This is an old revision of the document!
Duplicate role
Role is duplicated by RoleDuplicateBulkAction
bulk action. This action propagate DUPLICATE
event type with content:
original source
- contains the selected original rolecontent
- contains duplicated role
Creating duplicate role is then propagated into registered (and enabled) entity event processors. Custom processors can be registered by the different module (or product processor can be disabled and overriden, see below).
Processors can register form attributes into the bulk action form - distinct form attributes (by code, the first attribute wins by processor's order) are rendered and used as input for the bulk action.
Processors
Implemented processors in the product sorted by order of the processing:
DuplicateRolePrepareProcessor
@since 9.5.0
- Event content:
IdmRoleDto
- Event type:
DUPLICATE
- Default order: -1000
Prepares role's basic properties.
## Enable / disable idm.sec.core.processor.core-duplicate-role-prepare-processor.enabled=true
DuplicateRoleSaveProcessor
@since 9.5.0
- Event content:
IdmRoleDto
- Event type:
DUPLICATE
- Default order: 0
Here is the role persisted into database.
## Enable / disable idm.sec.core.processor.core-duplicate-role-save-processor.enabled=true
DuplicateRoleFormAttributeProcessor
@since 9.5.0
- Event content:
IdmRoleDto
- Event type:
DUPLICATE
- Default order: 50
Duplicate role form attributes (parameters for the identity (~assigned) roles). Parameters are created or updated by the extended attribute code.
Parameters provided to the bulk action form:
- Duplicate role form attributes - if role form attributes will be duplicated.
Configuration properties:
## Enable / disable idm.sec.core.processor.core-duplicate-role-form-attribute-processor.enabled=true
DuplicateRoleCompositionProcessor
@since 9.5.0
- Event content:
IdmRoleDto
- Event type:
DUPLICATE
- Default order: 100
Duplicate congirured role composition (sub roles by business role definition) and duplicate sub roles recursively. If the same environment is selected, the only role composition is created - exists sub role is used. If the different environment (~target environment) is used, then sub roles with the same environment as original are duplicated recursively into target environment.
Parameters provided to the bulk action form:
- Duplicate sub roles (by business role definition) - if business role configuration will be duplicated (recursively).
Overidable methods (can be used for on the projects, e.g. example below):
duplicateRecursively
- Returns true, when role should be cloned recursively - can be overriden, if some role hasn't be cloned recursively, if doesn't exist on the target environment before.includeComposition
- Returns true, when role composition should be included in the target role - can be overriden, if some role hasn't be cloned recursively, if doesn't have the same environment etc.
Configuration properties:
## Enable / disable idm.sec.core.processor.core-duplicate-role-composition-processor.enabled=true
Custom processor example
/** * Project specific processor for duplicate role composition. */ @Component(CustomDuplicateRoleCompositionProcessor.PROCESSOR_NAME) @Description("Duplicate role - composition and recursion.") public class CustomDuplicateRoleCompositionProcessor extends DuplicateRoleCompositionProcessor { public static final String PROCESSOR_NAME = "custom-duplicate-role-composition-processor"; @Override public String getName() { return PROCESSOR_NAME; } /** * Returns true, when role should be cloned recursively * - it's not cloned, if application sub role doesn't exist on the target environment before. * * @param event processed event * @param originalSubRole original sub role * @param targetSubRole duplicate sub role. {@code null} if target role has to be created. * @return */ @Override public boolean duplicateRecursively(EntityEvent<IdmRoleDto> event, IdmRoleDto originalSubRole, IdmRoleDto targetSubRole) { return (targetSubRole != null && targetSubRole.getId() != null) || originalSubRole.getChildrenCount() > 0; } /** * Returns true, when role composition should be included in the target role * - it's not included, when sub role doesn't have the same environment * * @param event processed event * @param composition source composition * @return */ @Override public boolean includeComposition(EntityEvent<IdmRoleDto> event, IdmRoleCompositionDto composition) { IdmRoleDto subRole = DtoUtils.getEmbedded(composition, IdmRoleComposition_.sub); // return Objects.equals(event.getOriginalSource().getEnvironment(), subRole.getEnvironment()); } }
…
TODO:
- all registered processors, orders
- entity state deleted - usage, prevent to remove account
- create duplicate vs update duplicate
- how to register new processor (example)