Example 1 with PrismObjectDefinition
use of com.evolveum.midpoint.prism.PrismObjectDefinition in project midpoint by Evolveum.
the class PageResourceEdit method updateConnectorRef.
/**
* Method which attempts to resolve connector reference filter to actual connector (if necessary).
*
* @param resource {@link PrismObject} resource
*/
private void updateConnectorRef(PrismObject<ResourceType> resource, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
if (resource == null) {
return;
}
PrismReference resourceRef = resource.findReference(ResourceType.F_CONNECTOR_REF);
if (resourceRef == null || resourceRef.getValue() == null) {
return;
}
PrismReferenceValue refValue = resourceRef.getValue();
if (StringUtils.isNotEmpty(refValue.getOid())) {
return;
}
if (refValue.getFilter() == null) {
return;
}
SchemaRegistry registry = getPrismContext().getSchemaRegistry();
PrismObjectDefinition objDef = registry.findObjectDefinitionByCompileTimeClass(ConnectorType.class);
ObjectFilter filter = QueryConvertor.parseFilter(refValue.getFilter(), objDef);
List<PrismObject<ConnectorType>> connectors = getModelService().searchObjects(ConnectorType.class, ObjectQuery.createObjectQuery(filter), null, task, result);
if (connectors.size() != 1) {
return;
}
PrismObject<ConnectorType> connector = connectors.get(0);
refValue.setOid(connector.getOid());
refValue.setTargetType(ConnectorType.COMPLEX_TYPE);
refValue.setFilter(null);
}
Also used :
PrismObject(com.evolveum.midpoint.prism.PrismObject)
PrismReferenceValue(com.evolveum.midpoint.prism.PrismReferenceValue)
ConnectorType(com.evolveum.midpoint.xml.ns._public.common.common_3.ConnectorType)
PrismObjectDefinition(com.evolveum.midpoint.prism.PrismObjectDefinition)
PrismReference(com.evolveum.midpoint.prism.PrismReference)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
SchemaRegistry(com.evolveum.midpoint.prism.schema.SchemaRegistry)
Example 2 with PrismObjectDefinition
use of com.evolveum.midpoint.prism.PrismObjectDefinition in project midpoint by Evolveum.
the class ProjectionCredentialsProcessor method processProjectionPasswordMapping.
private <F extends FocusType> void processProjectionPasswordMapping(LensContext<F> context, final LensProjectionContext projCtx, final ValuePolicyType passwordPolicy, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException {
LensFocusContext<F> focusContext = context.getFocusContext();
PrismObject<F> userNew = focusContext.getObjectNew();
if (userNew == null) {
// This must be a user delete or something similar. No point in proceeding
LOGGER.trace("userNew is null, skipping credentials processing");
return;
}
PrismObjectDefinition<ShadowType> accountDefinition = prismContext.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(ShadowType.class);
PrismPropertyDefinition<ProtectedStringType> projPasswordPropertyDefinition = accountDefinition.findPropertyDefinition(SchemaConstants.PATH_PASSWORD_VALUE);
ResourceShadowDiscriminator rsd = projCtx.getResourceShadowDiscriminator();
RefinedObjectClassDefinition refinedProjDef = projCtx.getStructuralObjectClassDefinition();
if (refinedProjDef == null) {
LOGGER.trace("No RefinedObjectClassDefinition, therefore also no password outbound definition, skipping credentials processing for projection {}", rsd);
return;
}
List<MappingType> outboundMappingTypes = refinedProjDef.getPasswordOutbound();
if (outboundMappingTypes == null || outboundMappingTypes.isEmpty()) {
LOGGER.trace("No outbound password mapping for {}, skipping credentials processing", rsd);
return;
}
// HACK
if (!projCtx.isDoReconciliation() && !projCtx.isAdd() && !isActivated(outboundMappingTypes, focusContext.getDelta())) {
LOGGER.trace("Outbound password mappings not activated for type {}, skipping credentials processing", rsd);
return;
}
final ObjectDelta<ShadowType> projDelta = projCtx.getDelta();
final PropertyDelta<ProtectedStringType> projPasswordDelta;
if (projDelta != null && projDelta.getChangeType() == MODIFY) {
projPasswordDelta = projDelta.findPropertyDelta(SchemaConstants.PATH_PASSWORD_VALUE);
} else {
projPasswordDelta = null;
}
checkExistingDeltaSanity(projCtx, projPasswordDelta);
boolean evaluateWeak = getEvaluateWeak(projCtx);
final ItemDeltaItem<PrismPropertyValue<PasswordType>, PrismPropertyDefinition<ProtectedStringType>> userPasswordIdi = focusContext.getObjectDeltaObject().findIdi(SchemaConstants.PATH_PASSWORD_VALUE);
StringPolicyResolver stringPolicyResolver = new StringPolicyResolver() {
@Override
public void setOutputPath(ItemPath outputPath) {
}
@Override
public void setOutputDefinition(ItemDefinition outputDefinition) {
}
@Override
public StringPolicyType resolve() {
if (passwordPolicy == null) {
return null;
}
return passwordPolicy.getStringPolicy();
}
};
MappingInitializer<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>> initializer = (builder) -> {
builder.defaultTargetDefinition(projPasswordPropertyDefinition);
builder.defaultSource(new Source<>(userPasswordIdi, ExpressionConstants.VAR_INPUT));
builder.stringPolicyResolver(stringPolicyResolver);
return builder;
};
MappingOutputProcessor<PrismPropertyValue<ProtectedStringType>> processor = (mappingOutputPath, outputStruct) -> {
PrismValueDeltaSetTriple<PrismPropertyValue<ProtectedStringType>> outputTriple = outputStruct.getOutputTriple();
if (outputTriple == null) {
LOGGER.trace("Credentials 'password' expression resulted in null output triple, skipping credentials processing for {}", rsd);
return false;
}
boolean projectionIsNew = projDelta != null && (projDelta.getChangeType() == ChangeType.ADD || projCtx.getSynchronizationPolicyDecision() == SynchronizationPolicyDecision.ADD);
Collection<PrismPropertyValue<ProtectedStringType>> newValues = outputTriple.getPlusSet();
if (projectionIsNew) {
newValues = outputTriple.getNonNegativeValues();
} else {
newValues = outputTriple.getPlusSet();
}
if (!canGetCleartext(newValues)) {
ObjectDelta<ShadowType> projectionPrimaryDelta = projCtx.getPrimaryDelta();
if (projectionPrimaryDelta != null) {
PropertyDelta<ProtectedStringType> passwordPrimaryDelta = projectionPrimaryDelta.findPropertyDelta(SchemaConstants.PATH_PASSWORD_VALUE);
if (passwordPrimaryDelta != null) {
// We have only hashed value coming from the mapping. There are not very useful
// for provisioning. But we have primary projection delta - and that is very likely
// to be better.
// Skip all password mappings in this case. Primary delta trumps everything.
// No weak, normal or even strong mapping can change that.
// We need to disregard even strong mapping in this case. If we would heed the strong
// mapping then account initialization won't be possible.
LOGGER.trace("We have primary password delta in projection, skipping credentials processing");
return false;
}
}
}
return true;
};
mappingEvaluator.evaluateOutboundMapping(context, projCtx, outboundMappingTypes, SchemaConstants.PATH_PASSWORD_VALUE, SchemaConstants.PATH_PASSWORD_VALUE, initializer, processor, now, true, evaluateWeak, "password mapping", task, result);
}
Also used :
MappingType(com.evolveum.midpoint.xml.ns._public.common.common_3.MappingType)
ObjectType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType)
ChangeType(com.evolveum.midpoint.prism.delta.ChangeType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
ExpressionConstants(com.evolveum.midpoint.schema.constants.ExpressionConstants)
MappingInitializer(com.evolveum.midpoint.model.impl.lens.projector.MappingInitializer)
MappingFactory(com.evolveum.midpoint.model.common.mapping.MappingFactory)
LensContext(com.evolveum.midpoint.model.impl.lens.LensContext)
PrismValueDeltaSetTriple(com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple)
OriginType(com.evolveum.midpoint.prism.OriginType)
PasswordCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.PasswordCapabilityType)
ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta)
PrismProperty(com.evolveum.midpoint.prism.PrismProperty)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Collection(java.util.Collection)
StringPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.StringPolicyType)
MappingEvaluator(com.evolveum.midpoint.model.impl.lens.projector.MappingEvaluator)
ResourceTypeUtil(com.evolveum.midpoint.schema.util.ResourceTypeUtil)
VariableBindingDefinitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.VariableBindingDefinitionType)
Task(com.evolveum.midpoint.task.api.Task)
ResourceShadowDiscriminator(com.evolveum.midpoint.schema.ResourceShadowDiscriminator)
MetadataType(com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType)
List(java.util.List)
ValuePolicyProcessor(com.evolveum.midpoint.model.common.stringpolicy.ValuePolicyProcessor)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
FocusType(com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType)
PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta)
CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
ContextLoader(com.evolveum.midpoint.model.impl.lens.projector.ContextLoader)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
PolicyViolationException(com.evolveum.midpoint.util.exception.PolicyViolationException)
MappingType(com.evolveum.midpoint.xml.ns._public.common.common_3.MappingType)
PasswordType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType)
MappingOutputProcessor(com.evolveum.midpoint.model.impl.lens.projector.MappingOutputProcessor)
SchemaConstants(com.evolveum.midpoint.schema.constants.SchemaConstants)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ItemDefinition(com.evolveum.midpoint.prism.ItemDefinition)
Trace(com.evolveum.midpoint.util.logging.Trace)
ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException)
ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)
EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException)
PrismObjectDefinition(com.evolveum.midpoint.prism.PrismObjectDefinition)
ItemDelta(com.evolveum.midpoint.prism.delta.ItemDelta)
CredentialsCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType)
SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)
MODIFY(com.evolveum.midpoint.prism.delta.ChangeType.MODIFY)
PrismContext(com.evolveum.midpoint.prism.PrismContext)
StringPolicyResolver(com.evolveum.midpoint.repo.common.expression.StringPolicyResolver)
ContainerDelta(com.evolveum.midpoint.prism.delta.ContainerDelta)
ItemDeltaItem(com.evolveum.midpoint.repo.common.expression.ItemDeltaItem)
OperationalDataManager(com.evolveum.midpoint.model.impl.lens.OperationalDataManager)
PrismPropertyDefinition(com.evolveum.midpoint.prism.PrismPropertyDefinition)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Component(org.springframework.stereotype.Component)
LensProjectionContext(com.evolveum.midpoint.model.impl.lens.LensProjectionContext)
PrismContainerValue(com.evolveum.midpoint.prism.PrismContainerValue)
Protector(com.evolveum.midpoint.prism.crypto.Protector)
SecurityUtil(com.evolveum.midpoint.security.api.SecurityUtil)
LensFocusContext(com.evolveum.midpoint.model.impl.lens.LensFocusContext)
Source(com.evolveum.midpoint.repo.common.expression.Source)
TraceManager(com.evolveum.midpoint.util.logging.TraceManager)
ItemPathType(com.evolveum.prism.xml.ns._public.types_3.ItemPathType)
PrismPropertyDefinition(com.evolveum.midpoint.prism.PrismPropertyDefinition)
ItemDefinition(com.evolveum.midpoint.prism.ItemDefinition)
StringPolicyResolver(com.evolveum.midpoint.repo.common.expression.StringPolicyResolver)
Source(com.evolveum.midpoint.repo.common.expression.Source)
RefinedObjectClassDefinition(com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)
PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta)
ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
PrismValueDeltaSetTriple(com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
Collection(java.util.Collection)
ResourceShadowDiscriminator(com.evolveum.midpoint.schema.ResourceShadowDiscriminator)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Example 3 with PrismObjectDefinition
use of com.evolveum.midpoint.prism.PrismObjectDefinition in project midpoint by Evolveum.
the class StatisticsUtil method getObjectType.
public static QName getObjectType(ObjectType objectType, PrismContext prismContext) {
if (objectType == null) {
return null;
}
PrismObjectDefinition def = objectType.asPrismObject().getDefinition();
if (def == null) {
Class<? extends Objectable> clazz = objectType.asPrismObject().getCompileTimeClass();
if (clazz == null) {
return null;
}
def = prismContext.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(clazz);
if (def == null) {
return ObjectType.COMPLEX_TYPE;
}
}
return def.getTypeName();
}
Also used :
PrismObjectDefinition(com.evolveum.midpoint.prism.PrismObjectDefinition)
Example 4 with PrismObjectDefinition
use of com.evolveum.midpoint.prism.PrismObjectDefinition in project midpoint by Evolveum.
the class TaskQuartzImpl method recordObjectActionExecuted.
@Override
public <T extends ObjectType> void recordObjectActionExecuted(PrismObject<T> object, Class<T> objectTypeClass, String defaultOid, ChangeType changeType, String channel, Throwable exception) {
if (actionsExecutedInformation != null) {
String name, displayName, oid;
PrismObjectDefinition definition;
Class<T> clazz;
if (object != null) {
name = PolyString.getOrig(object.getName());
displayName = StatisticsUtil.getDisplayName(object);
definition = object.getDefinition();
clazz = object.getCompileTimeClass();
oid = object.getOid();
if (oid == null) {
// in case of ADD operation
oid = defaultOid;
}
} else {
name = null;
displayName = null;
definition = null;
clazz = objectTypeClass;
oid = defaultOid;
}
if (definition == null && clazz != null) {
definition = getPrismContext().getSchemaRegistry().findObjectDefinitionByCompileTimeClass(clazz);
}
QName typeQName;
if (definition != null) {
typeQName = definition.getTypeName();
} else {
typeQName = ObjectType.COMPLEX_TYPE;
}
actionsExecutedInformation.recordObjectActionExecuted(name, displayName, typeQName, oid, changeType, channel, exception);
}
}
Also used :
F_WORKFLOW_CONTEXT(com.evolveum.midpoint.xml.ns._public.common.common_3.TaskType.F_WORKFLOW_CONTEXT)
F_MODEL_OPERATION_CONTEXT(com.evolveum.midpoint.xml.ns._public.common.common_3.TaskType.F_MODEL_OPERATION_CONTEXT)
QName(javax.xml.namespace.QName)
PrismObjectDefinition(com.evolveum.midpoint.prism.PrismObjectDefinition)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Example 5 with PrismObjectDefinition
use of com.evolveum.midpoint.prism.PrismObjectDefinition in project midpoint by Evolveum.
the class DataModelUtil method resolvePath.
// null means not supported yet
@Nullable
@SuppressWarnings("unchecked")
public static PathResolutionResult resolvePath(@NotNull ItemPath path, @NotNull PathResolutionContext context) {
if (!path.startsWithName() && !path.startsWithVariable()) {
return new PathResolutionResult(new Issue(Issue.Severity.WARNING, CAT_ITEM_PATH, C_DOES_NOT_START_WITH_NAME, "Path does not start with a name nor variable: '" + path + "'", null, null));
}
String varName;
ItemPath itemPath;
Object first = path.first();
if (ItemPath.isVariable(first)) {
varName = ItemPath.toVariableName(first).getLocalPart();
itemPath = path.rest();
} else {
if (context.defaultVariable == null) {
return new PathResolutionResult(new Issue(Issue.Severity.WARNING, CAT_ITEM_PATH, C_NO_DEFAULT_VARIABLE, "No default variable for item path: '" + path + "'", null, null));
}
varName = context.defaultVariable;
itemPath = path;
}
if (ExpressionConstants.VAR_PROJECTION.equals(varName) || ExpressionConstants.VAR_SHADOW.equals(varName) || ExpressionConstants.VAR_ACCOUNT.equals(varName)) {
if (!(context instanceof ResourceResolutionContext)) {
return new PathResolutionResult(new Issue(Issue.Severity.WARNING, CAT_ITEM_PATH, C_ILLEGAL_USE_OF_ACCOUNT_VARIABLE, "Illegal use of '" + varName + "' variable: '" + path + "'", null, null));
} else {
// TODO implement checking of $account-based paths
return null;
}
} else if (ExpressionConstants.VAR_USER.equals(varName) || ExpressionConstants.VAR_FOCUS.equals(varName)) {
Class<? extends FocusType> clazz = FocusType.class;
if (context instanceof ResourceResolutionContext) {
ResourceResolutionContext rctx = (ResourceResolutionContext) context;
ObjectSynchronizationType def = ResourceTypeUtil.findObjectSynchronization(rctx.resource, rctx.kind, rctx.intent);
if (def != null) {
QName focusType = def.getFocusType() != null ? def.getFocusType() : UserType.COMPLEX_TYPE;
PrismObjectDefinition<Objectable> objdef = rctx.prismContext.getSchemaRegistry().findObjectDefinitionByType(focusType);
if (objdef != null && objdef.getCompileTimeClass() != null && FocusType.class.isAssignableFrom(objdef.getCompileTimeClass())) {
clazz = (Class) objdef.getCompileTimeClass();
}
} else {
// the default (MID-3307)
clazz = UserType.class;
}
}
return resolvePathForType(clazz, itemPath, context);
} else if (ExpressionConstants.VAR_ACTOR.equals(varName)) {
return resolvePathForType(FocusType.class, itemPath, context);
} else if (ExpressionConstants.VAR_INPUT.equals(varName)) {
return null;
} else {
// TODO list all possible variables here and issue a warning if no one matches
return null;
}
}
Also used :
Issue(com.evolveum.midpoint.model.api.validator.Issue)
QName(javax.xml.namespace.QName)
PrismObjectDefinition(com.evolveum.midpoint.prism.PrismObjectDefinition)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Nullable(org.jetbrains.annotations.Nullable)
Aggregations
PrismObjectDefinition (com.evolveum.midpoint.prism.PrismObjectDefinition)20
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)5
PrismContext (com.evolveum.midpoint.prism.PrismContext)4
PrismObject (com.evolveum.midpoint.prism.PrismObject)4
PrismReferenceValue (com.evolveum.midpoint.prism.PrismReferenceValue)4
ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)4
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)4
ArrayList (java.util.ArrayList)4
ItemDefinition (com.evolveum.midpoint.prism.ItemDefinition)3
PrismContainerDefinition (com.evolveum.midpoint.prism.PrismContainerDefinition)3
ItemDelta (com.evolveum.midpoint.prism.delta.ItemDelta)3
PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)3
SchemaRegistry (com.evolveum.midpoint.prism.schema.SchemaRegistry)3
Task (com.evolveum.midpoint.task.api.Task)3
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)3
ObjectType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType)3
QName (javax.xml.namespace.QName)3
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)2
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)2
ObjectFilter (com.evolveum.midpoint.prism.query.ObjectFilter)2
