Example 6 with EvaluatedPolicyRule
use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.
the class PolicyStateRecorder method compute.
private ComputationResult compute(@NotNull List<EvaluatedPolicyRule> rulesToRecord, @NotNull List<String> existingPolicySituation, @NotNull List<EvaluatedPolicyRuleType> existingTriggeredPolicyRule) {
ComputationResult cr = new ComputationResult();
for (EvaluatedPolicyRule rule : rulesToRecord) {
cr.newPolicySituations.add(rule.getPolicySituation());
RecordPolicyActionType recordAction = rule.getEnabledAction(RecordPolicyActionType.class);
if (recordAction.getPolicyRules() != TriggeredPolicyRulesStorageStrategyType.NONE) {
PolicyRuleExternalizationOptions externalizationOptions = new PolicyRuleExternalizationOptions(recordAction.getPolicyRules(), false, true);
rule.addToEvaluatedPolicyRuleBeans(cr.newTriggeredRules, externalizationOptions, null, prismContext);
}
}
cr.oldPolicySituations.addAll(existingPolicySituation);
cr.oldTriggeredRules.addAll(existingTriggeredPolicyRule);
cr.situationsNeedUpdate = !Objects.equals(cr.oldPolicySituations, cr.newPolicySituations);
// hope hashCode is computed well
cr.rulesNeedUpdate = !Objects.equals(cr.oldTriggeredRules, cr.newTriggeredRules);
return cr;
}
Also used :
EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)
PolicyRuleExternalizationOptions(com.evolveum.midpoint.model.api.context.PolicyRuleExternalizationOptions)
Example 7 with EvaluatedPolicyRule
use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.
the class PolicySituationConstraintEvaluator method evaluate.
@Override
public <AH extends AssignmentHolderType> EvaluatedSituationTrigger evaluate(@NotNull JAXBElement<PolicySituationPolicyConstraintType> constraint, @NotNull PolicyRuleEvaluationContext<AH> rctx, OperationResult parentResult) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
OperationResult result = parentResult.subresult(OP_EVALUATE).setMinor().build();
try {
// "situation" constraint is present directly on it.
if (rctx instanceof AssignmentPolicyRuleEvaluationContext && !((AssignmentPolicyRuleEvaluationContext) rctx).isDirect) {
return null;
}
// Single pass only (for the time being)
PolicySituationPolicyConstraintType situationConstraint = constraint.getValue();
Collection<EvaluatedPolicyRule> sourceRules = selectTriggeredRules(rctx, situationConstraint.getSituation());
if (sourceRules.isEmpty()) {
return null;
}
return new EvaluatedSituationTrigger(situationConstraint, createMessage(sourceRules, constraint, rctx, result), createShortMessage(sourceRules, constraint, rctx, result), sourceRules);
} catch (Throwable t) {
result.recordFatalError(t.getMessage(), t);
throw t;
} finally {
result.computeStatusIfUnknown();
}
}
Also used :
EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)
AssignmentPolicyRuleEvaluationContext(com.evolveum.midpoint.model.impl.lens.projector.policy.AssignmentPolicyRuleEvaluationContext)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
EvaluatedSituationTrigger(com.evolveum.midpoint.model.api.context.EvaluatedSituationTrigger)
PolicySituationPolicyConstraintType(com.evolveum.midpoint.xml.ns._public.common.common_3.PolicySituationPolicyConstraintType)
Example 8 with EvaluatedPolicyRule
use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.
the class TestCollections method test122EvaluateRulesOneDisabled.
@Test
public void test122EvaluateRulesOneDisabled() throws Exception {
// GIVEN
Task task = getTestTask();
OperationResult result = task.getResult();
// WHEN
when();
Collection<EvaluatedPolicyRule> evaluatedRules = modelInteractionService.evaluateCollectionPolicyRules(collectionActiveUsers, collectionViewActiveUsers, null, task, result);
// THEN
then();
assertSuccess(result);
assertEvaluatedPolicyRules(evaluatedRules, collectionActiveUsers).single().assertPolicySituation(POLICY_SITUATION_TOO_MANY_INACTIVE_USERS).singleTrigger().assertConstraintKind(PolicyConstraintKindType.COLLECTION_STATS);
}
Also used :
EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)
Task(com.evolveum.midpoint.task.api.Task)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
Test(org.testng.annotations.Test)
Example 9 with EvaluatedPolicyRule
use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.
the class TestObjectLifecycleAdvanced method test030ActivateIncompleteRoleAgain.
/**
* This time let's fill-in the description as well.
*/
@Test
public void test030ActivateIncompleteRoleAgain() throws Exception {
login(userAdministrator);
Task task = getTestTask();
OperationResult result = getTestOperationResult();
@SuppressWarnings({ "raw" }) ObjectDelta<RoleType> activateRoleDelta = prismContext.deltaFor(RoleType.class).item(RoleType.F_LIFECYCLE_STATE).replace(SchemaConstants.LIFECYCLE_ACTIVE).item(RoleType.F_DESCRIPTION).replace("hi").asObjectDelta(roleEmployeeOid);
RecordingProgressListener recordingListener = new RecordingProgressListener();
try {
modelService.executeChanges(Collections.singleton(activateRoleDelta), null, task, Collections.singleton(recordingListener), result);
fail("unexpected success");
} catch (PolicyViolationException e) {
System.out.println("Got expected exception: " + e.getMessage());
}
// noinspection unchecked
LensContext<RoleType> context = (LensContext<RoleType>) recordingListener.getModelContext();
System.out.println(context.dumpFocusPolicyRules(0));
EvaluatedPolicyRule incompleteActivationRule = context.getFocusContext().getObjectPolicyRules().stream().filter(rule -> "disallow-incomplete-role-activation".equals(rule.getName())).findFirst().orElseThrow(() -> new AssertionError("rule not found"));
assertEquals("Wrong # of triggers in incompleteActivationRule", 2, incompleteActivationRule.getTriggers().size());
}
Also used :
EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)
ExpectedTask(com.evolveum.midpoint.wf.impl.ExpectedTask)
Task(com.evolveum.midpoint.task.api.Task)
RecordingProgressListener(com.evolveum.midpoint.model.impl.util.RecordingProgressListener)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
PolicyViolationException(com.evolveum.midpoint.util.exception.PolicyViolationException)
LensContext(com.evolveum.midpoint.model.impl.lens.LensContext)
Test(org.testng.annotations.Test)
Example 10 with EvaluatedPolicyRule
use of com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule in project midpoint by Evolveum.
the class PolicyRuleBasedAspect method logApprovalActions.
private void logApprovalActions(EvaluatedAssignment<?> newAssignment, List<EvaluatedPolicyRule> triggeredApprovalActionRules, PlusMinusZero plusMinusZero) {
if (LOGGER.isDebugEnabled() && !triggeredApprovalActionRules.isEmpty()) {
LOGGER.trace("-------------------------------------------------------------");
LOGGER.debug("Assignment to be {}: {}: {} this target policy rules, {} triggered approval actions:", plusMinusZero == PlusMinusZero.PLUS ? "added" : "deleted", newAssignment, newAssignment.getThisTargetPolicyRules().size(), triggeredApprovalActionRules.size());
for (EvaluatedPolicyRule t : triggeredApprovalActionRules) {
LOGGER.debug(" - Approval action: {}", t.getActions().getApproval());
for (EvaluatedPolicyRuleTrigger trigger : t.getTriggers()) {
LOGGER.debug(" - {}", trigger);
}
}
}
}
Also used :
EvaluatedPolicyRule(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)
EvaluatedPolicyRuleTrigger(com.evolveum.midpoint.model.api.context.EvaluatedPolicyRuleTrigger)
Aggregations
EvaluatedPolicyRule (com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule)23
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)9
Task (com.evolveum.midpoint.task.api.Task)5
Test (org.testng.annotations.Test)5
EvaluatedSituationTrigger (com.evolveum.midpoint.model.api.context.EvaluatedSituationTrigger)3
LensContext (com.evolveum.midpoint.model.impl.lens.LensContext)3
LensFocusContext (com.evolveum.midpoint.model.impl.lens.LensFocusContext)3
AssignmentPolicyRuleEvaluationContext (com.evolveum.midpoint.model.impl.lens.projector.policy.AssignmentPolicyRuleEvaluationContext)3
ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)3
PolicySituationPolicyConstraintType (com.evolveum.midpoint.xml.ns._public.common.common_3.PolicySituationPolicyConstraintType)3
List (java.util.List)3
Collectors (java.util.stream.Collectors)3
CompiledObjectCollectionView (com.evolveum.midpoint.model.api.authentication.CompiledObjectCollectionView)2
EvaluatedAssignmentImpl (com.evolveum.midpoint.model.impl.lens.EvaluatedAssignmentImpl)2
EvaluatedPolicyRuleImpl (com.evolveum.midpoint.model.impl.lens.EvaluatedPolicyRuleImpl)2
EvaluatedAssignmentImpl (com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl)2
PolicyRuleEvaluationContext (com.evolveum.midpoint.model.impl.lens.projector.policy.PolicyRuleEvaluationContext)2
RecordingProgressListener (com.evolveum.midpoint.model.impl.util.RecordingProgressListener)2
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)2
SchemaConstants (com.evolveum.midpoint.schema.constants.SchemaConstants)2
