANIZATION, membershipPayload.getOrganizationId(), membershipPayload.getUserId(), COCKPIT_SOURCE).map(User::getId).toSingle();
Single<Role> roleObs = findRole(membershipPayload.getRole(), membershipPayload.getOrganizationId(), assignableType);
return Single.zip(roleObs, userObs, (role, userId) -> {
Membership membership = new Membership();
membership.setMemberType(MemberType.USER);
membership.setMemberId(userId);
membership.setReferenceType(assignableType);
membership.setReferenceId(membershipPayload.getReferenceId());
membership.setRoleId(role.getId());
return membership;
}).flatMap(membership -> membershipService.addOrUpdate(membershipPayload.getOrganizationId(), membership)).doOnSuccess(membership -> logger.info("Role [{}] assigned on {} [{}] for user [{}] and organization [{}].", membershipPayload.getRole(), membershipPayload.getReferenceType(), membershipPayload.getReferenceId(), membership.getMemberId(), membershipPayload.getOrganizationId())).map(user -> new MembershipReply(command.getId(), CommandStatus.SUCCEEDED)).doOnError(error -> logger.error("Error occurred when trying to assign role [{}] on {} [{}] for cockpit user [{}] and organization [{}].", membershipPayload.getRole(), membershipPayload.getReferenceType(), membershipPayload.getReferenceId(), membershipPayload.getUserId(), membershipPayload.getOrganizationId(), error)).onErrorReturn(throwable -> new MembershipReply(command.getId(), CommandStatus.ERROR));
}
use of io.gravitee.am.model.Membership in project gravitee-access-management by gravitee-io.
the class MembersResourceTest method shouldNotAddMember_invalidInput.
@Test
public void shouldNotAddMember_invalidInput() {
Organization organization = new Organization();
organization.setId(Organization.DEFAULT);
Membership membership = new Membership();
membership.setId("membership-1");
doReturn(Single.just(organization)).when(organizationService).findById(organization.getId());
doReturn(Single.just(membership)).when(membershipService).addOrUpdate(eq(organization.getId()), any(Membership.class), any(io.gravitee.am.identityprovider.api.User.class));
// invalid input.
NewMembership newMembership = new NewMembership();
final Response response = target("organizations").path(organization.getId()).path("members").request().post(Entity.json(newMembership));
assertEquals(HttpStatusCode.BAD_REQUEST_400, response.getStatus());
}
Aggregations