Examples with ObjectDelta com.evolveum.midpoint.prism.delta.ObjectDelta used on opensource projects

Example 26 with ObjectDelta

use of com.evolveum.midpoint.prism.delta.ObjectDelta in project midpoint by Evolveum.

the class AuditController method rollBackTime.

private <O extends ObjectType> PrismObject<O> rollBackTime(PrismObject<O> object, List<AuditEventRecord> changeTrail) throws SchemaException {
    for (AuditEventRecord event : changeTrail) {
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Applying event {} ({})", event.getEventIdentifier(), XmlTypeConverter.createXMLGregorianCalendar(event.getTimestamp()));
        }
        Collection<ObjectDeltaOperation<? extends ObjectType>> deltaOperations = event.getDeltas();
        if (deltaOperations != null) {
            for (ObjectDeltaOperation<? extends ObjectType> deltaOperation : deltaOperations) {
                ObjectDelta<O> objectDelta = (ObjectDelta<O>) deltaOperation.getObjectDelta();
                if (!isApplicable(deltaOperation, object, event)) {
                    continue;
                }
                if (objectDelta.isDelete()) {
                    throw new SchemaException("Delete delta found in the audit trail. Object history cannot be reconstructed.");
                }
                if (objectDelta.isAdd()) {
                    throw new SchemaException("Add delta found in the audit trail. Object history cannot be reconstructed.");
                }
                ObjectDelta<O> reverseDelta = objectDelta.createReverseDelta();
                if (LOGGER.isTraceEnabled()) {
                    LOGGER.trace("Applying delta (reverse):\n{}", reverseDelta.debugDump(1));
                }
                reverseDelta.applyTo(object);
            }
        }
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Object after application of event {} ({}):\n{}", event.getEventIdentifier(), XmlTypeConverter.createXMLGregorianCalendar(event.getTimestamp()), object.debugDump(1));
        }
    }
    return object;
}

Example 27 with ObjectDelta

use of com.evolveum.midpoint.prism.delta.ObjectDelta in project midpoint by Evolveum.

the class AuditController method isApplicable.

private <O extends ObjectType> boolean isApplicable(ObjectDeltaOperation<? extends ObjectType> lastEventDeltasOperation, PrismObject<O> object, AuditEventRecord lastEvent) {
    OperationResult executionResult = lastEventDeltasOperation.getExecutionResult();
    ObjectDelta<O> objectDelta = (ObjectDelta<O>) lastEventDeltasOperation.getObjectDelta();
    if (executionResult.getStatus() == OperationResultStatus.FATAL_ERROR) {
        LOGGER.trace("Skipping delta {} in event {} because it is {}", objectDelta, lastEvent.getEventIdentifier(), executionResult.getStatus());
        return false;
    }
    if (!object.getOid().equals(objectDelta.getOid())) {
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Skipping delta {} in event {} because OID does not match ({} vs {})", objectDelta, lastEvent.getEventIdentifier(), object.getOid(), objectDelta.getOid());
        }
        return false;
    }
    return true;
}

Example 28 with ObjectDelta

use of com.evolveum.midpoint.prism.delta.ObjectDelta in project midpoint by Evolveum.

the class TestAssignmentProcessor2 method test050JackDeputyOfBarbossa.

/**
	 *                MMR1 -----------I------------------------------*
	 *                 ^                                             |
	 *                 |                                             I
	 *                 |                                             V
	 *                MR1 -----------I-------------*-----> MR3      MR4
	 *                 ^        MR2 --I---*        |        |        |
	 *                 |         ^        I        I        I        I
	 *                 |         |        V        V        V        V
	 *                 R1 --I--> R2       O3       R4       R5       R6
	 *                 ^
	 *                 |
	 *                 |
	 *  jack --D--> barbossa
	 *
	 *  (D = deputy assignment)
	 *
	 */
@Test(enabled = FIRST_PART)
public void test050JackDeputyOfBarbossa() throws Exception {
    final String TEST_NAME = "test050JackDeputyOfBarbossa";
    TestUtil.displayTestTile(this, TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(TestAssignmentProcessor.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    AssignmentType policyRuleAssignment = new AssignmentType(prismContext);
    PolicyRuleType rule = new PolicyRuleType(prismContext);
    rule.setName("barbossa-0");
    policyRuleAssignment.setPolicyRule(rule);
    @SuppressWarnings({ "unchecked", "raw" }) ObjectDelta<ObjectType> objectDelta = (ObjectDelta<ObjectType>) DeltaBuilder.deltaFor(UserType.class, prismContext).item(UserType.F_ASSIGNMENT).add(ObjectTypeUtil.createAssignmentTo(ROLE_R1_OID, ObjectTypes.ROLE, prismContext), policyRuleAssignment).asObjectDelta(USER_BARBOSSA_OID);
    executeChangesAssertSuccess(objectDelta, null, task, result);
    display("barbossa", getUser(USER_BARBOSSA_OID));
    objects.add(getUser(USER_BARBOSSA_OID).asObjectable());
    LensContext<UserType> context = createContextForAssignment(UserType.class, USER_JACK_OID, UserType.class, USER_BARBOSSA_OID, SchemaConstants.ORG_DEPUTY, null, result);
    // WHEN
    assignmentProcessor.processAssignmentsProjections(context, clock.currentTimeXMLGregorianCalendar(), task, result);
    // THEN
    display("Output context", context);
    display("Evaluated assignment triple", context.getEvaluatedAssignmentTriple());
    result.computeStatus();
    assertSuccess("Assignment processor failed (result)", result);
    Collection<EvaluatedAssignmentImpl<UserType>> evaluatedAssignments = assertAssignmentTripleSetSize(context, 0, 1, 0);
    EvaluatedAssignmentImpl<UserType> evaluatedAssignment = evaluatedAssignments.iterator().next();
    assertEquals("Wrong evaluatedAssignment.isValid", true, evaluatedAssignment.isValid());
    assertTargets(evaluatedAssignment, true, "R1 R2 O3 R4 R5 R6", null, null, null, null, null);
    assertTargets(evaluatedAssignment, false, "barbossa MR1 MR2 MR3 MR4 MMR1", null, null, null, null, null);
    assertMembershipRef(evaluatedAssignment, "");
    assertOrgRef(evaluatedAssignment, "O3");
    assertDelegation(evaluatedAssignment, "barbossa R1 R2 O3 R4 R5 R6");
    PrismReferenceValue barbossaRef = evaluatedAssignment.getDelegationRefVals().stream().filter(v -> USER_BARBOSSA_OID.equals(v.getOid())).findFirst().orElseThrow(() -> new AssertionError("No barbossa ref in delegation ref vals"));
    assertEquals("Wrong relation for barbossa delegation", SchemaConstants.ORG_DEPUTY, barbossaRef.getRelation());
    // Constructions are named "role-level". We expect e.g. that from R1 we get a construction induced with order=1 (R1-1).
    String expectedItems = "R1-1 R2-1 O3-1 R4-1 R5-1 R6-1 MR1-2 MR2-2 MR3-2 MR4-2 MMR1-3";
    assertConstructions(evaluatedAssignment, "Brethren_account_construction Undead_monkey_account_construction " + expectedItems, null, null, null, null, null);
    assertFocusMappings(evaluatedAssignment, expectedItems);
    assertFocusPolicyRules(evaluatedAssignment, "barbossa-0 " + expectedItems);
    // Rules for other targets are empty, which is very probably OK. All rules are bound to target "barbossa".
    // There is no alternative target, as barbossa does not induce anything.
    assertTargetPolicyRules(evaluatedAssignment, "barbossa-0 R1-1 R2-1 MR2-2 O3-1 MR1-2 MR3-2 R5-1 R4-1 MMR1-3 MR4-2 R6-1", "");
    assertAuthorizations(evaluatedAssignment, "R1 R2 O3 R4 R5 R6");
    assertGuiConfig(evaluatedAssignment, "R1 R2 O3 R4 R5 R6");
}

Example 29 with ObjectDelta

use of com.evolveum.midpoint.prism.delta.ObjectDelta in project midpoint by Evolveum.

the class TestAssignmentProcessor2 method test060JackDeputyOfGuybrushDeputyOfBarbossa.

/**
	 *                               MMR1 -----------I------------------------------*
	 *                                ^                                             |
	 *                                |                                             I
	 *                                |                                             V
	 *                               MR1 -----------I-------------*-----> MR3      MR4
	 *                                ^        MR2 --I---*        |        |        |
	 *                                |         ^        I        I        I        I
	 *                                |         |        V        V        V        V
	 *                                R1 --I--> R2       O3       R4       R5       R6
	 *                                ^
	 *                                |
	 *                                |
	 * jack --D--> guybrush --D--> barbossa
	 *
	 * (D = deputy assignment)
	 *
	 */
@Test(enabled = FIRST_PART)
public void test060JackDeputyOfGuybrushDeputyOfBarbossa() throws Exception {
    final String TEST_NAME = "test060JackDeputyOfGuybrushDeputyOfBarbossa";
    TestUtil.displayTestTile(this, TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(TestAssignmentProcessor.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    AssignmentType deputyOfBarbossaAssignment = ObjectTypeUtil.createAssignmentTo(USER_BARBOSSA_OID, ObjectTypes.USER, prismContext);
    deputyOfBarbossaAssignment.getTargetRef().setRelation(SchemaConstants.ORG_DEPUTY);
    AssignmentType policyRuleAssignment = new AssignmentType(prismContext);
    PolicyRuleType rule = new PolicyRuleType(prismContext);
    rule.setName("guybrush-0");
    policyRuleAssignment.setPolicyRule(rule);
    @SuppressWarnings({ "unchecked", "raw" }) ObjectDelta<ObjectType> objectDelta = (ObjectDelta<ObjectType>) DeltaBuilder.deltaFor(UserType.class, prismContext).item(UserType.F_ASSIGNMENT).add(deputyOfBarbossaAssignment, policyRuleAssignment).asObjectDelta(USER_GUYBRUSH_OID);
    executeChangesAssertSuccess(objectDelta, null, task, result);
    display("guybrush", getUser(USER_GUYBRUSH_OID));
    objects.add(getUser(USER_GUYBRUSH_OID).asObjectable());
    LensContext<UserType> context = createContextForAssignment(UserType.class, USER_JACK_OID, UserType.class, USER_GUYBRUSH_OID, SchemaConstants.ORG_DEPUTY, null, result);
    // WHEN
    assignmentProcessor.processAssignmentsProjections(context, clock.currentTimeXMLGregorianCalendar(), task, result);
    // THEN
    display("Output context", context);
    display("Evaluated assignment triple", context.getEvaluatedAssignmentTriple());
    result.computeStatus();
    assertSuccess("Assignment processor failed (result)", result);
    Collection<EvaluatedAssignmentImpl<UserType>> evaluatedAssignments = assertAssignmentTripleSetSize(context, 0, 1, 0);
    EvaluatedAssignmentImpl<UserType> evaluatedAssignment = evaluatedAssignments.iterator().next();
    assertEquals("Wrong evaluatedAssignment.isValid", true, evaluatedAssignment.isValid());
    assertTargets(evaluatedAssignment, true, "R1 R2 O3 R4 R5 R6", null, null, null, null, null);
    assertTargets(evaluatedAssignment, false, "guybrush barbossa MR1 MR2 MR3 MR4 MMR1", null, null, null, null, null);
    assertMembershipRef(evaluatedAssignment, "");
    assertOrgRef(evaluatedAssignment, "O3");
    assertDelegation(evaluatedAssignment, "guybrush barbossa R1 R2 O3 R4 R5 R6");
    PrismReferenceValue guybrushRef = evaluatedAssignment.getDelegationRefVals().stream().filter(v -> USER_GUYBRUSH_OID.equals(v.getOid())).findFirst().orElseThrow(() -> new AssertionError("No guybrush ref in delegation ref vals"));
    assertEquals("Wrong relation for guybrush delegation", SchemaConstants.ORG_DEPUTY, guybrushRef.getRelation());
    String expectedItems = "R1-1 R2-1 O3-1 R4-1 R5-1 R6-1 MR1-2 MR2-2 MR3-2 MR4-2 MMR1-3";
    assertConstructions(evaluatedAssignment, "Brethren_account_construction Undead_monkey_account_construction " + expectedItems, null, null, null, null, null);
    assertFocusMappings(evaluatedAssignment, expectedItems);
    assertFocusPolicyRules(evaluatedAssignment, "guybrush-0 barbossa-0 " + expectedItems);
    // guybrush-0 is the rule assigned to the target (guybrush) - seems OK
    // barbossa-0 and Rx-y are rules attached to "indirect target" (barbossa, delegator of guybrush).
    // TODO it is not quite clear if these are to be considered direct or indirect targets
    // let's consider it OK for the moment
    assertTargetPolicyRules(evaluatedAssignment, "guybrush-0", "barbossa-0 R1-1 R2-1 MR2-2 O3-1 MR1-2 MR3-2 R5-1 R4-1 MMR1-3 MR4-2 R6-1");
    assertAuthorizations(evaluatedAssignment, "R1 R2 O3 R4 R5 R6");
    assertGuiConfig(evaluatedAssignment, "R1 R2 O3 R4 R5 R6");
}

Example 30 with ObjectDelta

use of com.evolveum.midpoint.prism.delta.ObjectDelta in project midpoint by Evolveum.

the class TestAbstractAssignmentEvaluator method test310DisableRoleEngineer.

@Test
public void test310DisableRoleEngineer() throws Exception {
    final String TEST_NAME = "test310DisableRoleEngineer";
    TestUtil.displayTestTile(this, TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(TestAssignmentEvaluator.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    // disable role Engineer
    ObjectDelta disableEngineerDelta = DeltaBuilder.deltaFor(RoleType.class, prismContext).item(ACTIVATION_ADMINISTRATIVE_STATUS_PATH).replace(ActivationStatusType.DISABLED).asObjectDelta(ROLE_CORP_ENGINEER_OID);
    modelService.executeChanges(Collections.<ObjectDelta<? extends ObjectType>>singletonList(disableEngineerDelta), null, task, result);
    AssignmentEvaluator<UserType> assignmentEvaluator = createAssignmentEvaluator();
    PrismAsserts.assertParentConsistency(userTypeJack.asPrismObject());
    AssignmentType assignmentType = getAssignmentType(ASSIGNMENT_ROLE_ENGINEER_FILE);
    ObjectDeltaObject<UserType> userOdo = new ObjectDeltaObject<>(userTypeJack.asPrismObject(), null, null);
    userOdo.recompute();
    ItemDeltaItem<PrismContainerValue<AssignmentType>, PrismContainerDefinition<AssignmentType>> assignmentIdi = new ItemDeltaItem<>();
    assignmentIdi.setItemOld(LensUtil.createAssignmentSingleValueContainerClone(assignmentType));
    assignmentIdi.recompute();
    // WHEN
    TestUtil.displayWhen(TEST_NAME);
    EvaluatedAssignmentImpl<UserType> evaluatedAssignment = assignmentEvaluator.evaluate(assignmentIdi, PlusMinusZero.ZERO, false, userTypeJack, "testRoleEngineer", task, result);
    evaluatedAssignment.evaluateConstructions(userOdo, task, result);
    // THEN
    TestUtil.displayThen(TEST_NAME);
    result.computeStatus();
    TestUtil.assertSuccess(result);
    assertNotNull(evaluatedAssignment);
    display("Evaluated assignment", evaluatedAssignment.debugDump());
    assertEquals(0, evaluatedAssignment.getConstructionTriple().size());
    PrismAsserts.assertParentConsistency(userTypeJack.asPrismObject());
    assertNoConstruction(evaluatedAssignment, ZERO, "title");
    assertNoConstruction(evaluatedAssignment, PLUS, "title");
    assertNoConstruction(evaluatedAssignment, MINUS, "title");
    assertNoConstruction(evaluatedAssignment, ZERO, "location");
    assertNoConstruction(evaluatedAssignment, PLUS, "location");
    assertNoConstruction(evaluatedAssignment, MINUS, "location");
    assertEquals("Wrong number of admin GUI configs", 0, evaluatedAssignment.getAdminGuiConfigurations().size());
}