Search in sources :

Example 16 with RefinedAttributeDefinition

use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.

the class AccessChecker method filterGetAttributes.

public void filterGetAttributes(ResourceAttributeContainer attributeContainer, RefinedObjectClassDefinition objectClassDefinition, OperationResult parentResult) throws SchemaException {
    OperationResult result = parentResult.createMinorSubresult(OPERATION_NAME);
    for (ResourceAttribute<?> attribute : attributeContainer.getAttributes()) {
        QName attrName = attribute.getElementName();
        RefinedAttributeDefinition attrDef = objectClassDefinition.findAttributeDefinition(attrName);
        if (attrDef == null) {
            String message = "Unknown attribute " + attrName + " in objectclass " + objectClassDefinition;
            result.recordFatalError(message);
            throw new SchemaException(message);
        }
        // Need to check model layer, not schema. Model means IDM logic which can be overridden in schemaHandling,
        // schema layer is the original one. 
        PropertyLimitations limitations = attrDef.getLimitations(LayerType.MODEL);
        if (limitations == null) {
            continue;
        }
        // We cannot throw error here. At least not now. Provisioning will internally use ignored attributes
        // e.g. for simulated capabilities. This is not a problem for normal operations, but it is a problem
        // for delayed operations (e.g. consistency) that are passing through this code again.
        // TODO: we need to figure a way how to avoid this loop
        //			if (limitations.isIgnore()) {
        //				String message = "Attempt to create shadow with ignored attribute "+attribute.getName();
        //				LOGGER.error(message);
        //				throw new SchemaException(message);
        //			}
        PropertyAccessType access = limitations.getAccess();
        if (access == null) {
            continue;
        }
        if (access.isRead() == null || !access.isRead()) {
            LOGGER.trace("Removing non-readable attribute {}", attrName);
            attributeContainer.remove(attribute);
        }
    }
    result.recordSuccess();
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) QName(javax.xml.namespace.QName) RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition) PropertyAccessType(com.evolveum.midpoint.xml.ns._public.common.common_3.PropertyAccessType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) PropertyLimitations(com.evolveum.midpoint.common.refinery.PropertyLimitations)

Example 17 with RefinedAttributeDefinition

use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.

the class AbstractIntegrationTest method createShadow.

protected PrismObject<ShadowType> createShadow(PrismObject<ResourceType> resource, String uid, String name) throws SchemaException {
    PrismObject<ShadowType> shadow = getShadowDefinition().instantiate();
    ShadowType shadowType = shadow.asObjectable();
    if (name != null) {
        shadowType.setName(PrismTestUtil.createPolyStringType(name));
    }
    ObjectReferenceType resourceRef = new ObjectReferenceType();
    resourceRef.setOid(resource.getOid());
    shadowType.setResourceRef(resourceRef);
    shadowType.setKind(ShadowKindType.ACCOUNT);
    RefinedResourceSchema refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resource);
    RefinedObjectClassDefinition objectClassDefinition = refinedSchema.getDefaultRefinedDefinition(ShadowKindType.ACCOUNT);
    shadowType.setObjectClass(objectClassDefinition.getTypeName());
    ResourceAttributeContainer attrContainer = ShadowUtil.getOrCreateAttributesContainer(shadow, objectClassDefinition);
    if (uid != null) {
        RefinedAttributeDefinition uidAttrDef = objectClassDefinition.findAttributeDefinition(new QName(SchemaConstants.NS_ICF_SCHEMA, "uid"));
        ResourceAttribute<String> uidAttr = uidAttrDef.instantiate();
        uidAttr.setRealValue(uid);
        attrContainer.add(uidAttr);
    }
    if (name != null) {
        RefinedAttributeDefinition nameAttrDef = objectClassDefinition.findAttributeDefinition(new QName(SchemaConstants.NS_ICF_SCHEMA, "name"));
        ResourceAttribute<String> nameAttr = nameAttrDef.instantiate();
        nameAttr.setRealValue(name);
        attrContainer.add(nameAttr);
    }
    return shadow;
}
Also used : RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition) QName(javax.xml.namespace.QName) RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) RefinedResourceSchema(com.evolveum.midpoint.common.refinery.RefinedResourceSchema) PolyString(com.evolveum.midpoint.prism.polystring.PolyString)

Example 18 with RefinedAttributeDefinition

use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.

the class TestAssignmentErrors method test010RefinedSchemaWhite.

@Test
public void test010RefinedSchemaWhite() throws Exception {
    final String TEST_NAME = "test010RefinedSchemaWhite";
    TestUtil.displayTestTile(TEST_NAME);
    // GIVEN
    // WHEN
    PrismObject<ResourceType> resourceWhite = getObject(ResourceType.class, RESOURCE_DUMMY_WHITE_OID);
    RefinedResourceSchema refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resourceWhite, prismContext);
    display("Refined schema", refinedSchema);
    RefinedObjectClassDefinition accountDef = refinedSchema.getDefaultRefinedDefinition(ShadowKindType.ACCOUNT);
    assertNotNull("Account definition is missing", accountDef);
    assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers());
    assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty());
    assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers());
    assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty());
    assertNotNull("No naming attribute in account", accountDef.getNamingAttribute());
    assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass()));
    assertEquals("Unexpected kind in account definition", ShadowKindType.ACCOUNT, accountDef.getKind());
    assertTrue("Account definition in not default", accountDef.isDefaultInAKind());
    assertEquals("Wrong intent in account definition", SchemaConstants.INTENT_DEFAULT, accountDef.getIntent());
    assertFalse("Account definition is deprecated", accountDef.isDeprecated());
    assertFalse("Account definition in auxiliary", accountDef.isAuxiliary());
    RefinedAttributeDefinition uidDef = accountDef.findAttributeDefinition(SchemaConstants.ICFS_UID);
    assertEquals(1, uidDef.getMaxOccurs());
    assertEquals(0, uidDef.getMinOccurs());
    assertFalse("No UID display name", StringUtils.isBlank(uidDef.getDisplayName()));
    assertFalse("UID has create", uidDef.canAdd());
    assertFalse("UID has update", uidDef.canModify());
    assertTrue("No UID read", uidDef.canRead());
    assertTrue("UID definition not in identifiers", accountDef.getPrimaryIdentifiers().contains(uidDef));
    RefinedAttributeDefinition nameDef = accountDef.findAttributeDefinition(SchemaConstants.ICFS_NAME);
    assertEquals(1, nameDef.getMaxOccurs());
    assertEquals(1, nameDef.getMinOccurs());
    assertFalse("No NAME displayName", StringUtils.isBlank(nameDef.getDisplayName()));
    assertTrue("No NAME create", nameDef.canAdd());
    assertTrue("No NAME update", nameDef.canModify());
    assertTrue("No NAME read", nameDef.canRead());
    assertTrue("NAME definition not in identifiers", accountDef.getSecondaryIdentifiers().contains(nameDef));
    RefinedAttributeDefinition fullnameDef = accountDef.findAttributeDefinition("fullname");
    assertNotNull("No definition for fullname", fullnameDef);
    assertEquals(1, fullnameDef.getMaxOccurs());
    assertEquals(1, fullnameDef.getMinOccurs());
    assertTrue("No fullname create", fullnameDef.canAdd());
    assertTrue("No fullname update", fullnameDef.canModify());
    assertTrue("No fullname read", fullnameDef.canRead());
    assertNull("The _PASSSWORD_ attribute sneaked into schema", accountDef.findAttributeDefinition(new QName(SchemaConstants.NS_ICF_SCHEMA, "password")));
}
Also used : RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition) QName(javax.xml.namespace.QName) RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition) ResourceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType) RefinedResourceSchema(com.evolveum.midpoint.common.refinery.RefinedResourceSchema) Test(org.testng.annotations.Test) AbstractInitializedModelIntegrationTest(com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)

Example 19 with RefinedAttributeDefinition

use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.

the class AbstractModelIntegrationTest method createAccount.

protected PrismObject<ShadowType> createAccount(PrismObject<ResourceType> resource, String name, boolean enabled) throws SchemaException {
    PrismObject<ShadowType> shadow = getShadowDefinition().instantiate();
    ShadowType shadowType = shadow.asObjectable();
    ObjectReferenceType resourceRef = new ObjectReferenceType();
    resourceRef.setOid(resource.getOid());
    shadowType.setResourceRef(resourceRef);
    RefinedResourceSchema refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resource);
    RefinedObjectClassDefinition objectClassDefinition = refinedSchema.getDefaultRefinedDefinition(ShadowKindType.ACCOUNT);
    shadowType.setObjectClass(objectClassDefinition.getTypeName());
    shadowType.setKind(ShadowKindType.ACCOUNT);
    ResourceAttributeContainer attrCont = ShadowUtil.getOrCreateAttributesContainer(shadow, objectClassDefinition);
    RefinedAttributeDefinition idSecondaryDef = objectClassDefinition.getSecondaryIdentifiers().iterator().next();
    ResourceAttribute icfsNameAttr = idSecondaryDef.instantiate();
    icfsNameAttr.setRealValue(name);
    attrCont.add(icfsNameAttr);
    ActivationType activation = new ActivationType();
    shadowType.setActivation(activation);
    if (enabled) {
        activation.setAdministrativeStatus(ActivationStatusType.ENABLED);
    } else {
        activation.setAdministrativeStatus(ActivationStatusType.DISABLED);
    }
    return shadow;
}
Also used : RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition) ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) ActivationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType) RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) RefinedResourceSchema(com.evolveum.midpoint.common.refinery.RefinedResourceSchema) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)

Example 20 with RefinedAttributeDefinition

use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.

the class ShadowManager method normalizeDelta.

public <T> void normalizeDelta(ItemDelta<PrismPropertyValue<T>, PrismPropertyDefinition<T>> delta, RefinedObjectClassDefinition objectClassDefinition) throws SchemaException {
    if (!ShadowType.F_ATTRIBUTES.equals(ItemPath.getName(delta.getPath().first()))) {
        return;
    }
    RefinedAttributeDefinition rAttrDef = objectClassDefinition.findAttributeDefinition(delta.getElementName());
    if (rAttrDef == null) {
        throw new SchemaException("Failed to normalize attribute: " + delta.getElementName() + ". Definition for this attribute doesn't exist.");
    }
    normalizeDelta(delta, rAttrDef);
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)

Aggregations

RefinedAttributeDefinition (com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)28 RefinedObjectClassDefinition (com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)12 QName (javax.xml.namespace.QName)10 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)8 RefinedResourceSchema (com.evolveum.midpoint.common.refinery.RefinedResourceSchema)6 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)5 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)5 PropertyLimitations (com.evolveum.midpoint.common.refinery.PropertyLimitations)4 PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)4 ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)4 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)4 PrismObject (com.evolveum.midpoint.prism.PrismObject)3 ItemDelta (com.evolveum.midpoint.prism.delta.ItemDelta)3 PropertyAccessType (com.evolveum.midpoint.xml.ns._public.common.common_3.PropertyAccessType)3 PrismPropertyDefinition (com.evolveum.midpoint.prism.PrismPropertyDefinition)2 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)2 ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)2 PrismAsserts.assertEqualsPolyString (com.evolveum.midpoint.prism.util.PrismAsserts.assertEqualsPolyString)2 SecurityViolationException (com.evolveum.midpoint.util.exception.SecurityViolationException)2 SystemException (com.evolveum.midpoint.util.exception.SystemException)2