Example 1 with NoneFilter
use of com.evolveum.midpoint.prism.query.NoneFilter in project midpoint by Evolveum.
the class ModelInteractionServiceImpl method getAssignableRoleSpecification.
@Override
public <F extends FocusType> RoleSelectionSpecification getAssignableRoleSpecification(PrismObject<F> focus, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, ConfigurationException {
OperationResult result = parentResult.createMinorSubresult(GET_ASSIGNABLE_ROLE_SPECIFICATION);
RoleSelectionSpecification spec = new RoleSelectionSpecification();
ObjectSecurityConstraints securityConstraints = securityEnforcer.compileSecurityConstraints(focus, null);
if (securityConstraints == null) {
return null;
}
AuthorizationDecisionType decision = securityConstraints.findItemDecision(new ItemPath(FocusType.F_ASSIGNMENT), ModelAuthorizationAction.MODIFY.getUrl(), AuthorizationPhaseType.REQUEST);
if (decision == AuthorizationDecisionType.ALLOW) {
getAllRoleTypesSpec(spec, result);
result.recordSuccess();
return spec;
}
if (decision == AuthorizationDecisionType.DENY) {
result.recordSuccess();
spec.setNoRoleTypes();
spec.setFilter(NoneFilter.createNone());
return spec;
}
decision = securityConstraints.getActionDecision(ModelAuthorizationAction.MODIFY.getUrl(), AuthorizationPhaseType.REQUEST);
if (decision == AuthorizationDecisionType.ALLOW) {
getAllRoleTypesSpec(spec, result);
result.recordSuccess();
return spec;
}
if (decision == AuthorizationDecisionType.DENY) {
result.recordSuccess();
spec.setNoRoleTypes();
spec.setFilter(NoneFilter.createNone());
return spec;
}
try {
ObjectFilter filter = securityEnforcer.preProcessObjectFilter(ModelAuthorizationAction.ASSIGN.getUrl(), AuthorizationPhaseType.REQUEST, AbstractRoleType.class, focus, AllFilter.createAll());
LOGGER.trace("assignableRoleSpec filter: {}", filter);
spec.setFilter(filter);
if (filter instanceof NoneFilter) {
result.recordSuccess();
spec.setNoRoleTypes();
return spec;
} else if (filter == null || filter instanceof AllFilter) {
getAllRoleTypesSpec(spec, result);
result.recordSuccess();
return spec;
} else if (filter instanceof OrFilter) {
Collection<RoleSelectionSpecEntry> allRoleTypeDvals = new ArrayList<>();
for (ObjectFilter subfilter : ((OrFilter) filter).getConditions()) {
Collection<RoleSelectionSpecEntry> roleTypeDvals = getRoleSelectionSpecEntries(subfilter);
if (roleTypeDvals == null || roleTypeDvals.isEmpty()) {
// This branch of the OR clause does not have any constraint for roleType
// therefore all role types are possible (regardless of other branches, this is OR)
spec = new RoleSelectionSpecification();
spec.setFilter(filter);
getAllRoleTypesSpec(spec, result);
result.recordSuccess();
return spec;
} else {
allRoleTypeDvals.addAll(roleTypeDvals);
}
}
addRoleTypeSpecEntries(spec, allRoleTypeDvals, result);
} else {
Collection<RoleSelectionSpecEntry> roleTypeDvals = getRoleSelectionSpecEntries(filter);
if (roleTypeDvals == null || roleTypeDvals.isEmpty()) {
getAllRoleTypesSpec(spec, result);
result.recordSuccess();
return spec;
} else {
addRoleTypeSpecEntries(spec, roleTypeDvals, result);
}
}
result.recordSuccess();
return spec;
} catch (SchemaException | ConfigurationException | ObjectNotFoundException e) {
result.recordFatalError(e);
throw e;
}
}
Also used :
NoneFilter(com.evolveum.midpoint.prism.query.NoneFilter)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
OrFilter(com.evolveum.midpoint.prism.query.OrFilter)
ObjectSecurityConstraints(com.evolveum.midpoint.security.api.ObjectSecurityConstraints)
AllFilter(com.evolveum.midpoint.prism.query.AllFilter)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Example 2 with NoneFilter
use of com.evolveum.midpoint.prism.query.NoneFilter in project midpoint by Evolveum.
the class ProvisioningServiceImpl method countObjects.
public <T extends ObjectType> Integer countObjects(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
OperationResult result = parentResult.createMinorSubresult(ProvisioningService.class.getName() + ".countObjects");
result.addParam("objectType", type);
result.addParam("query", query);
result.addContext(OperationResult.CONTEXT_IMPLEMENTATION_CLASS, ProvisioningServiceImpl.class);
ObjectFilter filter = null;
if (query != null) {
filter = ObjectQueryUtil.simplify(query.getFilter());
query = query.cloneEmpty();
query.setFilter(filter);
}
if (filter != null && filter instanceof NoneFilter) {
result.recordSuccessIfUnknown();
result.cleanupResult();
LOGGER.trace("Finished counting. Nothing to do. Filter is NONE");
return 0;
}
GetOperationOptions rootOptions = SelectorOptions.findRootOptions(options);
if (!ShadowType.class.isAssignableFrom(type) || GetOperationOptions.isNoFetch(rootOptions) || GetOperationOptions.isRaw(rootOptions)) {
int count = getCacheRepositoryService().countObjects(type, query, parentResult);
result.computeStatus();
result.recordSuccessIfUnknown();
result.cleanupResult();
return count;
}
Integer count;
try {
count = getShadowCache(Mode.STANDARD).countObjects(query, task, result);
result.computeStatus();
} catch (ConfigurationException | CommunicationException | ObjectNotFoundException | SchemaException | ExpressionEvaluationException | RuntimeException | Error e) {
ProvisioningUtil.recordFatalError(LOGGER, result, null, e);
throw e;
} finally {
result.cleanupResult();
}
return count;
}
Also used :
NoneFilter(com.evolveum.midpoint.prism.query.NoneFilter)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException)
CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
GetOperationOptions(com.evolveum.midpoint.schema.GetOperationOptions)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Example 3 with NoneFilter
use of com.evolveum.midpoint.prism.query.NoneFilter in project midpoint by Evolveum.
the class SqlRepositoryServiceImpl method searchObjects.
@NotNull
@Override
public <T extends ObjectType> SearchResultList<PrismObject<T>> searchObjects(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, OperationResult result) throws SchemaException {
Validate.notNull(type, "Object type must not be null.");
Validate.notNull(result, "Operation result must not be null.");
logSearchInputParameters(type, query, false, null);
OperationResult subResult = result.createSubresult(SEARCH_OBJECTS);
subResult.addParam("type", type.getName());
subResult.addParam("query", query);
if (query != null) {
ObjectFilter filter = query.getFilter();
filter = ObjectQueryUtil.simplify(filter);
if (filter instanceof NoneFilter) {
subResult.recordSuccess();
return new SearchResultList(new ArrayList<PrismObject<T>>(0));
} else {
query = replaceSimplifiedFilter(query, filter);
}
}
SqlPerformanceMonitor pm = getPerformanceMonitor();
long opHandle = pm.registerOperationStart("searchObjects");
final String operation = "searching";
int attempt = 1;
try {
while (true) {
try {
return objectRetriever.searchObjectsAttempt(type, query, options, subResult);
} catch (RuntimeException ex) {
attempt = baseHelper.logOperationAttempt(null, operation, attempt, ex, subResult);
pm.registerOperationNewTrial(opHandle, attempt);
}
}
} finally {
pm.registerOperationFinish(opHandle, attempt);
}
}
Also used :
NoneFilter(com.evolveum.midpoint.prism.query.NoneFilter)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
NotNull(org.jetbrains.annotations.NotNull)
Example 4 with NoneFilter
use of com.evolveum.midpoint.prism.query.NoneFilter in project midpoint by Evolveum.
the class SqlRepositoryServiceImpl method searchObjectsIterative.
@Override
public <T extends ObjectType> SearchResultMetadata searchObjectsIterative(Class<T> type, ObjectQuery query, ResultHandler<T> handler, Collection<SelectorOptions<GetOperationOptions>> options, boolean strictlySequential, OperationResult result) throws SchemaException {
Validate.notNull(type, "Object type must not be null.");
Validate.notNull(handler, "Result handler must not be null.");
Validate.notNull(result, "Operation result must not be null.");
logSearchInputParameters(type, query, true, strictlySequential);
OperationResult subResult = result.createSubresult(SEARCH_OBJECTS_ITERATIVE);
subResult.addParam("type", type.getName());
subResult.addParam("query", query);
if (query != null) {
ObjectFilter filter = query.getFilter();
filter = ObjectQueryUtil.simplify(filter);
if (filter instanceof NoneFilter) {
subResult.recordSuccess();
return null;
} else {
query = replaceSimplifiedFilter(query, filter);
}
}
if (getConfiguration().isIterativeSearchByPaging()) {
if (strictlySequential) {
objectRetriever.searchObjectsIterativeByPagingStrictlySequential(type, query, handler, options, subResult);
} else {
objectRetriever.searchObjectsIterativeByPaging(type, query, handler, options, subResult);
}
return null;
}
// turned off until resolved 'unfinished operation' warning
// SqlPerformanceMonitor pm = getPerformanceMonitor();
// long opHandle = pm.registerOperationStart(SEARCH_OBJECTS_ITERATIVE);
final String operation = "searching iterative";
int attempt = 1;
try {
while (true) {
try {
objectRetriever.searchObjectsIterativeAttempt(type, query, handler, options, subResult);
return null;
} catch (RuntimeException ex) {
attempt = baseHelper.logOperationAttempt(null, operation, attempt, ex, subResult);
// pm.registerOperationNewTrial(opHandle, attempt);
}
}
} finally {
// pm.registerOperationFinish(opHandle, attempt);
}
}
Also used :
NoneFilter(com.evolveum.midpoint.prism.query.NoneFilter)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Example 5 with NoneFilter
use of com.evolveum.midpoint.prism.query.NoneFilter in project midpoint by Evolveum.
the class SqlRepositoryServiceImpl method searchContainers.
@Override
public <T extends Containerable> SearchResultList<T> searchContainers(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, OperationResult parentResult) throws SchemaException {
Validate.notNull(type, "Object type must not be null.");
Validate.notNull(parentResult, "Operation result must not be null.");
logSearchInputParameters(type, query, false, null);
OperationResult result = parentResult.createSubresult(SEARCH_CONTAINERS);
result.addParam("type", type.getName());
result.addParam("query", query);
if (query != null) {
ObjectFilter filter = query.getFilter();
filter = ObjectQueryUtil.simplify(filter);
if (filter instanceof NoneFilter) {
result.recordSuccess();
return new SearchResultList<>(new ArrayList<T>(0));
} else {
query = replaceSimplifiedFilter(query, filter);
}
}
SqlPerformanceMonitor pm = getPerformanceMonitor();
long opHandle = pm.registerOperationStart("searchContainers");
final String operation = "searching";
int attempt = 1;
try {
while (true) {
try {
return objectRetriever.searchContainersAttempt(type, query, options, result);
} catch (RuntimeException ex) {
attempt = baseHelper.logOperationAttempt(null, operation, attempt, ex, result);
pm.registerOperationNewTrial(opHandle, attempt);
}
}
} finally {
pm.registerOperationFinish(opHandle, attempt);
}
}
Also used :
NoneFilter(com.evolveum.midpoint.prism.query.NoneFilter)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Aggregations
NoneFilter (com.evolveum.midpoint.prism.query.NoneFilter)7
ObjectFilter (com.evolveum.midpoint.prism.query.ObjectFilter)7
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)7
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)4
PrismObject (com.evolveum.midpoint.prism.PrismObject)2
GetOperationOptions (com.evolveum.midpoint.schema.GetOperationOptions)2
ConfigurationException (com.evolveum.midpoint.util.exception.ConfigurationException)2
ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)2
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)2
CryptoUtil (com.evolveum.midpoint.common.crypto.CryptoUtil)1
RefinedObjectClassDefinition (com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)1
Objectable (com.evolveum.midpoint.prism.Objectable)1
PrismContext (com.evolveum.midpoint.prism.PrismContext)1
PrismObjectDefinition (com.evolveum.midpoint.prism.PrismObjectDefinition)1
PrismProperty (com.evolveum.midpoint.prism.PrismProperty)1
ItemDelta (com.evolveum.midpoint.prism.delta.ItemDelta)1
ObjectDelta (com.evolveum.midpoint.prism.delta.ObjectDelta)1
PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)1
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)1
AllFilter (com.evolveum.midpoint.prism.query.AllFilter)1
