Example 56 with RefinedObjectClassDefinition
use of com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition in project midpoint by Evolveum.
the class TestAssignmentErrors method test010RefinedSchemaWhite.
@Test
public void test010RefinedSchemaWhite() throws Exception {
final String TEST_NAME = "test010RefinedSchemaWhite";
TestUtil.displayTestTile(TEST_NAME);
// GIVEN
// WHEN
PrismObject<ResourceType> resourceWhite = getObject(ResourceType.class, RESOURCE_DUMMY_WHITE_OID);
RefinedResourceSchema refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resourceWhite, prismContext);
display("Refined schema", refinedSchema);
RefinedObjectClassDefinition accountDef = refinedSchema.getDefaultRefinedDefinition(ShadowKindType.ACCOUNT);
assertNotNull("Account definition is missing", accountDef);
assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers());
assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty());
assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers());
assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty());
assertNotNull("No naming attribute in account", accountDef.getNamingAttribute());
assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass()));
assertEquals("Unexpected kind in account definition", ShadowKindType.ACCOUNT, accountDef.getKind());
assertTrue("Account definition in not default", accountDef.isDefaultInAKind());
assertEquals("Wrong intent in account definition", SchemaConstants.INTENT_DEFAULT, accountDef.getIntent());
assertFalse("Account definition is deprecated", accountDef.isDeprecated());
assertFalse("Account definition in auxiliary", accountDef.isAuxiliary());
RefinedAttributeDefinition uidDef = accountDef.findAttributeDefinition(SchemaConstants.ICFS_UID);
assertEquals(1, uidDef.getMaxOccurs());
assertEquals(0, uidDef.getMinOccurs());
assertFalse("No UID display name", StringUtils.isBlank(uidDef.getDisplayName()));
assertFalse("UID has create", uidDef.canAdd());
assertFalse("UID has update", uidDef.canModify());
assertTrue("No UID read", uidDef.canRead());
assertTrue("UID definition not in identifiers", accountDef.getPrimaryIdentifiers().contains(uidDef));
RefinedAttributeDefinition nameDef = accountDef.findAttributeDefinition(SchemaConstants.ICFS_NAME);
assertEquals(1, nameDef.getMaxOccurs());
assertEquals(1, nameDef.getMinOccurs());
assertFalse("No NAME displayName", StringUtils.isBlank(nameDef.getDisplayName()));
assertTrue("No NAME create", nameDef.canAdd());
assertTrue("No NAME update", nameDef.canModify());
assertTrue("No NAME read", nameDef.canRead());
assertTrue("NAME definition not in identifiers", accountDef.getSecondaryIdentifiers().contains(nameDef));
RefinedAttributeDefinition fullnameDef = accountDef.findAttributeDefinition("fullname");
assertNotNull("No definition for fullname", fullnameDef);
assertEquals(1, fullnameDef.getMaxOccurs());
assertEquals(1, fullnameDef.getMinOccurs());
assertTrue("No fullname create", fullnameDef.canAdd());
assertTrue("No fullname update", fullnameDef.canModify());
assertTrue("No fullname read", fullnameDef.canRead());
assertNull("The _PASSSWORD_ attribute sneaked into schema", accountDef.findAttributeDefinition(new QName(SchemaConstants.NS_ICF_SCHEMA, "password")));
}
Also used :
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
QName(javax.xml.namespace.QName)
RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)
ResourceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType)
RefinedResourceSchema(com.evolveum.midpoint.common.refinery.RefinedResourceSchema)
Test(org.testng.annotations.Test)
AbstractInitializedModelIntegrationTest(com.evolveum.midpoint.model.intest.AbstractInitializedModelIntegrationTest)
Example 57 with RefinedObjectClassDefinition
use of com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition in project midpoint by Evolveum.
the class TestSecurityBasic method test255AutzJackSelfAccountsReadWrite.
@Test
public void test255AutzJackSelfAccountsReadWrite() throws Exception {
final String TEST_NAME = "test255AutzJackSelfAccountsReadWrite";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
cleanupAutzTest(USER_JACK_OID);
assignRole(USER_JACK_OID, ROLE_SELF_ACCOUNTS_READ_WRITE_OID);
assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
login(USER_JACK_USERNAME);
// WHEN
TestUtil.displayWhen(TEST_NAME);
assertGetAllow(UserType.class, USER_JACK_OID);
assertGetDeny(UserType.class, USER_GUYBRUSH_OID);
assertAddDeny();
assertModifyAllow(UserType.class, USER_JACK_OID, UserType.F_HONORIFIC_PREFIX, PrismTestUtil.createPolyString("Captain"));
assertModifyDeny(UserType.class, USER_GUYBRUSH_OID, UserType.F_HONORIFIC_PREFIX, PrismTestUtil.createPolyString("Pirate"));
assertDeleteDeny();
assertDeleteDeny(UserType.class, USER_JACK_OID);
PrismObject<UserType> user = getUser(USER_JACK_OID);
String accountOid = getSingleLinkOid(user);
assertGetAllow(ShadowType.class, accountOid);
PrismObject<ShadowType> shadow = getObject(ShadowType.class, accountOid);
display("Jack's shadow", shadow);
RefinedObjectClassDefinition rOcDef = modelInteractionService.getEditObjectClassDefinition(shadow, getDummyResourceObject(), null);
display("Refined objectclass def", rOcDef);
assertAttributeFlags(rOcDef, SchemaConstants.ICFS_UID, true, false, false);
assertAttributeFlags(rOcDef, SchemaConstants.ICFS_NAME, true, true, true);
// Not linked to jack
assertGetDeny(ShadowType.class, ACCOUNT_SHADOW_ELAINE_DUMMY_OID);
// Not linked to jack
assertAddDeny(ACCOUNT_JACK_DUMMY_RED_FILE);
// Not even jack's account
assertAddDeny(ACCOUNT_GUYBRUSH_DUMMY_FILE);
// Linked to jack
assertAllow("add jack's account to jack", (task, result) -> modifyUserAddAccount(USER_JACK_OID, ACCOUNT_JACK_DUMMY_RED_FILE, task, result));
user = getUser(USER_JACK_OID);
display("Jack after red account link", user);
String accountRedOid = getLinkRefOid(user, RESOURCE_DUMMY_RED_OID);
assertNotNull("Strange, red account not linked to jack", accountRedOid);
// Linked to other user
assertDeny("add gyubrush's account", (task, result) -> modifyUserAddAccount(USER_LARGO_OID, ACCOUNT_HERMAN_DUMMY_FILE, task, result));
assertDeleteAllow(ShadowType.class, accountRedOid);
assertDeleteDeny(ShadowType.class, ACCOUNT_SHADOW_ELAINE_DUMMY_OID);
assertGlobalStateUntouched();
}
Also used :
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
Test(org.testng.annotations.Test)
Example 58 with RefinedObjectClassDefinition
use of com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition in project midpoint by Evolveum.
the class AbstractModelIntegrationTest method createAccount.
protected PrismObject<ShadowType> createAccount(PrismObject<ResourceType> resource, String name, boolean enabled) throws SchemaException {
PrismObject<ShadowType> shadow = getShadowDefinition().instantiate();
ShadowType shadowType = shadow.asObjectable();
ObjectReferenceType resourceRef = new ObjectReferenceType();
resourceRef.setOid(resource.getOid());
shadowType.setResourceRef(resourceRef);
RefinedResourceSchema refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resource);
RefinedObjectClassDefinition objectClassDefinition = refinedSchema.getDefaultRefinedDefinition(ShadowKindType.ACCOUNT);
shadowType.setObjectClass(objectClassDefinition.getTypeName());
shadowType.setKind(ShadowKindType.ACCOUNT);
ResourceAttributeContainer attrCont = ShadowUtil.getOrCreateAttributesContainer(shadow, objectClassDefinition);
RefinedAttributeDefinition idSecondaryDef = objectClassDefinition.getSecondaryIdentifiers().iterator().next();
ResourceAttribute icfsNameAttr = idSecondaryDef.instantiate();
icfsNameAttr.setRealValue(name);
attrCont.add(icfsNameAttr);
ActivationType activation = new ActivationType();
shadowType.setActivation(activation);
if (enabled) {
activation.setAdministrativeStatus(ActivationStatusType.ENABLED);
} else {
activation.setAdministrativeStatus(ActivationStatusType.DISABLED);
}
return shadow;
}
Also used :
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
ActivationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType)
RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)
ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)
RefinedResourceSchema(com.evolveum.midpoint.common.refinery.RefinedResourceSchema)
ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)
Example 59 with RefinedObjectClassDefinition
use of com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition in project midpoint by Evolveum.
the class ShadowManager method createSearchShadowQuery.
private ObjectQuery createSearchShadowQuery(ProvisioningContext ctx, Collection<ResourceAttribute<?>> identifiers, boolean primaryIdentifiersOnly, PrismContext prismContext, OperationResult parentResult) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
S_AtomicFilterEntry q = QueryBuilder.queryFor(ShadowType.class, prismContext);
RefinedObjectClassDefinition objectClassDefinition = ctx.getObjectClassDefinition();
for (PrismProperty<?> identifier : identifiers) {
RefinedAttributeDefinition rAttrDef;
PrismPropertyValue<?> identifierValue = identifier.getValue();
if (objectClassDefinition == null) {
// If there is no specific object class definition then the identifier definition
// must be the same in all object classes and that means that we can use
// definition from any of them.
RefinedObjectClassDefinition anyDefinition = ctx.getRefinedSchema().getRefinedDefinitions().iterator().next();
rAttrDef = anyDefinition.findAttributeDefinition(identifier.getElementName());
if (primaryIdentifiersOnly && !anyDefinition.isPrimaryIdentifier(identifier.getElementName())) {
continue;
}
} else {
if (primaryIdentifiersOnly && !objectClassDefinition.isPrimaryIdentifier(identifier.getElementName())) {
continue;
}
rAttrDef = objectClassDefinition.findAttributeDefinition(identifier.getElementName());
}
String normalizedIdentifierValue = (String) getNormalizedAttributeValue(identifierValue, rAttrDef);
PrismPropertyDefinition<String> def = (PrismPropertyDefinition<String>) identifier.getDefinition();
q = q.itemWithDef(def, ShadowType.F_ATTRIBUTES, def.getName()).eq(normalizedIdentifierValue).and();
}
if (identifiers.size() < 1) {
throw new SchemaException("Identifier not specified. Cannot create search query by identifier.");
}
if (objectClassDefinition != null) {
q = q.item(ShadowType.F_OBJECT_CLASS).eq(objectClassDefinition.getTypeName()).and();
}
return q.item(ShadowType.F_RESOURCE_REF).ref(ctx.getResourceOid()).build();
}
Also used :
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
PrismPropertyDefinition(com.evolveum.midpoint.prism.PrismPropertyDefinition)
RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)
S_AtomicFilterEntry(com.evolveum.midpoint.prism.query.builder.S_AtomicFilterEntry)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Example 60 with RefinedObjectClassDefinition
use of com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition in project midpoint by Evolveum.
the class ShadowManager method processQueryMatchingRules.
/**
* Visit the query and normalize values (or set matching rules) as needed
*/
private void processQueryMatchingRules(ObjectQuery repoQuery, final RefinedObjectClassDefinition objectClassDef) {
ObjectFilter filter = repoQuery.getFilter();
Visitor visitor = f -> {
try {
processQueryMatchingRuleFilter(f, objectClassDef);
} catch (SchemaException e) {
throw new SystemException(e);
}
};
filter.accept(visitor);
}
Also used :
PrismValue(com.evolveum.midpoint.prism.PrismValue)
ObjectDeltaType(com.evolveum.prism.xml.ns._public.types_3.ObjectDeltaType)
Arrays(java.util.Arrays)
ChangeType(com.evolveum.midpoint.prism.delta.ChangeType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)
AsynchronousOperationReturnValue(com.evolveum.midpoint.schema.result.AsynchronousOperationReturnValue)
MiscSchemaUtil(com.evolveum.midpoint.schema.util.MiscSchemaUtil)
S_AtomicFilterEntry(com.evolveum.midpoint.prism.query.builder.S_AtomicFilterEntry)
SelectorOptions(com.evolveum.midpoint.schema.SelectorOptions)
ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta)
PrismProperty(com.evolveum.midpoint.prism.PrismProperty)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Collection(java.util.Collection)
MiscUtil(com.evolveum.midpoint.util.MiscUtil)
ObjectAlreadyExistsException(com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException)
MatchingRuleRegistry(com.evolveum.midpoint.prism.match.MatchingRuleRegistry)
S_FilterEntry(com.evolveum.midpoint.prism.query.builder.S_FilterEntry)
List(java.util.List)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
PolyStringType(com.evolveum.prism.xml.ns._public.types_3.PolyStringType)
RefinedAssociationDefinition(com.evolveum.midpoint.common.refinery.RefinedAssociationDefinition)
PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta)
CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException)
SearchResultMetadata(com.evolveum.midpoint.schema.SearchResultMetadata)
QName(javax.xml.namespace.QName)
Clock(com.evolveum.midpoint.common.Clock)
com.evolveum.midpoint.xml.ns._public.common.common_3(com.evolveum.midpoint.xml.ns._public.common.common_3)
Item(com.evolveum.midpoint.prism.Item)
EqualFilter(com.evolveum.midpoint.prism.query.EqualFilter)
PrismContainer(com.evolveum.midpoint.prism.PrismContainer)
SchemaConstants(com.evolveum.midpoint.schema.constants.SchemaConstants)
ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
Trace(com.evolveum.midpoint.util.logging.Trace)
TaskManager(com.evolveum.midpoint.task.api.TaskManager)
DebugUtil(com.evolveum.midpoint.util.DebugUtil)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException)
ArrayList(java.util.ArrayList)
ItemDelta(com.evolveum.midpoint.prism.delta.ItemDelta)
SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)
ObjectTypeUtil(com.evolveum.midpoint.schema.util.ObjectTypeUtil)
SchemaDebugUtil(com.evolveum.midpoint.schema.util.SchemaDebugUtil)
DeltaConvertor(com.evolveum.midpoint.schema.DeltaConvertor)
PrismContext(com.evolveum.midpoint.prism.PrismContext)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
RepositoryService(com.evolveum.midpoint.repo.api.RepositoryService)
Containerable(com.evolveum.midpoint.prism.Containerable)
RefinedAttributeDefinition(com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)
ContainerDelta(com.evolveum.midpoint.prism.delta.ContainerDelta)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
DeltaBuilder(com.evolveum.midpoint.prism.delta.builder.DeltaBuilder)
PrismPropertyDefinition(com.evolveum.midpoint.prism.PrismPropertyDefinition)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
Change(com.evolveum.midpoint.provisioning.ucf.api.Change)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
ResourceOperationDescription(com.evolveum.midpoint.provisioning.api.ResourceOperationDescription)
QueryBuilder(com.evolveum.midpoint.prism.query.builder.QueryBuilder)
Component(org.springframework.stereotype.Component)
MatchingRule(com.evolveum.midpoint.prism.match.MatchingRule)
PrismContainerValue(com.evolveum.midpoint.prism.PrismContainerValue)
Visitor(com.evolveum.midpoint.prism.query.Visitor)
ProvisioningUtil(com.evolveum.midpoint.provisioning.util.ProvisioningUtil)
ShadowUtil(com.evolveum.midpoint.schema.util.ShadowUtil)
GetOperationOptions(com.evolveum.midpoint.schema.GetOperationOptions)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
TraceManager(com.evolveum.midpoint.util.logging.TraceManager)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
Visitor(com.evolveum.midpoint.prism.query.Visitor)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
Aggregations
RefinedObjectClassDefinition (com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)72
RefinedResourceSchema (com.evolveum.midpoint.common.refinery.RefinedResourceSchema)33
QName (javax.xml.namespace.QName)28
ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)20
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)18
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)17
RefinedAttributeDefinition (com.evolveum.midpoint.common.refinery.RefinedAttributeDefinition)13
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)13
ArrayList (java.util.ArrayList)13
Test (org.testng.annotations.Test)12
PrismObject (com.evolveum.midpoint.prism.PrismObject)10
ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)9
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)8
Task (com.evolveum.midpoint.task.api.Task)8
ConfigurationException (com.evolveum.midpoint.util.exception.ConfigurationException)8
PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)7
ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)7
SystemException (com.evolveum.midpoint.util.exception.SystemException)7
Collection (java.util.Collection)7
RefinedAssociationDefinition (com.evolveum.midpoint.common.refinery.RefinedAssociationDefinition)6
