Examples with EvaluatedPolicyRule com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule used on opensource projects

Search in sources :

Example 1 with EvaluatedPolicyRule

use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.

the class PolicyRuleBasedAspect method createInstructionFromAssignment.

private PcpChildWfTaskCreationInstruction<ItemApprovalSpecificContent> createInstructionFromAssignment(EvaluatedAssignment<?> evaluatedAssignment, PlusMinusZero plusMinusZero, @NotNull ObjectTreeDeltas<?> objectTreeDeltas, PrismObject<UserType> requester, ModelInvocationContext ctx, OperationResult result) throws SchemaException {
    assert plusMinusZero == PlusMinusZero.PLUS || plusMinusZero == PlusMinusZero.MINUS;
    // We collect all target rules; hoping that only relevant ones are triggered.
    // For example, if we have assignment policy rule on induced role, it will get here.
    // But projector will take care not to trigger it unless the rule is capable (e.g. configured)
    // to be triggered in such a situation
    List<EvaluatedPolicyRule> triggeredApprovalActionRules = getApprovalActionRules(evaluatedAssignment.getAllTargetsPolicyRules());
    logApprovalActions(evaluatedAssignment, triggeredApprovalActionRules, plusMinusZero);
    // Currently we can deal only with assignments that have a specific target
    PrismObject<?> targetObject = evaluatedAssignment.getTarget();
    if (targetObject == null) {
        if (!triggeredApprovalActionRules.isEmpty()) {
            throw new IllegalStateException("No target in " + evaluatedAssignment + ", but with " + triggeredApprovalActionRules.size() + " triggered approval action rule(s)");
        } else {
            return null;
        }
    }
    // Let's construct the approval schema plus supporting triggered approval policy rule information
    ApprovalSchemaBuilder.Result approvalSchemaResult = createSchemaWithRules(triggeredApprovalActionRules, plusMinusZero, evaluatedAssignment, ctx, result);
    if (approvalSchemaHelper.shouldBeSkipped(approvalSchemaResult.schemaType)) {
        return null;
    }
    // Cut assignment from delta, prepare task instruction
    @SuppressWarnings("unchecked") PrismContainerValue<AssignmentType> assignmentValue = evaluatedAssignment.getAssignmentType().asPrismContainerValue();
    boolean assignmentRemoved;
    switch(plusMinusZero) {
        case PLUS:
            assignmentRemoved = false;
            break;
        case MINUS:
            assignmentRemoved = true;
            break;
        default:
            throw new UnsupportedOperationException("Processing assignment zero set is not yet supported.");
    }
    boolean removed = objectTreeDeltas.subtractFromFocusDelta(new ItemPath(FocusType.F_ASSIGNMENT), assignmentValue, assignmentRemoved, false);
    if (!removed) {
        ObjectDelta<?> secondaryDelta = ctx.modelContext.getFocusContext().getSecondaryDelta();
        if (secondaryDelta != null && secondaryDelta.subtract(new ItemPath(FocusType.F_ASSIGNMENT), assignmentValue, assignmentRemoved, true)) {
            LOGGER.trace("Assignment to be added/deleted was not found in primary delta. It is present in secondary delta, so there's nothing to be approved.");
            return null;
        }
        String message = "Assignment to be added/deleted was not found in primary nor secondary delta." + "\nAssignment:\n" + assignmentValue.debugDump() + "\nPrimary delta:\n" + objectTreeDeltas.debugDump();
        throw new IllegalStateException(message);
    }
    ObjectDelta<? extends ObjectType> focusDelta = objectTreeDeltas.getFocusChange();
    if (focusDelta.isAdd()) {
        miscDataUtil.generateFocusOidIfNeeded(ctx.modelContext, focusDelta);
    }
    return prepareAssignmentRelatedTaskInstruction(approvalSchemaResult, evaluatedAssignment, assignmentRemoved, ctx.modelContext, requester, result);
}
Also used : EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 2 with EvaluatedPolicyRule

use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.

the class PolicyRuleBasedAspect method extractObjectBasedInstructions.

private void extractObjectBasedInstructions(@NotNull ObjectTreeDeltas objectTreeDeltas, PrismObject<UserType> requester, List<PcpChildWfTaskCreationInstruction> instructions, ModelInvocationContext ctx, @NotNull OperationResult result) throws SchemaException {
    ObjectDelta<?> focusDelta = objectTreeDeltas.getFocusChange();
    LensFocusContext<?> focusContext = (LensFocusContext<?>) ctx.modelContext.getFocusContext();
    PrismObject<?> object = focusContext.getObjectOld() != null ? focusContext.getObjectOld() : focusContext.getObjectNew();
    Map<Set<ItemPath>, ApprovalSchemaBuilder> schemaBuilders = new HashMap<>();
    List<EvaluatedPolicyRule> approvalActionRules = getApprovalActionRules(focusContext.getPolicyRules());
    LOGGER.trace("extractObjectBasedInstructions: approvalActionRules:\n{}", DebugUtil.debugDumpLazily(approvalActionRules));
    for (EvaluatedPolicyRule rule : approvalActionRules) {
        Set<ItemPath> key;
        if (focusDelta.isAdd() || focusDelta.isDelete()) {
            key = Collections.emptySet();
        } else {
            Set<ItemPath> items = getAffectedItems(rule.getTriggers());
            Set<ItemPath> affectedItems;
            if (!items.isEmpty()) {
                // all items in triggered constraints were modified (that's how the constraints work)
                affectedItems = items;
            } else {
                // whole object
                affectedItems = new HashSet<>(focusDelta.getModifiedItems());
            }
            key = affectedItems;
        }
        ApprovalSchemaBuilder builder = schemaBuilders.computeIfAbsent(key, k -> new ApprovalSchemaBuilder(this, approvalSchemaHelper));
        ApprovalPolicyActionType approvalAction = rule.getActions().getApproval();
        builder.add(getSchemaFromAction(approvalAction), approvalAction.getCompositionStrategy(), object, rule);
    }
    // default rule
    if (approvalActionRules.isEmpty() && baseConfigurationHelper.getUseDefaultApprovalPolicyRules(ctx.wfConfiguration) != DefaultApprovalPolicyRulesUsageType.NEVER) {
        ApprovalSchemaBuilder builder = new ApprovalSchemaBuilder(this, approvalSchemaHelper);
        if (builder.addPredefined(object, SchemaConstants.ORG_OWNER, result)) {
            LOGGER.trace("Added default approval action, as no explicit one was found");
            schemaBuilders.put(Collections.emptySet(), builder);
        }
    }
    // create approval requests; also test for overlaps
    Set<ItemPath> itemsProcessed = null;
    for (Map.Entry<Set<ItemPath>, ApprovalSchemaBuilder> entry : schemaBuilders.entrySet()) {
        ApprovalSchemaBuilder.Result builderResult = entry.getValue().buildSchema(ctx, result);
        if (approvalSchemaHelper.shouldBeSkipped(builderResult.schemaType)) {
            continue;
        }
        Set<ItemPath> items = entry.getKey();
        if (itemsProcessed != null) {
            if (items.isEmpty() || itemsProcessed.isEmpty() || CollectionUtils.containsAny(itemsProcessed, items)) {
                throw new IllegalStateException("Overlapping modification-related policy rules. " + "Items processed = " + itemsProcessed + ", current items = " + items);
            }
            itemsProcessed.addAll(items);
        } else {
            itemsProcessed = items;
        }
        instructions.add(prepareObjectRelatedTaskInstruction(builderResult, focusDelta, items, ctx.modelContext, requester, result));
    }
}
Also used : EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule) LensFocusContext(com.evolveum.midpoint.model.impl.lens.LensFocusContext) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 3 with EvaluatedPolicyRule

use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.

the class NotificationChangeHook method emitPolicyRulesEvents.

private void emitPolicyRulesEvents(ModelContext<?> context, Task task, OperationResult result) {
    LensFocusContext<?> focusContext = (LensFocusContext<?>) context.getFocusContext();
    for (EvaluatedPolicyRule rule : focusContext.getPolicyRules()) {
        emitPolicyEventIfPresent(rule, context, task, result);
    }
    DeltaSetTriple<EvaluatedAssignmentImpl<?>> triple = ((LensContext<?>) context).getEvaluatedAssignmentTriple();
    if (triple != null) {
        for (EvaluatedAssignment<?> assignment : triple.getNonNegativeValues()) {
            for (EvaluatedPolicyRule rule : assignment.getAllTargetsPolicyRules()) {
                emitPolicyEventIfPresent(rule, context, task, result);
            }
        }
    }
}
Also used : EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule) EvaluatedAssignmentImpl(com.evolveum.midpoint.model.impl.lens.EvaluatedAssignmentImpl) LensContext(com.evolveum.midpoint.model.impl.lens.LensContext) LensFocusContext(com.evolveum.midpoint.model.impl.lens.LensFocusContext)

Example 4 with EvaluatedPolicyRule

use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.

the class AssignmentPolicyAspectPart method createSchemaWithRules.

private ApprovalSchemaBuilder.Result createSchemaWithRules(List<EvaluatedPolicyRule> triggeredApprovalRules, @NotNull EvaluatedAssignment<?> evaluatedAssignment, ModelInvocationContext<?> ctx, OperationResult result) throws SchemaException {
    PrismObject<?> targetObject = evaluatedAssignment.getTarget();
    ApprovalSchemaBuilder builder = new ApprovalSchemaBuilder(main, approvalSchemaHelper);
    // default policy action (only if adding)
    if (triggeredApprovalRules.isEmpty() && evaluatedAssignment.isBeingAdded() && configurationHelper.getUseDefaultApprovalPolicyRules(ctx.wfConfiguration) != DefaultApprovalPolicyRulesUsageType.NEVER) {
        if (builder.addPredefined(targetObject, RelationKindType.APPROVER, result)) {
            LOGGER.trace("Added default approval action, as no explicit one was found for {}", evaluatedAssignment);
        }
    }
    // (3) actions from triggered rules
    for (EvaluatedPolicyRule approvalRule : triggeredApprovalRules) {
        for (ApprovalPolicyActionType approvalAction : approvalRule.getEnabledActions(ApprovalPolicyActionType.class)) {
            builder.add(main.getSchemaFromAction(approvalAction), approvalAction, targetObject, approvalRule);
        }
    }
    return builder.buildSchema(ctx, result);
}
Also used : EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)

Example 5 with EvaluatedPolicyRule

use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.

the class DashboardServiceImpl method generateNumberMessageForCollection.

private String generateNumberMessageForCollection(DashboardWidgetType widget, DashboardWidget data, Task task, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException, ObjectNotFoundException {
    CollectionRefSpecificationType collectionSpec = getCollectionRefSpecificationType(widget, task, result);
    if (collectionSpec != null) {
        CompiledObjectCollectionView compiledCollection = modelInteractionService.compileObjectCollectionView(collectionSpec, null, task, task.getResult());
        CollectionStats collStats = modelInteractionService.determineCollectionStats(compiledCollection, task, result);
        // getObjectCount(valueCollection, true, task, result);
        Integer value = collStats.getObjectCount();
        Integer domainValue = collStats.getDomainCount();
        IntegerStatType statType = generateIntegerStat(value, domainValue);
        Collection<EvaluatedPolicyRule> evalPolicyRules = new ArrayList<>();
        if (collectionSpec.getCollectionRef() != null && QNameUtil.match(ObjectCollectionType.COMPLEX_TYPE, collectionSpec.getCollectionRef().getType())) {
            ObjectCollectionType valueCollection = getObjectCollectionType(widget, task, result);
            evalPolicyRules = modelInteractionService.evaluateCollectionPolicyRules(valueCollection.asPrismObject(), compiledCollection, null, task, task.getResult());
        }
        Collection<String> policySituations = new ArrayList<>();
        for (EvaluatedPolicyRule evalPolicyRule : evalPolicyRules) {
            if (!evalPolicyRule.getAllTriggers().isEmpty()) {
                policySituations.add(evalPolicyRule.getPolicySituation());
            }
        }
        return generateNumberMessage(widget, createVariables(null, statType, policySituations, null), data);
    } else {
        LOGGER.error("CollectionRefSpecificationType is null in widget " + widget.getIdentifier());
    }
    return null;
}
Also used : EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule) CompiledObjectCollectionView(com.evolveum.midpoint.model.api.authentication.CompiledObjectCollectionView) CollectionStats(com.evolveum.midpoint.model.api.CollectionStats)

Aggregations

EvaluatedPolicyRule (com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)23 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)9 Task (com.evolveum.midpoint.task.api.Task)5 Test (org.testng.annotations.Test)5 EvaluatedSituationTrigger (com.evolveum.midpoint.model.api.context.EvaluatedSituationTrigger)3 LensContext (com.evolveum.midpoint.model.impl.lens.LensContext)3 LensFocusContext (com.evolveum.midpoint.model.impl.lens.LensFocusContext)3 AssignmentPolicyRuleEvaluationContext (com.evolveum.midpoint.model.impl.lens.projector.policy.AssignmentPolicyRuleEvaluationContext)3 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)3 PolicySituationPolicyConstraintType (com.evolveum.midpoint.xml.ns._public.common.common_3.PolicySituationPolicyConstraintType)3 List (java.util.List)3 Collectors (java.util.stream.Collectors)3 CompiledObjectCollectionView (com.evolveum.midpoint.model.api.authentication.CompiledObjectCollectionView)2 EvaluatedAssignmentImpl (com.evolveum.midpoint.model.impl.lens.EvaluatedAssignmentImpl)2 EvaluatedPolicyRuleImpl (com.evolveum.midpoint.model.impl.lens.EvaluatedPolicyRuleImpl)2 EvaluatedAssignmentImpl (com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl)2 PolicyRuleEvaluationContext (com.evolveum.midpoint.model.impl.lens.projector.policy.PolicyRuleEvaluationContext)2 RecordingProgressListener (com.evolveum.midpoint.model.impl.util.RecordingProgressListener)2 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)2 SchemaConstants (com.evolveum.midpoint.schema.constants.SchemaConstants)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial