use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.
the class AccessChecker method checkAdd.
public void checkAdd(ProvisioningContext ctx, PrismObject<ShadowType> shadow, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
OperationResult result = parentResult.createMinorSubresult(OPERATION_NAME);
ResourceAttributeContainer attributeCont = ShadowUtil.getAttributesContainer(shadow);
for (ResourceAttribute<?> attribute : attributeCont.getAttributes()) {
RefinedAttributeDefinition attrDef = ctx.getObjectClassDefinition().findAttributeDefinition(attribute.getElementName());
// schema layer is the original one.
if (attrDef == null) {
String msg = "No definition for attribute " + attribute.getElementName() + " in " + ctx.getObjectClassDefinition();
result.recordFatalError(msg);
throw new SchemaException(msg);
}
PropertyLimitations limitations = attrDef.getLimitations(LayerType.MODEL);
if (limitations == null) {
continue;
}
// We cannot throw error here. At least not now. Provisioning will internally use ignored attributes
// e.g. for simulated capabilities. This is not a problem for normal operations, but it is a problem
// for delayed operations (e.g. consistency) that are passing through this code again.
// TODO: we need to figure a way how to avoid this loop
// if (limitations.isIgnore()) {
// String message = "Attempt to create shadow with ignored attribute "+attribute.getName();
// LOGGER.error(message);
// throw new SchemaException(message);
// }
PropertyAccessType access = limitations.getAccess();
if (access == null) {
continue;
}
if (access.isAdd() == null || !access.isAdd()) {
String message = "Attempt to add shadow with non-createable attribute " + attribute.getElementName();
LOGGER.error(message);
result.recordFatalError(message);
throw new SecurityViolationException(message);
}
}
result.recordSuccess();
}
use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.
the class MidpointFunctionsImpl method countAccounts.
private <T> Integer countAccounts(ResourceType resourceType, QName attributeName, T attributeValue, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
RefinedResourceSchema rSchema = RefinedResourceSchemaImpl.getRefinedSchema(resourceType);
RefinedObjectClassDefinition rAccountDef = rSchema.getDefaultRefinedDefinition(ShadowKindType.ACCOUNT);
RefinedAttributeDefinition attrDef = rAccountDef.findAttributeDefinition(attributeName);
ObjectQuery query = QueryBuilder.queryFor(ShadowType.class, prismContext).itemWithDef(attrDef, ShadowType.F_ATTRIBUTES, attrDef.getName()).eq(attributeValue).and().item(ShadowType.F_OBJECT_CLASS).eq(rAccountDef.getObjectClassDefinition().getTypeName()).and().item(ShadowType.F_RESOURCE_REF).ref(resourceType.getOid()).build();
return modelObjectResolver.countObjects(ShadowType.class, query, null, task, result);
}
use of com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition in project midpoint by Evolveum.
the class PrismPropertyPanel method hasOutbound.
private boolean hasOutbound(IModel<IW> model) {
ItemWrapper wrapper = model.getObject();
// Item property = wrapper.getItem();
ItemDefinition def = wrapper.getItemDefinition();
if (!(def instanceof RefinedAttributeDefinition)) {
return false;
}
RefinedAttributeDefinition refinedDef = (RefinedAttributeDefinition) def;
return refinedDef.hasOutboundMapping();
}
Aggregations