====== Module - Preparing a new CzechIdM module ======
Basic application skeleton you can create by archetype, please follow this tutorial: [[https://github.com/bcvsolutions/idm-module-archetype/blob/develop/README.md|Archetype tutorial]].
CzechIdM is a modular application built by [[https://maven.apache.org/|Maven]]. Modules often have really similar structure consisting of:
* Java source code
* test suites
* Groovy scripts
* notification templates
* Activiti workflow definitions
* connector specific files (JDBC scripts etc.)
* configuration files and maven profiles
* database migration - Flyway configuration
In this tutorial we will describe the currently preferred way of setting up a CzechIdM module. Some basic information about developing the module can be found also in the [[devel:dev:quickstart:backend|Developer Guide - Quickstart]].
====== Java source code ======
The Java code typically handles all the business logic and heavy lifting in the application. There are multiple areas of interest you will probably need while developing a module:
* adding configuration properties
* adding / removing [[https://wiki.czechidm.com/devel/dev/architecture/events|event processors]]
* defining [[https://wiki.czechidm.com/devel/dev/configuration/dynamic-forms|EAV]] attributes
* initialize application data
* overriding synchronization
Keep all Java sources under //src/main/java// directory and keep package structure as //eu/bcvsolutions/idm/#your_module_name#//.
===== Configuration properties =====
Setting default module [[https://wiki.czechidm.com/devel/dev/configuration/backend|configuration]] is crucial. The default configuration is loaded from the _application*.properties_ files, which will be discussed later. You can override the values in the properties by defining you own props in the application, which get stored in the database and have higher priority over the configuration files.
For accessing the properties, create a Spring bean extending the ''%%Configurable%%'' interface. See example implementation of [[devel:dev:quickstart:backend#configuration|module configuration]], or [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-api/src/main/java/eu/bcvsolutions/idm/core/api/config/domain/EmailerConfiguration.java|EmailerConfiguration]] and its implementation [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/java/eu/bcvsolutions/idm/core/config/domain/DefaultEmailerConfiguration.java|DefaultEmailerConfiguration]] as an example. Creating a strongly typed configuration bean will give you great flexibility - you can use whatever types you need without being forced to parse the props from strings every time you need it.
It is advised to keep the configuration logic in the //config// Java package.
===== Event processors =====
[[https://wiki.czechidm.com/devel/dev/architecture/events|Event processors]] are a powerful mechanism in customizing your CzechIdM deployment. All major entities, such as ''%%IdmIdentity%%'', supports events. Use case example: sending notification to administrator after an identity has been created:
- define an IdmIdentityDto processor with priority greater than 0 (after the identity is saved)
- set the processor to catch only ''%%IdentityEventType.CREATE%%'' events
- sent notification in the ''%%process%%'' method
That's it. Without the need to modify any of the existing code or the core module we have modified the behavior of the application.
This way you can alter entities processing, provisioning and many other cases.
Events also carry event properties. You can use such properties to cancel provisioning, for example, by the following code:
SysProvisioningOperation op = event.getContent();
op.setResultState(OperationState.CANCELED);
provisioningOperationService.delete(op);
return new DefaultEventResult<>(event, this, true);
Turning modules on and off is also possible in runtime by configuration, see the CzechIdM wiki for details.
It is advised to keep all processors in the //event// Java package and sub-packages.
===== EAV attributes =====
Extending entities in CzechIdM could be simply done by defining [[https://wiki.czechidm.com/devel/dev/configuration/dynamic-forms|EAV attributes]]. These are referred by plain String keys in the code, which may become troublesome for larger modules, simply because magic values and restatements are generally a bad idea.
To keep EAV references type typo-safe, create a classic Java enum, which accepts two strings as constructor params. Example:
public interface EavConstants {
String getEavCode();
PersistentType getPersistentType();
}
public enum MyIdentityConstants implements EavConstants {
MY_CUSTOM_SOMETHING("myCustomSomethingEav", PersistentType.TEXT),
MY_ATTRIBUTE("myAttrEavCode", PersistentType.TEXT);
// fields
private final String eavCode;
private final PersistentType persistentType;
MyIdentityConstants(String eavCode, PersistentType persistentType) {
this.eavCode = eavCode;
this.persistentType = persistentType;
}
@Override
public String getEavCode() {
return eavCode;
}
@Override
public PersistentType getPersistentType() {
return persistentType;
}
}
With such setup you can reference all your module-specific EAVs as ''%%MyIdentityConstants.MY_ATTRIBUTE%%''. Another advantage of this approach is creating attribute definitions on application startup.
It is advised to keep the the EAV attributes definitions in the //constants// Java package.
===== Initialize module data =====
To ensure our module is easily runnable even on the first time it's deployed, we need to initialize module-specific data. That is done through Spring application event listener. This is highly recommended at least for creating EAV attribute definition (+ beneficial for tests, which start with empty database and we need to initialize the definitions somowhere). Following example show such bean, which creates EAV definitions for our ''%%MyIdentityConstants%%'' enum and create a role for notifications:
@Component
@DependsOn("initApplicationData")
public class InitMyModuleData implements ApplicationListener {
@Autowired
private SecurityService securityService;
@Autowired
private FormService formService;
@Autowired
private IdmRoleService roleService;
@Autowired
private MyConfiguration configuration;
@Override
public void onApplicationEvent(ContextRefreshedEvent event) {
init();
}
public void init() {
// system auth. to get full permissions
securityService.setSystemAuthentication();
//
try {
for (EavConstants extAttr : MyIdentityConstants.values()) {
createEavAttribute(extAttr, IdmIdentity.class);
}
//
final String organizationsEventRecipientRole = configuration.getNotificationRoleName();
IdmRole orgRecipientRole = roleService.getByName(organizationsEventRecipientRole);
if (orgRecipientRole == null) {
orgRecipientRole = new IdmRole();
orgRecipientRole.setCanBeRequested(true);
orgRecipientRole.setDescription("Role holders receive notifications about our use case.");
orgRecipientRole.setDisabled(false);
orgRecipientRole.setName(organizationsEventRecipientRole);
orgRecipientRole.setPriority(1);
orgRecipientRole.setRoleType(RoleType.SYSTEM);
roleService.save(orgRecipientRole);
}
} finally {
SecurityContextHolder.clearContext();
}
}
private void createEavAttribute(EavConstants extAttr, Class extends FormableEntity> clazz) {
IdmFormAttribute retrieved = formService.getAttribute(clazz, extAttr.getEavCode());
if (retrieved != null) {
return;
}
//
IdmFormAttribute attr = new IdmFormAttribute();
attr.setCode(extAttr.getEavCode());
attr.setName(extAttr.getEavCode());
attr.setPlaceholder(extAttr.getEavCode());
attr.setPersistentType(extAttr.getPersistentType());
formService.saveAttribute(clazz, attr);
}
}
====== Setting up test suites ======
Generally, all base classes for testing your module should be available out-of-the-box in the //czechidm-test-api// module, which you need to include as your module's dependency.
The only exception is for testing Activiti's workflows. For that reason, we need to create ActivitiRule bean first. Create following bean under the //test// sources module directory:
@ActiveProfiles("test")
@Configuration
public class MyModuleTestConfiguration {
@Bean
public ActivitiRule activitiRule(ProcessEngine processEngine) {
return new ActivitiRule(processEngine);
}
}
In version 7.3 it is also necessary to have dependency on //core-impl// module and create a base class for workflow testing. Following is a functioning example:
public abstract class AbstractMyModuleWorkflowIntegrationTest extends AbstractWorkflowIntegrationTest {
@Override
public DefaultActivityBehaviorFactory getBehaviourFactory() {
return new CustomActivityBehaviorFactory();
}
}
With such setup you should be able to test Activiti workflows without any problems. For test example please refer to [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/test/java/eu/bcvsolutions/idm/core/workflow/history/HistoryProcessAndTaskTest.java|HistoryProcessAndTaskTest]].
Without this setup, all your workflow tests will deliberately fail.
====== Groovy scripts ======
[[https://wiki.czechidm.com/faq/scripts/start|Groovy scripts]] are used primarily as transformations while connecting end-point systems.
It is advised to keep all your custom scripts the //src/main/resources/#package#/scripts// directory of your module. Please do version the scripts, do not leave them only in the application! This is crucial for maintenance and upgrade reasons. XML is now a preferred script format, see [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/resources/eu/bcvsolutions/idm/scripts/IdmCoreGetFullName.xml|IdmCoreGetFullName]] and [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/resources/eu/bcvsolutions/idm/scripts/IdmScript.xsd|IdmScript.xsd]].
====== Notification templates ======
Keep [[https://wiki.czechidm.com/devel/dev/notification|notification templates]] in the //src/main/resources/#package#/templates// directory. For an example of core template, see [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/resources/eu/bcvsolutions/idm/templates/IdmCoreChangeIdentityRole.xml|IdmCoreChangeIdentityRole]] and [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/core/core-impl/src/main/resources/eu/bcvsolutions/idm/templates/IdmNotificationTemplate.xsd|IdmNotificationTemplate.xsd]].
====== Activiti workflows ======
[[https://wiki.czechidm.com/devel/dev/workflow|Activiti workflows]] are typically kept in the //src/main/resources/#package#/workflows// directory. Workflows are deployed and versioned automatically.
To test workflows, please see the ''%%Setting up test suites%%'' chapter.
====== Connector specific files ======
While connecting endpoint systems through scripted connectors (mostly), we have to either deploy these scripts with CzechIdM or we just simple need to version these scripts. The preferred way is to keep all connector scripts in the //src/main/resources/#package#/scripts// directory and sub-directories, however use whatever works best for you.
Please do version the scripts, do not leave them only in the application or on the server file system! This is crucial for maintenance and upgrade reasons.
For example of JDBC script development see the usage of [[https://wiki.czechidm.com/7.3/dev/system/scripted-jdbc-connector|Scripted SQL connector]].
====== Database migration - Flyway configuration ======
Database migration (done by [[https://flywaydb.org/|Flyway]]) is an important part of every db-backed application (module here) maintenance. Each module has its own Flyway configuration. To setup yours, follow the [[https://wiki.czechidm.com/7.3/dev/architecture/flyway|guide in wiki]].