Search in sources :

Example 6 with EvaluatedAssignmentImpl

use of com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl in project midpoint by Evolveum.

the class AbstractAssignmentEvaluatorTest method test400UserFred.

// MID-4251
@Test
public void test400UserFred() throws Exception {
    // GIVEN
    Task task = getTestTask();
    OperationResult result = task.getResult();
    String pastTime = XmlTypeConverter.fromNow(createDuration("-P3D")).toString();
    String futureTime = XmlTypeConverter.fromNow(createDuration("P3D")).toString();
    UserType fred = new UserType(prismContext).name("fred").description(futureTime).subtype(DYNAMIC_ORG_ASSIGNMENT_SUBTYPE);
    addObject(fred.asPrismObject());
    PrismObject<UserType> fredAsCreated = findUserByUsername("fred");
    display("fred as created", fredAsCreated);
    ObjectDelta<UserType> descriptionDelta = prismContext.deltaFor(UserType.class).item(UserType.F_DESCRIPTION).replace(pastTime).asObjectDeltaCast(fredAsCreated.getOid());
    LensContext<UserType> lensContext = createUserLensContext();
    fillContextWithUser(lensContext, fredAsCreated.getOid(), result);
    addFocusDeltaToContext(lensContext, descriptionDelta);
    // WHEN
    when();
    projector.project(lensContext, "test", task, result);
    // THEN
    then();
    assertSuccess(result);
    DeltaSetTriple<EvaluatedAssignmentImpl<?>> triple = lensContext.getEvaluatedAssignmentTriple();
    displayValue("Evaluated assignment triple", triple.debugDump());
    assertEquals("Wrong # of evaluated assignments zero set", 0, triple.getZeroSet().size());
    assertEquals("Wrong # of evaluated assignments plus set", 1, triple.getPlusSet().size());
    assertEquals("Wrong # of evaluated assignments minus set", 1, triple.getMinusSet().size());
    assertSerializable(lensContext);
}
Also used : EvaluatedAssignmentImpl(com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl) Task(com.evolveum.midpoint.task.api.Task) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Example 7 with EvaluatedAssignmentImpl

use of com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl in project midpoint by Evolveum.

the class TestAssignmentProcessor method test210AssignEngineer.

/**
 * Checking approval policy rules. (See note above.)
 *
 * Engineer has a generic metarole that provides these policy rules: approve-any-corp-rule, notify-exclusion-violations.
 * However, it induces an Employee role that has also this generic metarole. Moreover, it has "employee-excludes-contractor"
 * rule.
 *
 * First occurrence of the approval rule should have a trigger. Second one should be without a trigger.
 */
@Test
public void test210AssignEngineer() throws Exception {
    // GIVEN
    Task task = getTestTask();
    OperationResult result = task.getResult();
    LensContext<UserType> context = createUserLensContext();
    PrismObject<UserType> user = getUser(USER_JACK_OID);
    AssignmentType assignmentType = new AssignmentType(prismContext);
    assignmentType.setTargetRef(ObjectTypeUtil.createObjectRef(ROLE_CORP_ENGINEER_OID, ObjectTypes.ROLE));
    fillContextWithFocus(context, user);
    addFocusDeltaToContext(context, prismContext.deltaFor(UserType.class).item(UserType.F_ASSIGNMENT).add(assignmentType).asObjectDelta(USER_JACK_OID));
    recompute(context);
    displayDumpable("Input context", context);
    assertFocusModificationSanity(context);
    when();
    processAssignments(task, result, context);
    then();
    displayDumpable("Output context", context);
    display("outbound processor result", result);
    assertSuccess("Outbound processor failed (result)", result);
    assertSame(context.getFocusContext().getPrimaryDelta().getChangeType(), ChangeType.MODIFY);
    assertNull("Unexpected user changes", context.getFocusContext().getSecondaryDelta());
    assertFalse("No account changes", context.getProjectionContexts().isEmpty());
    DeltaSetTriple<EvaluatedAssignmentImpl<?>> evaluatedAssignmentTriple = context.getEvaluatedAssignmentTriple();
    assertEquals("Wrong # of added assignments", 1, evaluatedAssignmentTriple.getPlusSet().size());
    displayValue("Policy rules", context.dumpAssignmentPolicyRules(3));
    EvaluatedAssignmentImpl<?> evaluatedAssignment = evaluatedAssignmentTriple.getPlusSet().iterator().next();
    assertEquals("Wrong # of focus policy rules", 0, evaluatedAssignment.getFocusPolicyRules().size());
    assertEquals("Wrong # of this target policy rules", 2, evaluatedAssignment.getThisTargetPolicyRules().size());
    Collection<? extends EvaluatedPolicyRule> policyRules = evaluatedAssignment.getAllTargetsPolicyRules();
    assertEquals("Wrong # of target policy rules", 5, policyRules.size());
    assertSerializable(context);
}
Also used : EvaluatedAssignmentImpl(com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl) Task(com.evolveum.midpoint.task.api.Task) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Example 8 with EvaluatedAssignmentImpl

use of com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl in project midpoint by Evolveum.

the class TestPolicyRules method test150AssignRoleThiefToJack.

/**
 * Thief has got separated constraints and actions.
 */
@Test
public void test150AssignRoleThiefToJack() throws Exception {
    Task task = getTestTask();
    OperationResult result = getTestOperationResult();
    // GIVEN
    LensContext<UserType> context = createUserLensContext();
    fillContextWithUser(context, USER_JACK_OID, result);
    addModificationToContextAssignRole(context, USER_JACK_OID, ROLE_THIEF_OID);
    displayDumpable("Input context", context);
    assertFocusModificationSanity(context);
    rememberCounter(InternalCounters.SHADOW_FETCH_OPERATION_COUNT);
    // WHEN
    when();
    projector.project(context, "test", task, result);
    // THEN
    then();
    result.computeStatus();
    TestUtil.assertSuccess(result);
    DeltaSetTriple<EvaluatedAssignmentImpl<?>> evaluatedAssignmentTriple = context.getEvaluatedAssignmentTriple();
    displayDumpable("Output evaluatedAssignmentTriple", evaluatedAssignmentTriple);
    dumpPolicyRules(context);
    dumpPolicySituations(context);
    assertEvaluatedTargetPolicyRules(context, 9);
    assertTargetTriggers(context, PolicyConstraintKindType.EXCLUSION, 1);
    assertTargetTriggers(context, PolicyConstraintKindType.SITUATION, 1);
    EvaluatedExclusionTrigger triggerExclusion = (EvaluatedExclusionTrigger) assertTriggeredTargetPolicyRule(context, null, PolicyConstraintKindType.EXCLUSION, 1, false);
    assertNotNull("No conflicting assignment in trigger", triggerExclusion.getConflictingAssignment());
    assertEquals("Wrong conflicting assignment in trigger", ROLE_JUDGE_OID, triggerExclusion.getConflictingAssignment().getTarget().getOid());
    EvaluatedSituationTrigger triggerSituation = (EvaluatedSituationTrigger) assertTriggeredTargetPolicyRule(context, null, PolicyConstraintKindType.SITUATION, 1, false);
    assertEquals("Wrong # of source rules", 1, triggerSituation.getSourceRules().size());
    EvaluatedPolicyRule sourceRule = triggerSituation.getSourceRules().iterator().next();
    EvaluatedExclusionTrigger sourceTrigger = (EvaluatedExclusionTrigger) sourceRule.getTriggers().iterator().next();
    assertNotNull("No conflicting assignment in source trigger", sourceTrigger.getConflictingAssignment());
    assertEquals("Wrong conflicting assignment in source trigger", ROLE_JUDGE_OID, sourceTrigger.getConflictingAssignment().getTarget().getOid());
    assertSerializable(context);
}
Also used : EvaluatedAssignmentImpl(com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl) Task(com.evolveum.midpoint.task.api.Task) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Example 9 with EvaluatedAssignmentImpl

use of com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl in project midpoint by Evolveum.

the class HasAssignmentConstraintEvaluator method evaluate.

@Override
public <AH extends AssignmentHolderType> EvaluatedHasAssignmentTrigger evaluate(@NotNull JAXBElement<HasAssignmentPolicyConstraintType> constraintElement, @NotNull PolicyRuleEvaluationContext<AH> ctx, OperationResult parentResult) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
    OperationResult result = parentResult.subresult(OP_EVALUATE).setMinor().build();
    try {
        boolean shouldExist = QNameUtil.match(constraintElement.getName(), PolicyConstraintsType.F_HAS_ASSIGNMENT);
        HasAssignmentPolicyConstraintType constraint = constraintElement.getValue();
        ObjectReferenceType constraintTargetRef = constraint.getTargetRef();
        if (constraintTargetRef == null) {
            throw new SchemaException("No targetRef in hasAssignment constraint");
        }
        DeltaSetTriple<EvaluatedAssignmentImpl<?>> evaluatedAssignmentTriple = ctx.lensContext.getEvaluatedAssignmentTriple();
        if (evaluatedAssignmentTriple == null) {
            return createTriggerIfShouldNotExist(shouldExist, constraintElement, ctx, result);
        }
        boolean allowMinus = ctx.state == ObjectState.BEFORE;
        boolean allowZero = true;
        boolean allowPlus = ctx.state == ObjectState.AFTER;
        boolean allowDirect = !Boolean.FALSE.equals(constraint.isDirect());
        boolean allowIndirect = !Boolean.TRUE.equals(constraint.isDirect());
        boolean allowEnabled = !Boolean.FALSE.equals(constraint.isEnabled());
        boolean allowDisabled = !Boolean.TRUE.equals(constraint.isEnabled());
        ConstraintReferenceMatcher<AH> refMatcher = new ConstraintReferenceMatcher<>(ctx, constraintTargetRef, expressionFactory, result, LOGGER);
        List<PrismObject<?>> matchingTargets = new ArrayList<>();
        for (EvaluatedAssignmentImpl<?> evaluatedAssignment : evaluatedAssignmentTriple.getNonNegativeValues()) {
            // MID-6403
            AssignmentOrigin origin = evaluatedAssignment.getOrigin();
            boolean assignmentIsAdded = origin.isBeingAdded();
            boolean assignmentIsDeleted = origin.isBeingDeleted();
            boolean assignmentIsKept = origin.isBeingKept();
            DeltaSetTriple<EvaluatedAssignmentTargetImpl> targetsTriple = evaluatedAssignment.getRoles();
            for (EvaluatedAssignmentTargetImpl target : targetsTriple.getNonNegativeValues()) {
                // MID-6403
                if (!target.appliesToFocus()) {
                    continue;
                }
                if (!(allowDirect && target.isDirectlyAssigned() || allowIndirect && !target.isDirectlyAssigned())) {
                    continue;
                }
                if (!(allowEnabled && target.isValid() || allowDisabled && !target.isValid())) {
                    continue;
                }
                if (!relationMatches(constraintTargetRef.getRelation(), constraint.getRelation(), target.getAssignment())) {
                    continue;
                }
                boolean targetIsInPlusSet = targetsTriple.presentInPlusSet(target);
                boolean targetIsInZeroSet = targetsTriple.presentInZeroSet(target);
                boolean targetIsInMinusSet = targetsTriple.presentInMinusSet(target);
                // TODO check these computations
                boolean isPlus = assignmentIsAdded || assignmentIsKept && targetIsInPlusSet;
                boolean isZero = assignmentIsKept && targetIsInZeroSet;
                boolean isMinus = assignmentIsDeleted || assignmentIsKept && targetIsInMinusSet;
                // noinspection ConstantConditions
                if (!(allowPlus && isPlus || allowZero && isZero || allowMinus && isMinus)) {
                    continue;
                }
                if (refMatcher.refMatchesTarget(target.getTarget(), "hasAssignment constraint")) {
                    // TODO more specific trigger, containing information on matching assignment; see ExclusionConstraintEvaluator
                    matchingTargets.add(target.getTarget());
                }
            }
        }
        if (!matchingTargets.isEmpty()) {
            if (shouldExist) {
                PrismObject<?> anyTargetObject = matchingTargets.get(0);
                return new EvaluatedHasAssignmentTrigger(PolicyConstraintKindType.HAS_ASSIGNMENT, constraint, matchingTargets, createPositiveMessage(constraintElement, ctx, anyTargetObject, result), createPositiveShortMessage(constraintElement, ctx, anyTargetObject, result));
            } else {
                // we matched something but the constraint was "has no assignment"
                return null;
            }
        } else {
            return createTriggerIfShouldNotExist(shouldExist, constraintElement, ctx, result);
        }
    } catch (Throwable t) {
        result.recordFatalError(t.getMessage(), t);
        throw t;
    } finally {
        result.computeStatusIfUnknown();
    }
}
Also used : EvaluatedHasAssignmentTrigger(com.evolveum.midpoint.model.api.context.EvaluatedHasAssignmentTrigger) AssignmentOrigin(com.evolveum.midpoint.model.impl.lens.projector.AssignmentOrigin) ArrayList(java.util.ArrayList) EvaluatedAssignmentTargetImpl(com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentTargetImpl) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) EvaluatedAssignmentImpl(com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl) PrismObject(com.evolveum.midpoint.prism.PrismObject)

Aggregations

EvaluatedAssignmentImpl (com.evolveum.midpoint.model.impl.lens.assignments.EvaluatedAssignmentImpl)9 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)8 Task (com.evolveum.midpoint.task.api.Task)6 Test (org.testng.annotations.Test)5 LensProjectionContext (com.evolveum.midpoint.model.impl.lens.LensProjectionContext)2 EvaluatedAssignedResourceObjectConstructionImpl (com.evolveum.midpoint.model.impl.lens.construction.EvaluatedAssignedResourceObjectConstructionImpl)2 ComplexConstructionConsumer (com.evolveum.midpoint.model.impl.lens.projector.ComplexConstructionConsumer)2 ProcessorMethod (com.evolveum.midpoint.model.impl.lens.projector.util.ProcessorMethod)2 ActivationComputer (com.evolveum.midpoint.common.ActivationComputer)1 ModelExecuteOptions (com.evolveum.midpoint.model.api.ModelExecuteOptions)1 EvaluatedHasAssignmentTrigger (com.evolveum.midpoint.model.api.context.EvaluatedHasAssignmentTrigger)1 SynchronizationPolicyDecision (com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)1 ReferenceResolver (com.evolveum.midpoint.model.api.util.ReferenceResolver)1 SystemObjectCache (com.evolveum.midpoint.model.common.SystemObjectCache)1 MappingEvaluationEnvironment (com.evolveum.midpoint.model.common.mapping.MappingEvaluationEnvironment)1 MappingFactory (com.evolveum.midpoint.model.common.mapping.MappingFactory)1 ModelBeans (com.evolveum.midpoint.model.impl.ModelBeans)1 ItemValueWithOrigin (com.evolveum.midpoint.model.impl.lens.ItemValueWithOrigin)1 LensContext (com.evolveum.midpoint.model.impl.lens.LensContext)1 LensFocusContext (com.evolveum.midpoint.model.impl.lens.LensFocusContext)1