/** * @param provisioningEntity * @param idPRoleMapping */ private void updateProvisioningUserWithMappedRoles(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping) { if (provisioningEntity.getEntityType() != ProvisioningEntityType.USER || idPRoleMapping == null || idPRoleMapping.length == 0) { return; } List<String> userGroups = getGroupNames(provisioningEntity.getAttributes()); if (CollectionUtils.isEmpty(userGroups)) { return; } Map<String, String> mappedRoles = new HashMap<>(); for (RoleMapping mapping : idPRoleMapping) { mappedRoles.put(mapping.getLocalRole().getLocalRoleName(), mapping.getRemoteRole()); } List<String> mappedUserGroups = new ArrayList<>(); for (Iterator<String> iterator = userGroups.iterator(); iterator.hasNext(); ) { String userGroup = iterator.next(); String mappedGroup = null; if ((mappedGroup = mappedRoles.get(userGroup)) != null) { mappedUserGroups.add(mappedGroup); } } ProvisioningUtil.setClaimValue(IdentityProvisioningConstants.GROUP_CLAIM_URI, provisioningEntity.getAttributes(), mappedUserGroups); }
/** * Update the value of given group attribute with mapped roles * * @param provisioningEntity * @param idPRoleMapping * @param groupAttributeName */ private void updateMappedGroupForAttribute(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping, String groupAttributeName) { List<String> groupList = ProvisioningUtil.getClaimValues(provisioningEntity.getAttributes(), groupAttributeName, null); List<String> mappedGroups = getMappedGroups(groupList, idPRoleMapping); if (mappedGroups != null && !mappedGroups.isEmpty()) { ProvisioningUtil.setClaimValue(groupAttributeName, provisioningEntity.getAttributes(), mappedGroups); } } }
/** * Update the value of given group attribute with mapped roles * * @param provisioningEntity * @param idPRoleMapping * @param groupAttributeName */ private void updateMappedGroupForAttribute(ProvisioningEntity provisioningEntity, RoleMapping[] idPRoleMapping, String groupAttributeName) { List<String> groupList = ProvisioningUtil.getClaimValues(provisioningEntity.getAttributes(), groupAttributeName, null); List<String> mappedGroups = getMappedGroups(groupList, idPRoleMapping); if (mappedGroups != null && !mappedGroups.isEmpty()) { ProvisioningUtil.setClaimValue(groupAttributeName, provisioningEntity.getAttributes(), mappedGroups); } } }