Search in sources :

Example 11 with UniformItemPath

use of com.evolveum.midpoint.prism.path.UniformItemPath in project midpoint by Evolveum.

the class GetOperationOptionsBuilderImpl method mergeFrom.

@Override
public GetOperationOptionsBuilder mergeFrom(Collection<SelectorOptions<GetOperationOptions>> newOptions) {
    currentPaths = singleton(prismContext.emptyPath());
    relationalValueSearchQuery = null;
    for (SelectorOptions<GetOperationOptions> newOption : emptyIfNull(newOptions)) {
        if (newOption.getOptions() != null) {
            UniformItemPath itemPath = newOption.getItemPath(prismContext.emptyPath());
            GetOperationOptions currentOptions = options.get(itemPath);
            if (currentOptions != null) {
                currentOptions.merge(newOption.getOptions());
            } else {
                options.put(itemPath, newOption.getOptions().clone());
            }
        }
    }
    return this;
}
Also used : UniformItemPath(com.evolveum.midpoint.prism.path.UniformItemPath)

Example 12 with UniformItemPath

use of com.evolveum.midpoint.prism.path.UniformItemPath in project midpoint by Evolveum.

the class SelectorOptions method extractOptionValues.

public static <T> Map<T, Collection<UniformItemPath>> extractOptionValues(Collection<SelectorOptions<GetOperationOptions>> options, Function<GetOperationOptions, T> supplier, PrismContext prismContext) {
    Map<T, Collection<UniformItemPath>> rv = new HashMap<>();
    final UniformItemPath emptyPath = prismContext.emptyPath();
    for (SelectorOptions<GetOperationOptions> selectorOption : CollectionUtils.emptyIfNull(options)) {
        T value = supplier.apply(selectorOption.getOptions());
        if (value != null) {
            Collection<UniformItemPath> itemPaths = rv.computeIfAbsent(value, t -> new HashSet<>());
            itemPaths.add(selectorOption.getItemPath(emptyPath));
        }
    }
    return rv;
}
Also used : UniformItemPath(com.evolveum.midpoint.prism.path.UniformItemPath)

Example 13 with UniformItemPath

use of com.evolveum.midpoint.prism.path.UniformItemPath in project midpoint by Evolveum.

the class GetOperationOptionsBuilderImpl method setFrom.

// endregion
// region Loading from options
@Override
public GetOperationOptionsBuilder setFrom(Collection<SelectorOptions<GetOperationOptions>> newOptions) {
    options.clear();
    currentPaths = singleton(prismContext.emptyPath());
    relationalValueSearchQuery = null;
    for (SelectorOptions<GetOperationOptions> newOption : emptyIfNull(newOptions)) {
        if (newOption.getOptions() != null) {
            UniformItemPath itemPath = newOption.getItemPath(prismContext.emptyPath());
            if (options.containsKey(itemPath)) {
                throw new IllegalStateException("Options for item path '" + itemPath + "' are defined more than once in " + newOptions);
            } else {
                options.put(itemPath, newOption.getOptions().clone());
            }
        }
    }
    return this;
}
Also used : UniformItemPath(com.evolveum.midpoint.prism.path.UniformItemPath)

Example 14 with UniformItemPath

use of com.evolveum.midpoint.prism.path.UniformItemPath in project midpoint by Evolveum.

the class SchemaTransformer method applySchemasAndSecurity.

/**
 * Validate the objects, apply security to the object definition, remove any non-visible properties (security),
 * apply object template definitions and so on. This method is called for
 * any object that is returned from the Model Service.
 */
<O extends ObjectType> void applySchemasAndSecurity(PrismObject<O> object, GetOperationOptions rootOptions, Collection<SelectorOptions<GetOperationOptions>> options, AuthorizationPhaseType phase, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException {
    LOGGER.trace("applySchemasAndSecurity({}) starting", object);
    OperationResult result = parentResult.createMinorSubresult(OP_APPLY_SCHEMAS_AND_SECURITY);
    authorizeOptions(rootOptions, object, null, phase, task, result);
    validateObject(object, rootOptions, result);
    ObjectSecurityConstraints securityConstraints = compileSecurityConstraints(object, task, result);
    transform(object, new DefinitionsToTransformable());
    PrismObjectDefinition<O> objectDefinition = object.getDefinition();
    if (phase == null) {
        if (!GetOperationOptions.isExecutionPhase(rootOptions)) {
            applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, AuthorizationPhaseType.REQUEST, task, result);
        }
        applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, AuthorizationPhaseType.EXECUTION, task, result);
    } else {
        if (phase == AuthorizationPhaseType.REQUEST && GetOperationOptions.isExecutionPhase(rootOptions)) {
        // Skip application of security constraints for request phase.
        // The caller asked to skip evaluation of request authorization, so everything is allowed here.
        } else {
            applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, phase, task, result);
        }
    }
    // we do not need to process object template when processing REQUEST in RAW mode.
    if (!GetOperationOptions.isRaw(rootOptions)) {
        ObjectTemplateType objectTemplateType;
        try {
            objectTemplateType = determineObjectTemplate(object, AuthorizationPhaseType.REQUEST, result);
        } catch (ConfigurationException | SchemaException | ObjectNotFoundException e) {
            result.recordFatalError(e);
            throw e;
        }
        applyObjectTemplateToObject(object, objectTemplateType, result);
    }
    if (CollectionUtils.isNotEmpty(options)) {
        Map<DefinitionProcessingOption, Collection<UniformItemPath>> definitionProcessing = SelectorOptions.extractOptionValues(options, (o) -> o.getDefinitionProcessing(), prismContext);
        if (CollectionUtils.isNotEmpty(definitionProcessing.get(DefinitionProcessingOption.NONE))) {
            throw new UnsupportedOperationException("'NONE' definition processing is not supported now");
        }
        Collection<UniformItemPath> onlyIfExists = definitionProcessing.get(DefinitionProcessingOption.ONLY_IF_EXISTS);
        if (CollectionUtils.isNotEmpty(onlyIfExists)) {
            if (onlyIfExists.size() != 1 || !ItemPath.isEmpty(onlyIfExists.iterator().next())) {
                throw new UnsupportedOperationException("'ONLY_IF_EXISTS' definition processing is currently supported on root level only; not on " + onlyIfExists);
            }
            Collection<UniformItemPath> full = definitionProcessing.get(DefinitionProcessingOption.FULL);
            object.trimDefinitionTree(full);
        }
    }
    result.computeStatus();
    result.recordSuccessIfUnknown();
    LOGGER.trace("applySchemasAndSecurity finishing");
}
Also used : DefinitionProcessingOption(com.evolveum.midpoint.schema.DefinitionProcessingOption) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DefinitionsToTransformable(com.evolveum.midpoint.model.impl.schema.transform.DefinitionsToTransformable) ObjectSecurityConstraints(com.evolveum.midpoint.security.enforcer.api.ObjectSecurityConstraints) GetOperationOptions.createReadOnlyCollection(com.evolveum.midpoint.schema.GetOperationOptions.createReadOnlyCollection) UniformItemPath(com.evolveum.midpoint.prism.path.UniformItemPath)

Example 15 with UniformItemPath

use of com.evolveum.midpoint.prism.path.UniformItemPath in project midpoint by Evolveum.

the class SchemaTransformer method getVisibilityPolicy.

@NotNull
private <O extends ObjectType> List<VisibilityPolicyEntry> getVisibilityPolicy(ArchetypePolicyType archetypePolicy, Object contextDesc) throws SchemaException {
    List<VisibilityPolicyEntry> visibilityPolicy = new ArrayList<>();
    for (ItemConstraintType itemConstraint : archetypePolicy.getItemConstraint()) {
        UserInterfaceElementVisibilityType visibility = itemConstraint.getVisibility();
        if (visibility != null) {
            ItemPathType itemPathType = itemConstraint.getPath();
            if (itemPathType == null) {
                throw new SchemaException("No 'path' in item definition in archetype policy for " + contextDesc);
            }
            UniformItemPath itemPath = prismContext.toUniformPath(itemPathType);
            visibilityPolicy.add(new VisibilityPolicyEntry(itemPath, visibility));
        }
    }
    return visibilityPolicy;
}
Also used : ItemPathType(com.evolveum.prism.xml.ns._public.types_3.ItemPathType) UniformItemPath(com.evolveum.midpoint.prism.path.UniformItemPath) UserInterfaceElementVisibilityType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserInterfaceElementVisibilityType) NotNull(org.jetbrains.annotations.NotNull)

Aggregations

UniformItemPath (com.evolveum.midpoint.prism.path.UniformItemPath)18 NotNull (org.jetbrains.annotations.NotNull)5 GetOperationOptions (com.evolveum.midpoint.schema.GetOperationOptions)4 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)2 UserInterfaceElementVisibilityType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserInterfaceElementVisibilityType)2 ArrayList (java.util.ArrayList)2 Attribute (javax.persistence.metamodel.Attribute)2 MappingImpl (com.evolveum.midpoint.model.common.mapping.MappingImpl)1 DefinitionsToTransformable (com.evolveum.midpoint.model.impl.schema.transform.DefinitionsToTransformable)1 ItemName (com.evolveum.midpoint.prism.path.ItemName)1 JaxbName (com.evolveum.midpoint.repo.sql.query.definition.JaxbName)1 JaxbPath (com.evolveum.midpoint.repo.sql.query.definition.JaxbPath)1 JaxbType (com.evolveum.midpoint.repo.sql.query.definition.JaxbType)1 DefinitionProcessingOption (com.evolveum.midpoint.schema.DefinitionProcessingOption)1 GetOperationOptions.createReadOnlyCollection (com.evolveum.midpoint.schema.GetOperationOptions.createReadOnlyCollection)1 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)1 ObjectSecurityConstraints (com.evolveum.midpoint.security.enforcer.api.ObjectSecurityConstraints)1 ItemPathType (com.evolveum.prism.xml.ns._public.types_3.ItemPathType)1 Method (java.lang.reflect.Method)1 HashMap (java.util.HashMap)1