Examples with DelegateOrg org.ligoj.app.iam.model.DelegateOrg used on opensource projects

Example 6 with DelegateOrg

use of org.ligoj.app.iam.model.DelegateOrg in project ligoj-api by ligoj.

the class DelegateOrgResourceTest method updateNoChangeBase.

private DelegateOrg updateNoChangeBase(final String user, final DelegateOrgEditionVo vo) {
    final int id = em.createQuery("SELECT id FROM DelegateOrg WHERE receiver=:user AND dn=:dn", Integer.class).setParameter("user", "mtuyer").setParameter("dn", "ou=fonction,ou=groups,dc=sample,dc=com").getSingleResult();
    vo.setId(id);
    vo.setType(DelegateType.TREE);
    vo.setCanAdmin(true);
    resource.update(vo);
    em.flush();
    em.clear();
    final DelegateOrg entity = repository.findOne(id);
    Assertions.assertEquals("-", entity.getName());
    Assertions.assertEquals(vo.getName().trim(), entity.getDn());
    Assertions.assertEquals(DelegateType.TREE, entity.getType());
    Assertions.assertEquals(user, entity.getReceiver());
    Assertions.assertEquals(ReceiverType.USER, entity.getReceiverType());
    return entity;
}

Example 7 with DelegateOrg

use of org.ligoj.app.iam.model.DelegateOrg in project ligoj-api by ligoj.

the class DelegateOrgResource method validateWriteAccess.

/**
 * Check the principal user can delete this delegate. 'canAdmin' flag must be enbaled.
 *
 * @param id
 *            the entity identifier.
 */
private void validateWriteAccess(final int id) {
    // Get the related delegate
    final DelegateOrg delegate = repository.findOneExpected(id);
    // Check the related DN
    final String dn = delegate.getDn();
    final List<Integer> ids = repository.findByMatchingDnForAdmin(securityHelper.getLogin(), dn, delegate.getType());
    if (ids.isEmpty()) {
        throw new ForbiddenException();
    }
}

Example 8 with DelegateOrg

use of org.ligoj.app.iam.model.DelegateOrg in project ligoj-api by ligoj.

the class DelegateOrgResource method validateSaveOrUpdate.

/**
 * Validate the user changes regarding the current user's right. The associated DN and the real CN will stored in
 * database.<br>
 * Rules, order is important :
 * <ul>
 * <li>Related company must be managed by the current user, directly or via a another parent delegate tree/company,
 * or act as if the company does not exist.</li>
 * <li>Related group must be managed by the current user, directly or via a another parent delegate group/tree, or
 * act as if the group does not exist.</li>
 * <li>Related tree must be managed by the current user, directly or via a another parent delegate tree.</li>
 * <li>'write' flag cannot be <code>true</code> without already owning an applicable delegate with this flag.</li>
 * <li>'admin' flag cannot be <code>true</code> without already owning an applicable delegate with this flag.</li>
 * </ul>
 * Attention, DN is case sensitive.
 *
 * @return the created/update {@link DelegateOrg}
 */
private DelegateOrg validateSaveOrUpdate(final DelegateOrgEditionVo importEntry) {
    final Map<String, CompanyOrg> allCompanies = getCompany().findAll();
    final Map<String, GroupOrg> allGroups = getGroup().findAll();
    // Save the delegate with normalized name
    final DelegateOrg entity = toEntity(importEntry);
    // Get all delegates of current user
    String dn = "n/a";
    if (importEntry.getType() == DelegateType.COMPANY) {
        dn = validateCompany(importEntry, allCompanies, dn);
    } else if (importEntry.getType() == DelegateType.GROUP) {
        dn = validateGroup(importEntry, allGroups, dn);
    } else {
        // Tree, CN <- DN
        dn = validateTree(importEntry);
        // Name is ignored for this type in the internal format
        entity.setName("-");
    }
    // INTO the corresponding DN
    if (repository.findByMatchingDnForAdmin(securityHelper.getLogin(), dn, importEntry.getType()).isEmpty()) {
        throw new ForbiddenException();
    }
    // FROM the corresponding DN
    if (importEntry.getId() != null) {
        // Check the related DN
        validateWriteAccess(importEntry.getId());
    }
    // DN is already normalized
    entity.setDn(dn);
    repository.saveAndFlush(entity);
    return entity;
}

Example 9 with DelegateOrg

use of org.ligoj.app.iam.model.DelegateOrg in project ligoj-api by ligoj.

the class ProjectResourceTest method findAllNotMemberButDelegateGroupVisible.

@Test
public void findAllNotMemberButDelegateGroupVisible() {
    final DelegateOrg delegate = new DelegateOrg();
    delegate.setType(DelegateType.GROUP);
    delegate.setReceiver("user");
    delegate.setDn("cn=gfi-gstack,ou=gfi,ou=project,dc=sample,dc=com");
    delegate.setName("gfi-gStack");
    em.persist(delegate);
    em.flush();
    em.clear();
    // create a mock URI info with pagination information
    final UriInfo uriInfo = newFindAllParameters();
    initSpringSecurityContext("user");
    final TableItem<ProjectLightVo> result = resource.findAll(uriInfo, "gStack");
    Assertions.assertEquals(1, result.getData().size());
    Assertions.assertEquals("gStack", result.getData().get(0).getName());
    // KPI, Build, Bug Tracker, Identity x2, KM
    Assertions.assertTrue(result.getData().get(0).getNbSubscriptions() >= 6);
}

Example 10 with DelegateOrg

use of org.ligoj.app.iam.model.DelegateOrg in project ligoj-api by ligoj.

the class SubscriptionResourceTest method deleteBecauseManageGroup.

/**
 * Delete since manage the main group
 */
@Test
public void deleteBecauseManageGroup() throws Exception {
    initSpringSecurityContext("fdaugan");
    delegateOrgRepository.findAll().stream().forEach(d -> d.setCanAdmin(false));
    projectRepository.findAll().stream().forEach(d -> d.setTeamLeader(null));
    // Persist the delegate and the related group to the project
    final DelegateOrg delegate = prepareDelegate();
    delegate.setCanAdmin(true);
    delegate.setCanWrite(true);
    em.flush();
    assertDelete();
}