Search in sources :

Example 1 with PatchOrganization

use of io.gravitee.am.service.model.PatchOrganization in project gravitee-access-management by gravitee-io.

the class OrganizationServiceTest method shouldUpdate.

@Test
public void shouldUpdate() {
    Organization existingOrganization = new Organization();
    existingOrganization.setId(ORGANIZATION_ID);
    when(organizationRepository.findById(ORGANIZATION_ID)).thenReturn(Maybe.just(existingOrganization));
    when(organizationRepository.update(argThat(toUpdate -> toUpdate.getIdentities() != null))).thenAnswer(i -> Single.just(i.getArgument(0)));
    PatchOrganization patchOrganization = new PatchOrganization();
    List<String> identities = Collections.singletonList("test");
    patchOrganization.setIdentities(identities);
    TestObserver<Organization> obs = cut.update(ORGANIZATION_ID, patchOrganization, new DefaultUser("username")).test();
    obs.awaitTerminalEvent();
    obs.assertValue(updated -> updated.getIdentities().equals(identities));
}
Also used : OrganizationNotFoundException(io.gravitee.am.service.exception.OrganizationNotFoundException) ArgumentMatchers.argThat(org.mockito.ArgumentMatchers.argThat) Mock(org.mockito.Mock) Completable(io.reactivex.Completable) Maybe(io.reactivex.Maybe) RunWith(org.junit.runner.RunWith) TechnicalException(io.gravitee.am.repository.exceptions.TechnicalException) Single(io.reactivex.Single) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) OrganizationServiceImpl(io.gravitee.am.service.impl.OrganizationServiceImpl) TechnicalManagementException(io.gravitee.am.service.exception.TechnicalManagementException) Entrypoint(io.gravitee.am.model.Entrypoint) Flowable(io.reactivex.Flowable) Status(io.gravitee.am.common.audit.Status) ReferenceType(io.gravitee.am.model.ReferenceType) NewOrganization(io.gravitee.am.service.model.NewOrganization) Before(org.junit.Before) OrganizationRepository(io.gravitee.am.repository.management.api.OrganizationRepository) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) TestObserver(io.reactivex.observers.TestObserver) Test(org.junit.Test) EventType(io.gravitee.am.common.audit.EventType) PatchOrganization(io.gravitee.am.service.model.PatchOrganization) Mockito(org.mockito.Mockito) Organization(io.gravitee.am.model.Organization) List(java.util.List) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) Audit(io.gravitee.am.reporter.api.audit.model.Audit) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) NewOrganization(io.gravitee.am.service.model.NewOrganization) PatchOrganization(io.gravitee.am.service.model.PatchOrganization) Organization(io.gravitee.am.model.Organization) PatchOrganization(io.gravitee.am.service.model.PatchOrganization) Test(org.junit.Test)

Example 2 with PatchOrganization

use of io.gravitee.am.service.model.PatchOrganization in project gravitee-access-management by gravitee-io.

the class OrganizationServiceTest method shouldUpdate_notExistingOrganization.

@Test
public void shouldUpdate_notExistingOrganization() {
    when(organizationRepository.findById(ORGANIZATION_ID)).thenReturn(Maybe.empty());
    PatchOrganization patchOrganization = new PatchOrganization();
    patchOrganization.setIdentities(Collections.singletonList("test"));
    TestObserver<Organization> obs = cut.update(ORGANIZATION_ID, patchOrganization, new DefaultUser("username")).test();
    obs.awaitTerminalEvent();
    obs.assertError(OrganizationNotFoundException.class);
}
Also used : DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) NewOrganization(io.gravitee.am.service.model.NewOrganization) PatchOrganization(io.gravitee.am.service.model.PatchOrganization) Organization(io.gravitee.am.model.Organization) PatchOrganization(io.gravitee.am.service.model.PatchOrganization) Test(org.junit.Test)

Example 3 with PatchOrganization

use of io.gravitee.am.service.model.PatchOrganization in project gravitee-access-management by gravitee-io.

the class DefaultOrganizationUpgrader method createInlineProvider.

private IdentityProvider createInlineProvider() {
    // Create an inline identity provider
    logger.info("Create an user-inline provider");
    NewIdentityProvider adminIdentityProvider = new NewIdentityProvider();
    adminIdentityProvider.setType("inline-am-idp");
    adminIdentityProvider.setName("Inline users");
    adminIdentityProvider.setConfiguration(DEFAULT_INLINE_IDP_CONFIG);
    IdentityProvider createdIdentityProvider = identityProviderService.create(ReferenceType.ORGANIZATION, Organization.DEFAULT, adminIdentityProvider, null, false).blockingGet();
    logger.info("Associate user-inline provider to default organization");
    PatchOrganization patchOrganization = new PatchOrganization();
    patchOrganization.setIdentities(Collections.singletonList(createdIdentityProvider.getId()));
    organizationService.update(Organization.DEFAULT, patchOrganization, null).blockingGet();
    return createdIdentityProvider;
}
Also used : NewIdentityProvider(io.gravitee.am.service.model.NewIdentityProvider) NewIdentityProvider(io.gravitee.am.service.model.NewIdentityProvider) PatchOrganization(io.gravitee.am.service.model.PatchOrganization)

Example 4 with PatchOrganization

use of io.gravitee.am.service.model.PatchOrganization in project gravitee-access-management by gravitee-io.

the class DefaultOrganizationUpgrader method upgrade.

@Override
public boolean upgrade() {
    try {
        // This call create default organization with :
        // - default roles
        // - default entry point
        Organization organization = organizationService.createDefault().blockingGet();
        // - migrate all existing users permissions to default ORGANIZATION_OWNER
        if (organization != null) {
            logger.info("Default organization successfully created");
            // check if old domain admin exists
            Domain adminDomain = domainService.findById(ADMIN_DOMAIN).blockingGet();
            if (adminDomain != null) {
                // update organization identities
                PatchOrganization patchOrganization = new PatchOrganization();
                patchOrganization.setIdentities(adminDomain.getIdentities() != null ? new ArrayList<>(adminDomain.getIdentities()) : null);
                organizationService.update(organization.getId(), patchOrganization, null).blockingGet();
                // Must grant owner power to all existing users to be iso-functional with v2 where all users could do everything.
                Role organizationOwnerRole = roleService.findDefaultRole(Organization.DEFAULT, DefaultRole.ORGANIZATION_OWNER, ReferenceType.ORGANIZATION).blockingGet();
                Page<User> userPage;
                int page = 0;
                do {
                    userPage = userService.findAll(ReferenceType.ORGANIZATION, Organization.DEFAULT, page, PAGE_SIZE).blockingGet();
                    // membership helper create membership only if
                    userPage.getData().forEach(user -> membershipHelper.setOrganizationRole(user, organizationOwnerRole));
                    page++;
                } while (userPage.getData().size() == PAGE_SIZE);
                // then delete the domain
                domainService.delete(ADMIN_DOMAIN).blockingGet();
            } else if (useDefaultAdmin) {
                // Need to create an inline provider and an admin user for this newly created default organization.
                IdentityProvider inlineProvider = createInlineProvider();
                User adminUser = createAdminUser(inlineProvider);
                membershipHelper.setOrganizationPrimaryOwnerRole(adminUser);
            }
        }
        if (identityProviderManager != null) {
            // call the idpManager here to ensure that roles have been created
            identityProviderManager.loadIdentityProviders();
        }
        // Get organization with fresh data.
        organization = organizationService.findById(Organization.DEFAULT).blockingGet();
        logger.info("Check if default organization is up to date");
        if (useDefaultAdmin) {
            // Need to check that inline idp and default admin user has 'admin' role.
            final List<String> identities = Optional.ofNullable(organization.getIdentities()).orElse(Collections.emptyList());
            IdentityProvider inlineIdp = identityProviderService.findAll(ReferenceType.ORGANIZATION, Organization.DEFAULT).filter(identityProvider -> identityProvider.getType().equals("inline-am-idp") && !identityProvider.isExternal() && identities.contains(identityProvider.getId())).firstElement().blockingGet();
            // If inline idp doesn't exist or is not enabled, it is probably an administrator choice. So do not go further.
            if (inlineIdp != null) {
                // If inline idp doesn't have "admin" user in its configuration, it is probably an administrator choice. So do not go further.
                if (inlineIdp.getConfiguration().contains(",\"username\":\"" + ADMIN_USERNAME + "\",") && inlineIdp.getRoleMapper().isEmpty()) {
                    // Check the user admin exists.
                    User adminUser = userService.findByUsernameAndSource(ReferenceType.ORGANIZATION, Organization.DEFAULT, ADMIN_USERNAME, inlineIdp.getId()).blockingGet();
                    if (adminUser == null) {
                        // Create the admin user with organization primary owner role on the default organization.
                        adminUser = createAdminUser(inlineIdp);
                        membershipHelper.setOrganizationPrimaryOwnerRole(adminUser);
                    }
                }
            }
        }
        // The primary owner of the default organization must be considered as platform admin.
        membershipHelper.setPlatformAdminRole();
    } catch (Exception e) {
        logger.error("An error occurred trying to initialize default organization", e);
        return false;
    }
    return true;
}
Also used : DefaultRole(io.gravitee.am.model.permissions.DefaultRole) PatchOrganization(io.gravitee.am.service.model.PatchOrganization) ArrayList(java.util.ArrayList) NewIdentityProvider(io.gravitee.am.service.model.NewIdentityProvider) PatchOrganization(io.gravitee.am.service.model.PatchOrganization)

Aggregations

PatchOrganization (io.gravitee.am.service.model.PatchOrganization)4 DefaultUser (io.gravitee.am.identityprovider.api.DefaultUser)2 Organization (io.gravitee.am.model.Organization)2 NewIdentityProvider (io.gravitee.am.service.model.NewIdentityProvider)2 NewOrganization (io.gravitee.am.service.model.NewOrganization)2 Test (org.junit.Test)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 EventType (io.gravitee.am.common.audit.EventType)1 Status (io.gravitee.am.common.audit.Status)1 Entrypoint (io.gravitee.am.model.Entrypoint)1 ReferenceType (io.gravitee.am.model.ReferenceType)1 DefaultRole (io.gravitee.am.model.permissions.DefaultRole)1 Audit (io.gravitee.am.reporter.api.audit.model.Audit)1 TechnicalException (io.gravitee.am.repository.exceptions.TechnicalException)1 OrganizationRepository (io.gravitee.am.repository.management.api.OrganizationRepository)1 OrganizationNotFoundException (io.gravitee.am.service.exception.OrganizationNotFoundException)1 TechnicalManagementException (io.gravitee.am.service.exception.TechnicalManagementException)1 OrganizationServiceImpl (io.gravitee.am.service.impl.OrganizationServiceImpl)1 Completable (io.reactivex.Completable)1 Flowable (io.reactivex.Flowable)1