use of com.evolveum.midpoint.prism.PrismReferenceValue in project midpoint by Evolveum.
the class OrgClosureManager method getParentOidsToDelete.
private Set<String> getParentOidsToDelete(Collection<? extends ItemDelta> modifications, PrismObject<? extends ObjectType> originalObject) {
Validate.notNull(originalObject);
Set<String> oids = new HashSet<>();
Set<String> existingOids = getParentOidsFromObject(originalObject);
for (ItemDelta delta : modifications) {
if (delta.getValuesToDelete() != null) {
for (PrismReferenceValue val : (Collection<PrismReferenceValue>) delta.getValuesToDelete()) {
String oid = val.getOid();
if (existingOids.contains(oid)) {
// if it's not there, we do not want to delete it!
oids.add(oid);
}
}
}
if (delta.getValuesToReplace() != null) {
// at this point we can assume this is not mixed with DELETE or ADD deltas
// we mark all existing values not present in the new set as being removed!
// and we do this for the latest REPLACE ItemDelta
oids = new HashSet<>();
for (String existingOid : existingOids) {
boolean found = false;
for (PrismReferenceValue newVal : (Collection<PrismReferenceValue>) delta.getValuesToReplace()) {
if (existingOid.equals(newVal.getOid())) {
found = true;
break;
}
}
if (!found) {
// if existing OID was not found in values to REPLACE, it should be deleted
oids.add(existingOid);
}
}
}
}
return oids;
}
use of com.evolveum.midpoint.prism.PrismReferenceValue in project midpoint by Evolveum.
the class ReferenceRestriction method interpretInternal.
@Override
public Condition interpretInternal() throws QueryException {
String hqlPath = hqlDataInstance.getHqlPath();
LOGGER.trace("interpretInternal starting with hqlPath = {}", hqlPath);
RootHibernateQuery hibernateQuery = context.getHibernateQuery();
List<PrismReferenceValue> values = filter.getValues();
if (CollectionUtils.isEmpty(values)) {
return hibernateQuery.createIsNull(hqlDataInstance.getHqlPath());
}
Set<String> oids = new HashSet<>();
Set<QName> relations = new HashSet<>();
Set<QName> targetTypes = new HashSet<>();
for (PrismReferenceValue value : values) {
if (value.getOid() == null) {
throw new QueryException("Null OID is not allowed in the reference query. Use empty reference list if needed.");
}
oids.add(value.getOid());
if (value.getRelation() == null) {
relations.add(SchemaConstants.ORG_DEFAULT);
} else {
// we intentionally don't normalize relations namespaces, to be able to do namespace-insensitive searches
// so the caller is responsible to unify namespaces if he needs to optimize queries (use IN instead of OR)
relations.add(value.getRelation());
}
targetTypes.add(qualifyTypeName(value.getTargetType()));
}
if (relations.size() > 1 || targetTypes.size() > 1) {
// we must use 'OR' clause
OrCondition rootOr = hibernateQuery.createOr();
values.forEach(prv -> rootOr.add(createRefCondition(hibernateQuery, Collections.singleton(prv.getOid()), prv.getRelation(), prv.getTargetType())));
return rootOr;
} else {
return createRefCondition(hibernateQuery, oids, MiscUtil.extractSingleton(relations), MiscUtil.extractSingleton(targetTypes));
}
}
use of com.evolveum.midpoint.prism.PrismReferenceValue in project midpoint by Evolveum.
the class TestNotifications method test100ModifyUserAddAccount.
@Test
public void test100ModifyUserAddAccount() throws Exception {
final String TEST_NAME = "test100ModifyUserAddAccount";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(TestNotifications.class.getName() + ".test100ModifyUserAddAccount");
task.setChannel(SchemaConstants.CHANNEL_GUI_USER_URI);
OperationResult result = task.getResult();
preTestCleanup(AssignmentPolicyEnforcementType.POSITIVE);
XMLGregorianCalendar startTime = clock.currentTimeXMLGregorianCalendar();
// WHEN
TestUtil.displayWhen(TEST_NAME);
modifyUserAddAccount(USER_JACK_OID, ACCOUNT_JACK_DUMMY_FILE, task, result);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
XMLGregorianCalendar endTime = clock.currentTimeXMLGregorianCalendar();
assertShadowFetchOperationCountIncrement(0);
// Check accountRef
PrismObject<UserType> userJack = modelService.getObject(UserType.class, USER_JACK_OID, null, task, result);
assertUserJack(userJack);
UserType userJackType = userJack.asObjectable();
assertEquals("Unexpected number of accountRefs", 1, userJackType.getLinkRef().size());
ObjectReferenceType accountRefType = userJackType.getLinkRef().get(0);
accountJackOid = accountRefType.getOid();
assertFalse("No accountRef oid", StringUtils.isBlank(accountJackOid));
PrismReferenceValue accountRefValue = accountRefType.asReferenceValue();
assertEquals("OID mismatch in accountRefValue", accountJackOid, accountRefValue.getOid());
assertNull("Unexpected object in accountRefValue", accountRefValue.getObject());
// Check shadow
PrismObject<ShadowType> accountShadow = repositoryService.getObject(ShadowType.class, accountJackOid, null, result);
assertDummyAccountShadowRepo(accountShadow, accountJackOid, "jack");
assertEnableTimestampShadow(accountShadow, startTime, endTime);
// Check account
PrismObject<ShadowType> accountModel = modelService.getObject(ShadowType.class, accountJackOid, null, task, result);
assertDummyAccountShadowModel(accountModel, accountJackOid, "jack", "Jack Sparrow");
// Check account in dummy resource
assertDefaultDummyAccount("jack", "Jack Sparrow", true);
assertDummyScriptsAdd(userJack, accountModel, getDummyResourceType());
notificationManager.setDisabled(true);
// Check notifications
display("Dummy transport messages", dummyTransport);
checkDummyTransportMessages("accountPasswordNotifier", 1);
checkDummyTransportMessages("userPasswordNotifier", 0);
checkDummyTransportMessages("simpleAccountNotifier-SUCCESS", 1);
checkDummyTransportMessages("simpleAccountNotifier-FAILURE", 0);
checkDummyTransportMessages("simpleAccountNotifier-ADD-SUCCESS", 1);
checkDummyTransportMessages("simpleUserNotifier", 0);
checkDummyTransportMessages("simpleUserNotifier-ADD", 0);
List<Message> pwdMessages = dummyTransport.getMessages("dummy:accountPasswordNotifier");
// number of messages was already checked
Message pwdMessage = pwdMessages.get(0);
assertEquals("Invalid list of recipients", Collections.singletonList("recipient@evolveum.com"), pwdMessage.getTo());
assertEquals("Wrong message body", "Password for account jack on Dummy Resource is: deadmentellnotales", pwdMessage.getBody());
List<Message> addMessages = dummyTransport.getMessages("dummy:simpleAccountNotifier-ADD-SUCCESS");
// number of messages was already checked
Message addMessage = addMessages.get(0);
assertEquals("Invalid list of recipients", Collections.singletonList("recipient@evolveum.com"), addMessage.getTo());
assertEquals("Wrong message body", "Notification about account-related operation\n" + "\n" + "Owner: Jack Sparrow (jack, oid c0c010c0-d34d-b33f-f00d-111111111111)\n" + "Resource: Dummy Resource (oid 10000000-0000-0000-0000-000000000004)\n" + "\n" + "An account has been successfully created on the resource with attributes:\n" + " - UID: jack\n" + " - Username: jack\n" + " - Location: Caribbean\n" + " - Quote: Arr!\n" + " - Drink: rum\n" + " - Weapon: rum\n" + " - Full Name: Jack Sparrow\n" + " - Password:\n" + " - value: (protected string)\n" + " - Administrative status: ENABLED\n" + "\n" + "Channel: http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user", addMessage.getBody());
assertSteadyResources();
}
use of com.evolveum.midpoint.prism.PrismReferenceValue in project midpoint by Evolveum.
the class TestRoleEntitlement method test108ModifyRoleAddEntitlementAgain.
@Test
public void test108ModifyRoleAddEntitlementAgain() throws Exception {
final String TEST_NAME = "test108ModifyRoleAddEntitlementAgain";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(TestRoleEntitlement.class.getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
assumeAssignmentPolicy(AssignmentPolicyEnforcementType.POSITIVE);
PrismObject<ShadowType> group = PrismTestUtil.parseObject(GROUP_PIRATE_DUMMY_FILE);
ObjectDelta<RoleType> roleDelta = ObjectDelta.createEmptyModifyDelta(RoleType.class, ROLE_PIRATE_OID, prismContext);
PrismReferenceValue linkRefVal = new PrismReferenceValue();
linkRefVal.setObject(group);
ReferenceDelta groupDelta = ReferenceDelta.createModificationAdd(RoleType.F_LINK_REF, getRoleDefinition(), linkRefVal);
roleDelta.addModification(groupDelta);
Collection<ObjectDelta<? extends ObjectType>> deltas = (Collection) MiscUtil.createCollection(roleDelta);
dummyAuditService.clear();
try {
// WHEN
modelService.executeChanges(deltas, null, task, result);
// THEN
assert false : "Expected executeChanges operation to fail but it has obviously succeeded";
} catch (SchemaException e) {
// This is expected
e.printStackTrace();
// THEN
String message = e.getMessage();
assertMessageContains(message, "already contains entitlement");
assertMessageContains(message, "group");
}
// Check audit
display("Audit", dummyAuditService);
dummyAuditService.assertSimpleRecordSanity();
dummyAuditService.assertRecords(2);
dummyAuditService.assertAnyRequestDeltas();
dummyAuditService.assertTarget(ROLE_PIRATE_OID);
dummyAuditService.assertExecutionOutcome(OperationResultStatus.FATAL_ERROR);
}
use of com.evolveum.midpoint.prism.PrismReferenceValue in project midpoint by Evolveum.
the class TestOrgStruct method test412JackChangeMinistryOfOffenseMemberToManagerByModifyingAssignment.
// this test should generate a SchemaException (modifying targetRef in assignment should be prohibited)
@Test
public void test412JackChangeMinistryOfOffenseMemberToManagerByModifyingAssignment() throws Exception {
final String TEST_NAME = "test412JackChangeMinistryOfOffenseMemberToManagerByModifyingAssignment";
TestUtil.displayTestTile(this, TEST_NAME);
Task task = taskManager.createTaskInstance(TestOrgStruct.class.getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
PrismObject<UserType> jack = getUser(USER_JACK_OID);
Long id = findAssignmentIdForTarget(jack, ORG_MINISTRY_OF_OFFENSE_OID);
Collection<ItemDelta<?, ?>> modifications = new ArrayList<>();
PrismReferenceDefinition referenceDefinition = getUserDefinition().findItemDefinition(new ItemPath(UserType.F_ASSIGNMENT, AssignmentType.F_TARGET_REF), PrismReferenceDefinition.class);
ReferenceDelta referenceDelta = new ReferenceDelta(new ItemPath(new NameItemPathSegment(UserType.F_ASSIGNMENT), new IdItemPathSegment(id), new NameItemPathSegment(AssignmentType.F_TARGET_REF)), referenceDefinition, prismContext);
PrismReferenceValue oldValue = new PrismReferenceValue(ORG_MINISTRY_OF_OFFENSE_OID, OrgType.COMPLEX_TYPE);
PrismReferenceValue newValue = new PrismReferenceValue(ORG_MINISTRY_OF_OFFENSE_OID, OrgType.COMPLEX_TYPE);
newValue.setRelation(SchemaConstants.ORG_MANAGER);
referenceDelta.addValueToDelete(oldValue);
referenceDelta.addValueToAdd(newValue);
modifications.add(referenceDelta);
ObjectDelta<UserType> userDelta = ObjectDelta.createModifyDelta(USER_JACK_OID, modifications, UserType.class, prismContext);
Collection<ObjectDelta<? extends ObjectType>> deltas = MiscSchemaUtil.createCollection(userDelta);
// WHEN
try {
modelService.executeChanges(deltas, null, task, result);
AssertJUnit.fail("executeChanges should fail but it did not.");
} catch (SchemaException e) {
// ok!
} catch (Exception e) {
AssertJUnit.fail("executeChanges failed in the wrong way (expected SchemaException): " + e);
}
}
Aggregations