Examples with SynchronizationPolicyDecision com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision used on opensource projects

Search in sources :

Example 11 with SynchronizationPolicyDecision

use of com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision in project midpoint by Evolveum.

the class ReconciliationProcessor method processReconciliation.

private void processReconciliation(LensProjectionContext projCtx, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
    // reconciliation is cheap if the shadow is already fetched therefore just do it
    if (!projCtx.isDoReconciliation() && !projCtx.isFullShadow()) {
        LOGGER.trace("Skipping reconciliation of {}: no doReconciliation and no full shadow", projCtx.getHumanReadableName());
        return;
    }
    SynchronizationPolicyDecision policyDecision = projCtx.getSynchronizationPolicyDecision();
    if (policyDecision == SynchronizationPolicyDecision.DELETE || policyDecision == SynchronizationPolicyDecision.UNLINK) {
        LOGGER.trace("Skipping reconciliation of {}: decision={}", projCtx.getHumanReadableName(), policyDecision);
        return;
    }
    if (projCtx.getObjectCurrent() == null) {
        LOGGER.warn("Can't do reconciliation. Projection context doesn't contain current version of resource object.");
        return;
    }
    if (!projCtx.isFullShadow()) {
        contextLoader.loadFullShadowNoDiscovery(projCtx, "projection reconciliation", task, result);
    }
    LOGGER.trace("Starting reconciliation of {}", projCtx.getHumanReadableName());
    reconcileAuxiliaryObjectClasses(projCtx);
    ResourceObjectDefinition rOcDef = projCtx.getCompositeObjectDefinition();
    Map<QName, DeltaSetTriple<ItemValueWithOrigin<PrismPropertyValue<?>, PrismPropertyDefinition<?>>>> squeezedAttributes = projCtx.getSqueezedAttributes();
    LOGGER.trace("Attribute reconciliation processing {}", projCtx.getHumanReadableName());
    reconcileProjectionAttributes(projCtx, squeezedAttributes);
    Map<QName, DeltaSetTriple<ItemValueWithOrigin<PrismContainerValue<ShadowAssociationType>, PrismContainerDefinition<ShadowAssociationType>>>> squeezedAssociations = projCtx.getSqueezedAssociations();
    LOGGER.trace("Association reconciliation processing {}", projCtx.getHumanReadableName());
    reconcileProjectionAssociations(projCtx, squeezedAssociations, rOcDef, task, result);
    reconcileMissingAuxiliaryObjectClassAttributes(projCtx);
}
Also used : QName(javax.xml.namespace.QName) SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)

Example 12 with SynchronizationPolicyDecision

use of com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision in project midpoint by Evolveum.

the class ConsolidationProcessor method consolidateValues.

/**
 * Converts delta set triples to a secondary account deltas.
 */
<F extends FocusType> void consolidateValues(LensContext<F> context, LensProjectionContext projCtx, Task task, OperationResult parentResult) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, PolicyViolationException {
    // todo filter changes which were already in account sync delta
    OperationResult result = parentResult.subresult(OP_CONSOLIDATE_VALUES).setMinor().build();
    try {
        // account was deleted, no changes are needed.
        if (wasProjectionDeleted(projCtx)) {
            return;
        }
        SynchronizationPolicyDecision policyDecision = projCtx.getSynchronizationPolicyDecision();
        context.checkConsistenceIfNeeded();
        if (policyDecision == SynchronizationPolicyDecision.DELETE) {
        // Nothing to do
        } else {
            // This is ADD, KEEP, UNLINK or null. All are in fact the same as KEEP
            consolidateValuesModifyProjection(context, projCtx, task, result);
            context.checkConsistenceIfNeeded();
        }
        context.recompute();
        context.checkConsistenceIfNeeded();
    } catch (Throwable t) {
        result.recordFatalError(t.getMessage(), t);
        throw t;
    } finally {
        result.computeStatusIfUnknown();
    }
}
Also used : OperationResult(com.evolveum.midpoint.schema.result.OperationResult) SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)

Example 13 with SynchronizationPolicyDecision

use of com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision in project midpoint by Evolveum.

the class ProjectionValuesProcessor method processPostRecon.

@ProcessorMethod
<F extends FocusType> void processPostRecon(LensContext<F> context, LensProjectionContext projContext, @SuppressWarnings("unused") String activityDescription, @SuppressWarnings("unused") XMLGregorianCalendar now, Task task, OperationResult result) throws SchemaException, ExpressionEvaluationException, PolicyViolationException {
    SynchronizationPolicyDecision policyDecision = projContext.getSynchronizationPolicyDecision();
    if (policyDecision == SynchronizationPolicyDecision.UNLINK) {
        // We will not update accounts that are being unlinked.
        // we cannot skip deleted accounts here as the delete delta will be skipped as well
        LOGGER.trace("Skipping post-recon processing of value for {} because the decision is {}", projContext.getHumanReadableName(), policyDecision);
        return;
    }
    consolidationProcessor.consolidateValuesPostRecon(context, projContext, task, result);
    context.checkConsistenceIfNeeded();
    projContext.recompute();
    context.checkConsistenceIfNeeded();
}
Also used : SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision) ProcessorMethod(com.evolveum.midpoint.model.impl.lens.projector.util.ProcessorMethod)

Example 14 with SynchronizationPolicyDecision

use of com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision in project midpoint by Evolveum.

the class ActivationProcessor method processActivationMappingsCurrent.

private <F extends FocusType> void processActivationMappingsCurrent(LensContext<F> context, LensProjectionContext projCtx, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException {
    String projCtxDesc = projCtx.toHumanReadableString();
    SynchronizationPolicyDecision existingDecision = projCtx.getSynchronizationPolicyDecision();
    SynchronizationIntent synchronizationIntent = projCtx.getSynchronizationIntent();
    result.addContext("existingDecision", String.valueOf(existingDecision));
    result.addContext("synchronizationIntent", String.valueOf(synchronizationIntent));
    LOGGER.trace("processActivationUserCurrent starting for {}. Existing decision = {}, synchronization intent = {}", projCtxDesc, existingDecision, synchronizationIntent);
    if (existingDecision == SynchronizationPolicyDecision.BROKEN) {
        LOGGER.trace("Broken projection {}, skipping further activation processing", projCtxDesc);
        return;
    }
    if (synchronizationIntent == SynchronizationIntent.UNLINK) {
        setSynchronizationPolicyDecision(projCtx, SynchronizationPolicyDecision.UNLINK, result);
        LOGGER.trace("Evaluated decision for {} to {} because of unlink synchronization intent, " + "skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.UNLINK);
        return;
    }
    if (projCtx.isGone()) {
        if (projCtx.isDelete() && ModelExecuteOptions.isForce(context.getOptions())) {
            setSynchronizationPolicyDecision(projCtx, SynchronizationPolicyDecision.DELETE, result);
            LOGGER.trace("Evaluated decision for 'gone' {} to {} (force), skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.DELETE);
        } else {
            // Let's keep 'goners' linked until they expire. So we do not have shadows without owners.
            // This is also needed for async delete operations.
            setSynchronizationPolicyDecision(projCtx, SynchronizationPolicyDecision.KEEP, result);
            LOGGER.trace("Evaluated decision for {} to {} because it is gone, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.KEEP);
        }
        return;
    }
    if (projCtx.isReaping()) {
        // Projections being reaped (i.e. having pending DELETE actions) should be kept intact.
        // This is based on assumption that it is not possible to cancel the pending DELETE operation.
        // If it was, we could try to do that.
        setSynchronizationPolicyDecision(projCtx, SynchronizationPolicyDecision.KEEP, result);
        LOGGER.trace("Evaluated decision for {} to {} because it is reaping, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.KEEP);
        return;
    }
    if (synchronizationIntent == SynchronizationIntent.DELETE || projCtx.isDelete()) {
        // TODO: is this OK?
        setSynchronizationPolicyDecision(projCtx, SynchronizationPolicyDecision.DELETE, result);
        LOGGER.trace("Evaluated decision for {} to {}, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.DELETE);
        return;
    }
    LOGGER.trace("Evaluating intended existence of projection {} (legal={})", projCtxDesc, projCtx.isLegal());
    boolean shadowShouldExist = evaluateExistenceMapping(context, projCtx, now, MappingTimeEval.CURRENT, task, result);
    LOGGER.trace("Evaluated intended existence of projection {} to {} (legal={})", projCtxDesc, shadowShouldExist, projCtx.isLegal());
    // Let's reconcile the existence intent (shadowShouldExist) and the synchronization intent in the context
    LensProjectionContext lowerOrderContext = LensUtil.findLowerOrderContext(context, projCtx);
    SynchronizationPolicyDecision decision;
    if (synchronizationIntent == null || synchronizationIntent == SynchronizationIntent.SYNCHRONIZE) {
        if (shadowShouldExist) {
            projCtx.setActive(true);
            if (projCtx.isExists()) {
                if (lowerOrderContext != null && lowerOrderContext.isDelete()) {
                    // HACK HACK HACK
                    decision = SynchronizationPolicyDecision.DELETE;
                } else {
                    decision = SynchronizationPolicyDecision.KEEP;
                }
            } else {
                if (lowerOrderContext != null) {
                    if (lowerOrderContext.isDelete()) {
                        // HACK HACK HACK
                        decision = SynchronizationPolicyDecision.DELETE;
                    } else {
                        // If there is a lower-order context then that one will be ADD
                        // and this one is KEEP. When the execution comes to this context
                        // then the projection already exists
                        decision = SynchronizationPolicyDecision.KEEP;
                    }
                } else {
                    decision = SynchronizationPolicyDecision.ADD;
                }
            }
        } else {
            // Delete
            if (projCtx.isExists()) {
                decision = SynchronizationPolicyDecision.DELETE;
            } else {
                // we should delete the entire context, but then we will lose track of what
                // happened. So just ignore it.
                decision = SynchronizationPolicyDecision.IGNORE;
                // if there are any triggers then move them to focus. We may still need them.
                LensUtil.moveTriggers(projCtx, context.getFocusContext());
            }
        }
    } else if (synchronizationIntent == SynchronizationIntent.ADD) {
        if (shadowShouldExist) {
            projCtx.setActive(true);
            if (projCtx.isExists()) {
                // Attempt to add something that is already there, but should be OK
                decision = SynchronizationPolicyDecision.KEEP;
            } else {
                decision = SynchronizationPolicyDecision.ADD;
            }
        } else {
            throw new PolicyViolationException("Request to add projection " + projCtxDesc + " but the activation policy decided that it should not exist");
        }
    } else if (synchronizationIntent == SynchronizationIntent.KEEP) {
        if (shadowShouldExist) {
            projCtx.setActive(true);
            if (projCtx.isExists()) {
                decision = SynchronizationPolicyDecision.KEEP;
            } else {
                decision = SynchronizationPolicyDecision.ADD;
            }
        } else {
            throw new PolicyViolationException("Request to keep projection " + projCtxDesc + " but the activation policy decided that it should not exist");
        }
    } else {
        throw new IllegalStateException("Unknown sync intent " + synchronizationIntent);
    }
    LOGGER.trace("Evaluated decision for projection {} to {}", projCtxDesc, decision);
    setSynchronizationPolicyDecision(projCtx, decision, result);
    PrismObject<F> focusNew = context.getFocusContext().getObjectNew();
    if (focusNew == null) {
        // This must be a user delete or something similar. No point in proceeding
        LOGGER.trace("focusNew is null, skipping activation processing of {}", projCtxDesc);
        return;
    }
    if (decision == SynchronizationPolicyDecision.DELETE) {
        LOGGER.trace("Decision is {}, skipping activation properties processing for {}", decision, projCtxDesc);
        return;
    }
    ResourceObjectTypeDefinitionType resourceObjectTypeDefinition = projCtx.getResourceObjectTypeDefinitionType();
    if (resourceObjectTypeDefinition == null) {
        LOGGER.trace("No refined object definition, therefore also no activation outbound definition, skipping activation processing for account {}", projCtxDesc);
        return;
    }
    ResourceActivationDefinitionType activationDefinition = resourceObjectTypeDefinition.getActivation();
    if (activationDefinition == null) {
        LOGGER.trace("No activation definition in projection {}, skipping activation properties processing", projCtxDesc);
        return;
    }
    ActivationCapabilityType capActivation = ResourceTypeUtil.getEffectiveCapability(projCtx.getResource(), ActivationCapabilityType.class);
    if (capActivation == null) {
        LOGGER.trace("Skipping activation status and validity processing because {} has no activation capability", projCtx.getResource());
        return;
    }
    ActivationStatusCapabilityType capStatus = CapabilityUtil.getEnabledActivationStatus(capActivation);
    ActivationValidityCapabilityType capValidFrom = CapabilityUtil.getEnabledActivationValidFrom(capActivation);
    ActivationValidityCapabilityType capValidTo = CapabilityUtil.getEnabledActivationValidTo(capActivation);
    ActivationLockoutStatusCapabilityType capLockoutStatus = CapabilityUtil.getEnabledActivationLockoutStatus(capActivation);
    if (capStatus != null) {
        evaluateActivationMapping(context, projCtx, activationDefinition.getAdministrativeStatus(), SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, capActivation, now, MappingTimeEval.CURRENT, ActivationType.F_ADMINISTRATIVE_STATUS.getLocalPart(), task, result);
    } else {
        LOGGER.trace("Skipping activation administrative status processing because {} does not have activation administrative status capability", projCtx.getResource());
    }
    ResourceBidirectionalMappingType validFromMappingType = activationDefinition.getValidFrom();
    if (validFromMappingType == null || validFromMappingType.getOutbound() == null) {
        LOGGER.trace("Skipping activation validFrom processing because {} does not have appropriate outbound mapping", projCtx.getResource());
    } else if (capValidFrom == null && !ExpressionUtil.hasExplicitTarget(validFromMappingType.getOutbound())) {
        LOGGER.trace("Skipping activation validFrom processing because {} does not have activation validFrom capability nor outbound mapping with explicit target", projCtx.getResource());
    } else {
        evaluateActivationMapping(context, projCtx, activationDefinition.getValidFrom(), SchemaConstants.PATH_ACTIVATION_VALID_FROM, SchemaConstants.PATH_ACTIVATION_VALID_FROM, null, now, MappingTimeEval.CURRENT, ActivationType.F_VALID_FROM.getLocalPart(), task, result);
    }
    ResourceBidirectionalMappingType validToMappingType = activationDefinition.getValidTo();
    if (validToMappingType == null || validToMappingType.getOutbound() == null) {
        LOGGER.trace("Skipping activation validTo processing because {} does not have appropriate outbound mapping", projCtx.getResource());
    } else if (capValidTo == null && !ExpressionUtil.hasExplicitTarget(validToMappingType.getOutbound())) {
        LOGGER.trace("Skipping activation validTo processing because {} does not have activation validTo capability nor outbound mapping with explicit target", projCtx.getResource());
    } else {
        evaluateActivationMapping(context, projCtx, activationDefinition.getValidTo(), SchemaConstants.PATH_ACTIVATION_VALID_TO, SchemaConstants.PATH_ACTIVATION_VALID_TO, null, now, MappingTimeEval.CURRENT, ActivationType.F_VALID_TO.getLocalPart(), task, result);
    }
    if (capLockoutStatus != null) {
        evaluateActivationMapping(context, projCtx, activationDefinition.getLockoutStatus(), SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, capActivation, now, MappingTimeEval.CURRENT, ActivationType.F_LOCKOUT_STATUS.getLocalPart(), task, result);
    } else {
        LOGGER.trace("Skipping activation lockout status processing because {} does not have activation lockout status capability", projCtx.getResource());
    }
}
Also used : ActivationLockoutStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType) ActivationCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType) SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision) ActivationValidityCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType) SynchronizationIntent(com.evolveum.midpoint.model.api.context.SynchronizationIntent) ActivationStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)

Aggregations

SynchronizationPolicyDecision (com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)14 ActivationCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType)4 ActivationStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)4 ActivationValidityCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType)4 SynchronizationIntent (com.evolveum.midpoint.model.api.context.SynchronizationIntent)3 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)3 LensProjectionContext (com.evolveum.midpoint.model.impl.lens.LensProjectionContext)2 SynchronizationIntent (com.evolveum.midpoint.model.impl.lens.SynchronizationIntent)2 ResourceActivationDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceActivationDefinitionType)2 ResourceObjectTypeDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectTypeDefinitionType)2 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)2 ActivationLockoutStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType)2 QName (javax.xml.namespace.QName)2 RefinedObjectClassDefinition (com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)1 ProcessorMethod (com.evolveum.midpoint.model.impl.lens.projector.util.ProcessorMethod)1 DeltaSetTriple (com.evolveum.midpoint.prism.delta.DeltaSetTriple)1 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)1 GetOperationOptions (com.evolveum.midpoint.schema.GetOperationOptions)1 SelectorOptions (com.evolveum.midpoint.schema.SelectorOptions)1 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial