Search in sources :

Example 1 with PropertyModificationOperation

use of com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation in project midpoint by Evolveum.

the class ConnectorInstanceConnIdImpl method modifyObject.

// TODO [med] beware, this method does not obey its contract specified in the interface
// (1) currently it does not return all the changes, only the 'side effect' changes
// (2) it throws exceptions even if some of the changes were made
// (3) among identifiers, only the UID value is updated on object rename
//     (other identifiers are ignored on input and output of this method)
@Override
public AsynchronousOperationReturnValue<Collection<PropertyModificationOperation>> modifyObject(ObjectClassComplexTypeDefinition objectClassDef, Collection<? extends ResourceAttribute<?>> identifiers, Collection<Operation> changes, StateReporter reporter, OperationResult parentResult) throws ObjectNotFoundException, CommunicationException, GenericFrameworkException, SchemaException, SecurityViolationException, ObjectAlreadyExistsException {
    OperationResult result = parentResult.createSubresult(ConnectorInstance.class.getName() + ".modifyObject");
    result.addParam("objectClass", objectClassDef);
    result.addCollectionOfSerializablesAsParam("identifiers", identifiers);
    result.addArbitraryCollectionAsParam("changes", changes);
    if (changes.isEmpty()) {
        LOGGER.info("No modifications for connector object specified. Skipping processing.");
        result.recordNotApplicableIfUnknown();
        return AsynchronousOperationReturnValue.wrap(new ArrayList<PropertyModificationOperation>(0), result);
    }
    ObjectClass objClass = connIdNameMapper.objectClassToIcf(objectClassDef, getSchemaNamespace(), connectorType, legacySchema);
    Uid uid;
    try {
        uid = getUid(objectClassDef, identifiers);
    } catch (SchemaException e) {
        result.recordFatalError(e);
        throw e;
    }
    if (uid == null) {
        result.recordFatalError("Cannot detemine UID from identifiers: " + identifiers);
        throw new IllegalArgumentException("Cannot detemine UID from identifiers: " + identifiers);
    }
    String originalUid = uid.getUidValue();
    Set<Attribute> attributesToAdd = new HashSet<>();
    Set<Attribute> attributesToUpdate = new HashSet<>();
    Set<Attribute> attributesToRemove = new HashSet<>();
    Set<Operation> additionalOperations = new HashSet<Operation>();
    PasswordChangeOperation passwordChangeOperation = null;
    Collection<PropertyDelta<?>> activationDeltas = new HashSet<PropertyDelta<?>>();
    PropertyDelta<ProtectedStringType> passwordDelta = null;
    PropertyDelta<QName> auxiliaryObjectClassDelta = null;
    for (Operation operation : changes) {
        if (operation == null) {
            IllegalArgumentException e = new IllegalArgumentException("Null operation in modifyObject");
            result.recordFatalError(e);
            throw e;
        }
        if (operation instanceof PropertyModificationOperation) {
            PropertyDelta<?> delta = ((PropertyModificationOperation) operation).getPropertyDelta();
            if (delta.getPath().equivalent(new ItemPath(ShadowType.F_AUXILIARY_OBJECT_CLASS))) {
                auxiliaryObjectClassDelta = (PropertyDelta<QName>) delta;
            }
        }
    }
    try {
        ObjectClassComplexTypeDefinition structuralObjectClassDefinition = resourceSchema.findObjectClassDefinition(objectClassDef.getTypeName());
        if (structuralObjectClassDefinition == null) {
            throw new SchemaException("No definition of structural object class " + objectClassDef.getTypeName() + " in " + description);
        }
        Map<QName, ObjectClassComplexTypeDefinition> auxiliaryObjectClassMap = new HashMap<>();
        if (auxiliaryObjectClassDelta != null) {
            // Activation change means modification of attributes
            if (auxiliaryObjectClassDelta.isReplace()) {
                if (auxiliaryObjectClassDelta.getValuesToReplace() == null || auxiliaryObjectClassDelta.getValuesToReplace().isEmpty()) {
                    attributesToUpdate.add(AttributeBuilder.build(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME));
                } else {
                    addConvertedValues(auxiliaryObjectClassDelta.getValuesToReplace(), attributesToUpdate, auxiliaryObjectClassMap);
                }
            } else {
                addConvertedValues(auxiliaryObjectClassDelta.getValuesToAdd(), attributesToAdd, auxiliaryObjectClassMap);
                addConvertedValues(auxiliaryObjectClassDelta.getValuesToDelete(), attributesToRemove, auxiliaryObjectClassMap);
            }
        }
        for (Operation operation : changes) {
            if (operation instanceof PropertyModificationOperation) {
                PropertyModificationOperation change = (PropertyModificationOperation) operation;
                PropertyDelta<?> delta = change.getPropertyDelta();
                if (delta.getParentPath().equivalent(new ItemPath(ShadowType.F_ATTRIBUTES))) {
                    if (delta.getDefinition() == null || !(delta.getDefinition() instanceof ResourceAttributeDefinition)) {
                        ResourceAttributeDefinition def = objectClassDef.findAttributeDefinition(delta.getElementName());
                        if (def == null) {
                            String message = "No definition for attribute " + delta.getElementName() + " used in modification delta";
                            result.recordFatalError(message);
                            throw new SchemaException(message);
                        }
                        try {
                            delta.applyDefinition(def);
                        } catch (SchemaException e) {
                            result.recordFatalError(e.getMessage(), e);
                            throw e;
                        }
                    }
                    boolean isInRemovedAuxClass = false;
                    boolean isInAddedAuxClass = false;
                    ResourceAttributeDefinition<Object> structAttrDef = structuralObjectClassDefinition.findAttributeDefinition(delta.getElementName());
                    // aux object class, we cannot add/remove it with the object class unless it is normally requested
                    if (structAttrDef == null) {
                        if (auxiliaryObjectClassDelta != null && auxiliaryObjectClassDelta.isDelete()) {
                            // is removed, the attributes must be removed as well.
                            for (PrismPropertyValue<QName> auxPval : auxiliaryObjectClassDelta.getValuesToDelete()) {
                                ObjectClassComplexTypeDefinition auxDef = auxiliaryObjectClassMap.get(auxPval.getValue());
                                ResourceAttributeDefinition<Object> attrDef = auxDef.findAttributeDefinition(delta.getElementName());
                                if (attrDef != null) {
                                    isInRemovedAuxClass = true;
                                    break;
                                }
                            }
                        }
                        if (auxiliaryObjectClassDelta != null && auxiliaryObjectClassDelta.isAdd()) {
                            // is added, the attributes must be added as well.
                            for (PrismPropertyValue<QName> auxPval : auxiliaryObjectClassDelta.getValuesToAdd()) {
                                ObjectClassComplexTypeDefinition auxOcDef = auxiliaryObjectClassMap.get(auxPval.getValue());
                                ResourceAttributeDefinition<Object> auxAttrDef = auxOcDef.findAttributeDefinition(delta.getElementName());
                                if (auxAttrDef != null) {
                                    isInAddedAuxClass = true;
                                    break;
                                }
                            }
                        }
                    }
                    // Change in (ordinary) attributes. Transform to the ConnId attributes.
                    if (delta.isAdd()) {
                        ResourceAttribute<?> mpAttr = (ResourceAttribute<?>) delta.instantiateEmptyProperty();
                        mpAttr.addValues((Collection) PrismValue.cloneCollection(delta.getValuesToAdd()));
                        Attribute connIdAttr = connIdConvertor.convertToConnIdAttribute(mpAttr, objectClassDef);
                        if (mpAttr.getDefinition().isMultiValue()) {
                            attributesToAdd.add(connIdAttr);
                        } else {
                            // Force "update" for single-valued attributes instead of "add". This is saving one
                            // read in some cases. It should also make no substantial difference in such case.
                            // But it is working around some connector bugs.
                            attributesToUpdate.add(connIdAttr);
                        }
                    }
                    if (delta.isDelete()) {
                        ResourceAttribute<?> mpAttr = (ResourceAttribute<?>) delta.instantiateEmptyProperty();
                        if (mpAttr.getDefinition().isMultiValue() || isInRemovedAuxClass) {
                            mpAttr.addValues((Collection) PrismValue.cloneCollection(delta.getValuesToDelete()));
                            Attribute connIdAttr = connIdConvertor.convertToConnIdAttribute(mpAttr, objectClassDef);
                            attributesToRemove.add(connIdAttr);
                        } else {
                            // Force "update" for single-valued attributes instead of "add". This is saving one
                            // read in some cases. 
                            // Update attribute to no values. This will efficiently clean up the attribute.
                            // It should also make no substantial difference in such case. 
                            // But it is working around some connector bugs.
                            Attribute connIdAttr = connIdConvertor.convertToConnIdAttribute(mpAttr, objectClassDef);
                            // update with EMTPY value. The mpAttr.addValues() is NOT in this branch
                            attributesToUpdate.add(connIdAttr);
                        }
                    }
                    if (delta.isReplace()) {
                        ResourceAttribute<?> mpAttr = (ResourceAttribute<?>) delta.instantiateEmptyProperty();
                        mpAttr.addValues((Collection) PrismValue.cloneCollection(delta.getValuesToReplace()));
                        Attribute connIdAttr = connIdConvertor.convertToConnIdAttribute(mpAttr, objectClassDef);
                        if (isInAddedAuxClass) {
                            attributesToAdd.add(connIdAttr);
                        } else {
                            attributesToUpdate.add(connIdAttr);
                        }
                    }
                } else if (delta.getParentPath().equivalent(new ItemPath(ShadowType.F_ACTIVATION))) {
                    activationDeltas.add(delta);
                } else if (delta.getParentPath().equivalent(new ItemPath(new ItemPath(ShadowType.F_CREDENTIALS), CredentialsType.F_PASSWORD))) {
                    passwordDelta = (PropertyDelta<ProtectedStringType>) delta;
                } else if (delta.getPath().equivalent(new ItemPath(ShadowType.F_AUXILIARY_OBJECT_CLASS))) {
                // already processed
                } else {
                    throw new SchemaException("Change of unknown attribute " + delta.getPath());
                }
            } else if (operation instanceof PasswordChangeOperation) {
                passwordChangeOperation = (PasswordChangeOperation) operation;
            // TODO: check for multiple occurrences and fail
            } else if (operation instanceof ExecuteProvisioningScriptOperation) {
                ExecuteProvisioningScriptOperation scriptOperation = (ExecuteProvisioningScriptOperation) operation;
                additionalOperations.add(scriptOperation);
            } else {
                throw new IllegalArgumentException("Unknown operation type " + operation.getClass().getName() + ": " + operation);
            }
        }
    } catch (SchemaException | RuntimeException e) {
        result.recordFatalError(e);
        throw e;
    }
    if (LOGGER.isTraceEnabled()) {
        LOGGER.trace("attributes:\nADD: {}\nUPDATE: {}\nREMOVE: {}", attributesToAdd, attributesToUpdate, attributesToRemove);
    }
    // Needs three complete try-catch blocks because we need to create
    // icfResult for each operation
    // and handle the faults individually
    checkAndExecuteAdditionalOperation(reporter, additionalOperations, BeforeAfterType.BEFORE, result);
    OperationResult connIdResult = null;
    try {
        if (!attributesToAdd.isEmpty()) {
            OperationOptions options = new OperationOptionsBuilder().build();
            connIdResult = result.createSubresult(ConnectorFacade.class.getName() + ".addAttributeValues");
            connIdResult.addParam("objectClass", objectClassDef);
            connIdResult.addParam("uid", uid.getUidValue());
            connIdResult.addArbitraryCollectionAsParam("attributes", attributesToAdd);
            connIdResult.addArbitraryObjectAsParam("options", options);
            connIdResult.addContext("connector", connIdConnectorFacade.getClass());
            if (LOGGER.isTraceEnabled()) {
                LOGGER.trace("Invoking ICF addAttributeValues(), objectclass={}, uid={}, attributes: {}", new Object[] { objClass, uid, dumpAttributes(attributesToAdd) });
            }
            InternalMonitor.recordConnectorOperation("addAttributeValues");
            // Invoking ConnId
            recordIcfOperationStart(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, uid);
            uid = connIdConnectorFacade.addAttributeValues(objClass, uid, attributesToAdd, options);
            recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, null, uid);
            connIdResult.recordSuccess();
        }
    } catch (Throwable ex) {
        recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, ex, uid);
        String desc = this.getHumanReadableName() + " while adding attribute values to object identified by ICF UID '" + uid.getUidValue() + "'";
        Throwable midpointEx = processIcfException(ex, desc, connIdResult);
        result.computeStatus("Adding attribute values failed");
        // exception
        if (midpointEx instanceof ObjectNotFoundException) {
            throw (ObjectNotFoundException) midpointEx;
        } else if (midpointEx instanceof CommunicationException) {
            //in this situation this is not a critical error, becasue we know to handle it..so mute the error and sign it as expected
            result.muteError();
            connIdResult.muteError();
            throw (CommunicationException) midpointEx;
        } else if (midpointEx instanceof GenericFrameworkException) {
            throw (GenericFrameworkException) midpointEx;
        } else if (midpointEx instanceof SchemaException) {
            throw (SchemaException) midpointEx;
        } else if (midpointEx instanceof AlreadyExistsException) {
            throw (AlreadyExistsException) midpointEx;
        } else if (midpointEx instanceof RuntimeException) {
            throw (RuntimeException) midpointEx;
        } else if (midpointEx instanceof SecurityViolationException) {
            throw (SecurityViolationException) midpointEx;
        } else if (midpointEx instanceof Error) {
            throw (Error) midpointEx;
        } else {
            throw new SystemException("Got unexpected exception: " + ex.getClass().getName() + ": " + ex.getMessage(), ex);
        }
    }
    if (!attributesToUpdate.isEmpty() || activationDeltas != null || passwordDelta != null || auxiliaryObjectClassDelta != null) {
        try {
            if (activationDeltas != null) {
                // Activation change means modification of attributes
                convertFromActivation(attributesToUpdate, activationDeltas);
            }
            if (passwordDelta != null) {
                // Activation change means modification of attributes
                convertFromPassword(attributesToUpdate, passwordDelta);
            }
        } catch (SchemaException ex) {
            result.recordFatalError("Error while converting resource object attributes. Reason: " + ex.getMessage(), ex);
            throw new SchemaException("Error while converting resource object attributes. Reason: " + ex.getMessage(), ex);
        } catch (RuntimeException ex) {
            result.recordFatalError("Error while converting resource object attributes. Reason: " + ex.getMessage(), ex);
            throw ex;
        }
        if (!attributesToUpdate.isEmpty()) {
            OperationOptions options = new OperationOptionsBuilder().build();
            connIdResult = result.createSubresult(ConnectorFacade.class.getName() + ".update");
            connIdResult.addParam("objectClass", objectClassDef);
            connIdResult.addParam("uid", uid == null ? "null" : uid.getUidValue());
            connIdResult.addArbitraryCollectionAsParam("attributes", attributesToUpdate);
            connIdResult.addArbitraryObjectAsParam("options", options);
            connIdResult.addContext("connector", connIdConnectorFacade.getClass());
            if (LOGGER.isTraceEnabled()) {
                LOGGER.trace("Invoking ICF update(), objectclass={}, uid={}, attributes: {}", new Object[] { objClass, uid, dumpAttributes(attributesToUpdate) });
            }
            try {
                // Call ICF
                InternalMonitor.recordConnectorOperation("update");
                recordIcfOperationStart(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, uid);
                uid = connIdConnectorFacade.update(objClass, uid, attributesToUpdate, options);
                recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, null, uid);
                connIdResult.recordSuccess();
            } catch (Throwable ex) {
                recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, ex, uid);
                String desc = this.getHumanReadableName() + " while updating object identified by ICF UID '" + uid.getUidValue() + "'";
                Throwable midpointEx = processIcfException(ex, desc, connIdResult);
                result.computeStatus("Update failed");
                // exception
                if (midpointEx instanceof ObjectNotFoundException) {
                    throw (ObjectNotFoundException) midpointEx;
                } else if (midpointEx instanceof CommunicationException) {
                    //in this situation this is not a critical error, becasue we know to handle it..so mute the error and sign it as expected
                    result.muteError();
                    connIdResult.muteError();
                    throw (CommunicationException) midpointEx;
                } else if (midpointEx instanceof GenericFrameworkException) {
                    throw (GenericFrameworkException) midpointEx;
                } else if (midpointEx instanceof SchemaException) {
                    throw (SchemaException) midpointEx;
                } else if (midpointEx instanceof ObjectAlreadyExistsException) {
                    throw (ObjectAlreadyExistsException) midpointEx;
                } else if (midpointEx instanceof RuntimeException) {
                    throw (RuntimeException) midpointEx;
                } else if (midpointEx instanceof SecurityViolationException) {
                    throw (SecurityViolationException) midpointEx;
                } else if (midpointEx instanceof Error) {
                    throw (Error) midpointEx;
                } else {
                    throw new SystemException("Got unexpected exception: " + ex.getClass().getName() + ": " + ex.getMessage(), ex);
                }
            }
        }
    }
    try {
        if (!attributesToRemove.isEmpty()) {
            OperationOptions options = new OperationOptionsBuilder().build();
            connIdResult = result.createSubresult(ConnectorFacade.class.getName() + ".removeAttributeValues");
            connIdResult.addParam("objectClass", objectClassDef);
            connIdResult.addParam("uid", uid.getUidValue());
            connIdResult.addArbitraryCollectionAsParam("attributes", attributesToRemove);
            connIdResult.addArbitraryObjectAsParam("options", options);
            connIdResult.addContext("connector", connIdConnectorFacade.getClass());
            if (LOGGER.isTraceEnabled()) {
                LOGGER.trace("Invoking ICF removeAttributeValues(), objectclass={}, uid={}, attributes: {}", new Object[] { objClass, uid, dumpAttributes(attributesToRemove) });
            }
            InternalMonitor.recordConnectorOperation("removeAttributeValues");
            recordIcfOperationStart(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, uid);
            uid = connIdConnectorFacade.removeAttributeValues(objClass, uid, attributesToRemove, options);
            recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, null, uid);
            connIdResult.recordSuccess();
        }
    } catch (Throwable ex) {
        recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_UPDATE, objectClassDef, ex, uid);
        String desc = this.getHumanReadableName() + " while removing attribute values from object identified by ICF UID '" + uid.getUidValue() + "'";
        Throwable midpointEx = processIcfException(ex, desc, connIdResult);
        result.computeStatus("Removing attribute values failed");
        // exception
        if (midpointEx instanceof ObjectNotFoundException) {
            throw (ObjectNotFoundException) midpointEx;
        } else if (midpointEx instanceof CommunicationException) {
            //in this situation this is not a critical error, becasue we know to handle it..so mute the error and sign it as expected
            result.muteError();
            connIdResult.muteError();
            throw (CommunicationException) midpointEx;
        } else if (midpointEx instanceof GenericFrameworkException) {
            throw (GenericFrameworkException) midpointEx;
        } else if (midpointEx instanceof SchemaException) {
            throw (SchemaException) midpointEx;
        } else if (midpointEx instanceof ObjectAlreadyExistsException) {
            throw (ObjectAlreadyExistsException) midpointEx;
        } else if (midpointEx instanceof RuntimeException) {
            throw (RuntimeException) midpointEx;
        } else if (midpointEx instanceof SecurityViolationException) {
            throw (SecurityViolationException) midpointEx;
        } else if (midpointEx instanceof Error) {
            throw (Error) midpointEx;
        } else {
            throw new SystemException("Got unexpected exception: " + ex.getClass().getName() + ": " + ex.getMessage(), ex);
        }
    }
    checkAndExecuteAdditionalOperation(reporter, additionalOperations, BeforeAfterType.AFTER, result);
    result.computeStatus();
    Collection<PropertyModificationOperation> sideEffectChanges = new ArrayList<>();
    if (!originalUid.equals(uid.getUidValue())) {
        // UID was changed during the operation, this is most likely a
        // rename
        PropertyDelta<String> uidDelta = createUidDelta(uid, getUidDefinition(objectClassDef, identifiers));
        PropertyModificationOperation uidMod = new PropertyModificationOperation(uidDelta);
        // TODO what about matchingRuleQName ?
        sideEffectChanges.add(uidMod);
        replaceUidValue(objectClassDef, identifiers, uid);
    }
    return AsynchronousOperationReturnValue.wrap(sideEffectChanges, result);
}
Also used : SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) AsynchronousOperationResult(com.evolveum.midpoint.schema.result.AsynchronousOperationResult) GuardedString(org.identityconnectors.common.security.GuardedString) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta) ObjectAlreadyExistsException(com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectAlreadyExistsException(com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException) AlreadyExistsException(org.identityconnectors.framework.common.exceptions.AlreadyExistsException) Uid(org.identityconnectors.framework.common.objects.Uid) QualifiedUid(org.identityconnectors.framework.common.objects.QualifiedUid) ConnectorObject(org.identityconnectors.framework.common.objects.ConnectorObject) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) ExecuteProvisioningScriptOperation(com.evolveum.midpoint.provisioning.ucf.api.ExecuteProvisioningScriptOperation) OperationOptions(org.identityconnectors.framework.common.objects.OperationOptions) Attribute(org.identityconnectors.framework.common.objects.Attribute) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) APIOperation(org.identityconnectors.framework.api.operations.APIOperation) ExecuteProvisioningScriptOperation(com.evolveum.midpoint.provisioning.ucf.api.ExecuteProvisioningScriptOperation) PasswordChangeOperation(com.evolveum.midpoint.provisioning.ucf.api.PasswordChangeOperation) ConnectorTestOperation(com.evolveum.midpoint.schema.constants.ConnectorTestOperation) Operation(com.evolveum.midpoint.provisioning.ucf.api.Operation) ProvisioningOperation(com.evolveum.midpoint.schema.statistics.ProvisioningOperation) OperationOptionsBuilder(org.identityconnectors.framework.common.objects.OperationOptionsBuilder) SystemException(com.evolveum.midpoint.util.exception.SystemException) ConnectorFacade(org.identityconnectors.framework.api.ConnectorFacade) ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass) CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException) GenericFrameworkException(com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException) QName(javax.xml.namespace.QName) PasswordChangeOperation(com.evolveum.midpoint.provisioning.ucf.api.PasswordChangeOperation) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 2 with PropertyModificationOperation

use of com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation in project midpoint by Evolveum.

the class EntitlementConverter method processEntitlementsAdd.

//////////
// ADD
/////////
public void processEntitlementsAdd(ProvisioningContext ctx, PrismObject<ShadowType> shadow) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
    PrismContainer<ShadowAssociationType> associationContainer = shadow.findContainer(ShadowType.F_ASSOCIATION);
    if (associationContainer == null || associationContainer.isEmpty()) {
        return;
    }
    Map<QName, PropertyModificationOperation> operationMap = new HashMap<>();
    collectEntitlementToAttrsDelta(ctx, operationMap, associationContainer.getValues(), ModificationType.ADD);
    for (PropertyModificationOperation operation : operationMap.values()) {
        operation.getPropertyDelta().applyTo(shadow);
    }
}
Also used : HashMap(java.util.HashMap) QName(javax.xml.namespace.QName) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) ShadowAssociationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType)

Example 3 with PropertyModificationOperation

use of com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation in project midpoint by Evolveum.

the class EntitlementConverter method collectEntitlementAsObjectOperation.

private <TV, TA> PrismObject<ShadowType> collectEntitlementAsObjectOperation(ProvisioningContext subjectCtx, Map<ResourceObjectDiscriminator, ResourceObjectOperations> roMap, PrismContainerValue<ShadowAssociationType> associationCVal, PrismObject<ShadowType> subjectShadowBefore, PrismObject<ShadowType> subjectShadowAfter, ModificationType modificationType, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, SecurityViolationException, ConfigurationException, ExpressionEvaluationException {
    ResourceType resource = subjectCtx.getResource();
    ShadowAssociationType associationType = associationCVal.asContainerable();
    QName associationName = associationType.getName();
    if (associationName == null) {
        throw new SchemaException("No name in entitlement association " + associationCVal);
    }
    RefinedAssociationDefinition assocDefType = subjectCtx.getObjectClassDefinition().findAssociationDefinition(associationName);
    if (assocDefType == null) {
        throw new SchemaException("No entitlement association with name " + assocDefType + " in schema of " + resource);
    }
    ResourceObjectAssociationDirectionType direction = assocDefType.getResourceObjectAssociationType().getDirection();
    if (direction != ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
        // Process just this one direction. The other direction was processed before
        return subjectShadowAfter;
    }
    Collection<String> entitlementIntents = assocDefType.getIntents();
    if (entitlementIntents == null || entitlementIntents.isEmpty()) {
        throw new SchemaException("No entitlement intent specified in association " + associationCVal + " in " + resource);
    }
    ShadowKindType entitlementKind = assocDefType.getKind();
    if (entitlementKind == null) {
        entitlementKind = ShadowKindType.ENTITLEMENT;
    }
    for (String entitlementIntent : entitlementIntents) {
        ProvisioningContext entitlementCtx = subjectCtx.spawn(entitlementKind, entitlementIntent);
        RefinedObjectClassDefinition entitlementOcDef = entitlementCtx.getObjectClassDefinition();
        if (entitlementOcDef == null) {
            throw new SchemaException("No definition of entitlement intent(s) '" + entitlementIntents + "' specified in association " + associationCVal + " in " + resource);
        }
        QName assocAttrName = assocDefType.getResourceObjectAssociationType().getAssociationAttribute();
        if (assocAttrName == null) {
            throw new SchemaException("No association attribute defined in entitlement association in " + resource);
        }
        RefinedAttributeDefinition assocAttrDef = entitlementOcDef.findAttributeDefinition(assocAttrName);
        if (assocAttrDef == null) {
            throw new SchemaException("Association attribute '" + assocAttrName + "'defined in entitlement association was not found in entitlement intent(s) '" + entitlementIntents + "' in schema for " + resource);
        }
        ResourceAttributeContainer identifiersContainer = ShadowUtil.getAttributesContainer(associationCVal, ShadowAssociationType.F_IDENTIFIERS);
        Collection<ResourceAttribute<?>> entitlementIdentifiersFromAssociation = identifiersContainer.getAttributes();
        ResourceObjectDiscriminator disc = new ResourceObjectDiscriminator(entitlementOcDef.getTypeName(), entitlementIdentifiersFromAssociation);
        ResourceObjectOperations operations = roMap.get(disc);
        if (operations == null) {
            operations = new ResourceObjectOperations();
            operations.setResourceObjectContext(entitlementCtx);
            roMap.put(disc, operations);
        }
        QName valueAttrName = assocDefType.getResourceObjectAssociationType().getValueAttribute();
        if (valueAttrName == null) {
            throw new SchemaException("No value attribute defined in entitlement association in " + resource);
        }
        // Which shadow would we use - shadowBefore or shadowAfter?
        //
        // If the operation is ADD or REPLACE, we use current version of the shadow (shadowAfter), because we want
        // to ensure that we add most-recent data to the subject.
        //
        // If the operation is DELETE, we have two possibilities:
        //  - if the resource provides referential integrity, the subject has already
        //    new data (because the object operation was already carried out), so we use shadowAfter
        //  - if the resource does not provide referential integrity, the subject has OLD data
        //    so we use shadowBefore
        PrismObject<ShadowType> subjectShadow;
        if (modificationType != ModificationType.DELETE) {
            subjectShadow = subjectShadowAfter;
        } else {
            if (assocDefType.requiresExplicitReferentialIntegrity()) {
                // we must ensure the referential integrity
                subjectShadow = subjectShadowBefore;
            } else {
                // i.e. resource has ref integrity assured by itself
                subjectShadow = subjectShadowAfter;
            }
        }
        ResourceAttribute<TV> valueAttr = ShadowUtil.getAttribute(subjectShadow, valueAttrName);
        if (valueAttr == null) {
            if (!ShadowUtil.isFullShadow(subjectShadow)) {
                Collection<ResourceAttribute<?>> subjectIdentifiers = ShadowUtil.getAllIdentifiers(subjectShadow);
                LOGGER.trace("Fetching {} ({})", subjectShadow, subjectIdentifiers);
                subjectShadow = resourceObjectReferenceResolver.fetchResourceObject(subjectCtx, subjectIdentifiers, null, result);
                subjectShadowAfter = subjectShadow;
                valueAttr = ShadowUtil.getAttribute(subjectShadow, valueAttrName);
            }
            if (valueAttr == null) {
                LOGGER.error("No value attribute {} in shadow\n{}", valueAttrName, subjectShadow.debugDump());
                // TODO: check schema and try to fetch full shadow if necessary
                throw new SchemaException("No value attribute " + valueAttrName + " in " + subjectShadow);
            }
        }
        PropertyDelta<TA> attributeDelta = null;
        for (Operation operation : operations.getOperations()) {
            if (operation instanceof PropertyModificationOperation) {
                PropertyModificationOperation propOp = (PropertyModificationOperation) operation;
                if (propOp.getPropertyDelta().getElementName().equals(assocAttrName)) {
                    attributeDelta = propOp.getPropertyDelta();
                }
            }
        }
        if (attributeDelta == null) {
            attributeDelta = assocAttrDef.createEmptyDelta(new ItemPath(ShadowType.F_ATTRIBUTES, assocAttrName));
        }
        PrismProperty<TA> changedAssocAttr = PrismUtil.convertProperty(valueAttr, assocAttrDef);
        if (modificationType == ModificationType.ADD) {
            attributeDelta.addValuesToAdd(changedAssocAttr.getClonedValues());
        } else if (modificationType == ModificationType.DELETE) {
            attributeDelta.addValuesToDelete(changedAssocAttr.getClonedValues());
        } else if (modificationType == ModificationType.REPLACE) {
            // TODO: check if already exists
            attributeDelta.setValuesToReplace(changedAssocAttr.getClonedValues());
        }
        if (ResourceTypeUtil.isAvoidDuplicateValues(resource)) {
            PrismObject<ShadowType> currentObjectShadow = operations.getCurrentShadow();
            if (currentObjectShadow == null) {
                LOGGER.trace("Fetching entitlement shadow {} to avoid value duplication (intent={})", entitlementIdentifiersFromAssociation, entitlementIntent);
                currentObjectShadow = resourceObjectReferenceResolver.fetchResourceObject(entitlementCtx, entitlementIdentifiersFromAssociation, null, result);
                operations.setCurrentShadow(currentObjectShadow);
            }
            // TODO it seems that duplicate values are checked twice: once here and the second time in ResourceObjectConverter.executeModify
            // TODO check that and fix if necessary
            PropertyDelta<TA> attributeDeltaAfterNarrow = ProvisioningUtil.narrowPropertyDelta(attributeDelta, currentObjectShadow, assocDefType.getMatchingRule(), matchingRuleRegistry);
            if (LOGGER.isTraceEnabled() && (attributeDeltaAfterNarrow == null || attributeDeltaAfterNarrow.isEmpty())) {
                LOGGER.trace("Not collecting entitlement object operations ({}) association {}: attribute delta is empty after narrow, orig delta: {}", modificationType, associationName.getLocalPart(), attributeDelta);
            }
            attributeDelta = attributeDeltaAfterNarrow;
        }
        if (attributeDelta != null && !attributeDelta.isEmpty()) {
            PropertyModificationOperation attributeModification = new PropertyModificationOperation(attributeDelta);
            attributeModification.setMatchingRuleQName(assocDefType.getMatchingRule());
            LOGGER.trace("Collecting entitlement object operations ({}) association {}: {}", modificationType, associationName.getLocalPart(), attributeModification);
            operations.add(attributeModification);
        }
    }
    return subjectShadowAfter;
}
Also used : ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) Operation(com.evolveum.midpoint.provisioning.ucf.api.Operation) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) ResourceObjectAssociationDirectionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectAssociationDirectionType) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) ShadowAssociationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) QName(javax.xml.namespace.QName) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) ResourceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType) ShadowKindType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 4 with PropertyModificationOperation

use of com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation in project midpoint by Evolveum.

the class EntitlementConverter method collectEntitlementToAttrDelta.

/**
	 *  Collects entitlement changes from the shadow to entitlement section into attribute operations.
	 *  Collects a single value.
	 *  NOTE: only collects  SUBJECT_TO_ENTITLEMENT entitlement direction.
	 */
private <T> void collectEntitlementToAttrDelta(ProvisioningContext ctx, Map<QName, PropertyModificationOperation> operationMap, PrismContainerValue<ShadowAssociationType> associationCVal, ModificationType modificationType) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
    RefinedObjectClassDefinition objectClassDefinition = ctx.getObjectClassDefinition();
    ShadowAssociationType associationType = associationCVal.asContainerable();
    QName associationName = associationType.getName();
    if (associationName == null) {
        throw new SchemaException("No name in entitlement association " + associationCVal);
    }
    RefinedAssociationDefinition assocDefType = objectClassDefinition.findAssociationDefinition(associationName);
    if (assocDefType == null) {
        throw new SchemaException("No association with name " + associationName + " in " + objectClassDefinition + " in schema of " + ctx.getResource());
    }
    ResourceObjectAssociationDirectionType direction = assocDefType.getResourceObjectAssociationType().getDirection();
    if (direction != ResourceObjectAssociationDirectionType.SUBJECT_TO_OBJECT) {
        // therefore will be processed later
        return;
    }
    QName assocAttrName = assocDefType.getResourceObjectAssociationType().getAssociationAttribute();
    if (assocAttrName == null) {
        throw new SchemaException("No association attribute definied in entitlement association '" + associationName + "' in " + ctx.getResource());
    }
    RefinedAttributeDefinition assocAttrDef = objectClassDefinition.findAttributeDefinition(assocAttrName);
    if (assocAttrDef == null) {
        throw new SchemaException("Association attribute '" + assocAttrName + "'definied in entitlement association '" + associationName + "' was not found in schema for " + ctx.getResource());
    }
    PropertyModificationOperation attributeOperation = operationMap.get(assocAttrName);
    if (attributeOperation == null) {
        attributeOperation = new PropertyModificationOperation(assocAttrDef.createEmptyDelta(new ItemPath(ShadowType.F_ATTRIBUTES, assocAttrName)));
        attributeOperation.setMatchingRuleQName(assocDefType.getMatchingRule());
        operationMap.put(assocAttrName, attributeOperation);
    }
    QName valueAttrName = assocDefType.getResourceObjectAssociationType().getValueAttribute();
    if (valueAttrName == null) {
        throw new SchemaException("No value attribute defined in entitlement association '" + associationName + "' in " + ctx.getResource());
    }
    ResourceAttributeContainer identifiersContainer = ShadowUtil.getAttributesContainer(associationCVal, ShadowAssociationType.F_IDENTIFIERS);
    PrismProperty<T> valueAttr = identifiersContainer.findProperty(valueAttrName);
    if (valueAttr == null) {
        throw new SchemaException("No value attribute " + valueAttrName + " present in entitlement association '" + associationName + "' in shadow for " + ctx.getResource());
    }
    if (modificationType == ModificationType.ADD) {
        attributeOperation.getPropertyDelta().addValuesToAdd(valueAttr.getClonedValues());
    } else if (modificationType == ModificationType.DELETE) {
        attributeOperation.getPropertyDelta().addValuesToDelete(valueAttr.getClonedValues());
    } else if (modificationType == ModificationType.REPLACE) {
        // TODO: check if already exists
        attributeOperation.getPropertyDelta().setValuesToReplace(valueAttr.getClonedValues());
    }
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ResourceObjectAssociationDirectionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectAssociationDirectionType) QName(javax.xml.namespace.QName) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) ShadowAssociationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 5 with PropertyModificationOperation

use of com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation in project midpoint by Evolveum.

the class EntitlementConverter method collectEntitlementsAsObjectOperationDelete.

/////////
// DELETE
/////////
/**
	 * This is somehow different that all the other methods. We are not following the content of a shadow or delta. We are following
	 * the definitions. This is to avoid the need to read the object that is going to be deleted. In fact, the object should not be there
	 * any more, but we still want to clean up entitlement membership based on the information from the shadow.  
	 */
public <T> void collectEntitlementsAsObjectOperationDelete(ProvisioningContext subjectCtx, final Map<ResourceObjectDiscriminator, ResourceObjectOperations> roMap, PrismObject<ShadowType> subjectShadow, OperationResult parentResult) throws SchemaException, CommunicationException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
    Collection<RefinedAssociationDefinition> entitlementAssociationDefs = subjectCtx.getObjectClassDefinition().getAssociationDefinitions();
    if (entitlementAssociationDefs == null || entitlementAssociationDefs.isEmpty()) {
        // Nothing to do
        LOGGER.trace("No associations in deleted shadow");
        return;
    }
    ResourceAttributeContainer subjectAttributesContainer = ShadowUtil.getAttributesContainer(subjectShadow);
    for (final RefinedAssociationDefinition assocDefType : subjectCtx.getObjectClassDefinition().getAssociationDefinitions()) {
        if (assocDefType.getResourceObjectAssociationType().getDirection() != ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
            // We can ignore these. They will die together with the object. No need to explicitly delete them.
            LOGGER.trace("Ignoring subject-to-object association in deleted shadow");
            continue;
        }
        if (!assocDefType.requiresExplicitReferentialIntegrity()) {
            // Referential integrity not required for this one
            LOGGER.trace("Ignoring association in deleted shadow because it does not require explicit referential integrity assurance");
            continue;
        }
        if (assocDefType.getAuxiliaryObjectClass() != null && !subjectCtx.getObjectClassDefinition().hasAuxiliaryObjectClass(assocDefType.getAuxiliaryObjectClass())) {
            LOGGER.trace("Ignoring association in deleted shadow because subject does not have {} auxiliary object class", assocDefType.getAuxiliaryObjectClass());
            continue;
        }
        QName associationName = assocDefType.getName();
        if (associationName == null) {
            throw new SchemaException("No name in entitlement association " + assocDefType + " in " + subjectCtx.getResource());
        }
        ShadowKindType entitlementKind = assocDefType.getKind();
        if (entitlementKind == null) {
            entitlementKind = ShadowKindType.ENTITLEMENT;
        }
        for (String entitlementIntent : assocDefType.getIntents()) {
            final ProvisioningContext entitlementCtx = subjectCtx.spawn(entitlementKind, entitlementIntent);
            final RefinedObjectClassDefinition entitlementOcDef = entitlementCtx.getObjectClassDefinition();
            if (entitlementOcDef == null) {
                throw new SchemaException("No definition for entitlement intent(s) '" + assocDefType.getIntents() + "' defined in entitlement association " + associationName + " in " + subjectCtx.getResource());
            }
            final QName assocAttrName = assocDefType.getResourceObjectAssociationType().getAssociationAttribute();
            if (assocAttrName == null) {
                throw new SchemaException("No association attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
            }
            final RefinedAttributeDefinition assocAttrDef = entitlementOcDef.findAttributeDefinition(assocAttrName);
            if (assocAttrDef == null) {
                throw new SchemaException("Association attribute '" + assocAttrName + "'defined in entitlement association '" + associationName + "' was not found in schema for " + subjectCtx.getResource());
            }
            QName valueAttrName = assocDefType.getResourceObjectAssociationType().getValueAttribute();
            if (valueAttrName == null) {
                throw new SchemaException("No value attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
            }
            final ResourceAttribute<T> valueAttr = subjectAttributesContainer.findAttribute(valueAttrName);
            if (valueAttr == null || valueAttr.isEmpty()) {
                // Although we cannot really remedy the situation now, we at least throw an error so the problem is detected.
                throw new SchemaException("Value attribute " + valueAttrName + " has no value; attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
            }
            if (valueAttr.size() > 1) {
                throw new SchemaException("Value attribute " + valueAttrName + " has no more than one value; attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
            }
            ObjectQuery query = createQuery(assocDefType, assocAttrDef, valueAttr);
            AttributesToReturn attributesToReturn = ProvisioningUtil.createAttributesToReturn(entitlementCtx);
            SearchHierarchyConstraints searchHierarchyConstraints = null;
            ResourceObjectReferenceType baseContextRef = entitlementOcDef.getBaseContext();
            if (baseContextRef != null) {
                PrismObject<ShadowType> baseContextShadow = resourceObjectReferenceResolver.resolve(subjectCtx, baseContextRef, null, "base context specification in " + entitlementOcDef, parentResult);
                RefinedObjectClassDefinition baseContextObjectClassDefinition = subjectCtx.getRefinedSchema().determineCompositeObjectClassDefinition(baseContextShadow);
                ResourceObjectIdentification baseContextIdentification = ShadowUtil.getResourceObjectIdentification(baseContextShadow, baseContextObjectClassDefinition);
                searchHierarchyConstraints = new SearchHierarchyConstraints(baseContextIdentification, null);
            }
            ResultHandler<ShadowType> handler = new ResultHandler<ShadowType>() {

                @Override
                public boolean handle(PrismObject<ShadowType> entitlementShadow) {
                    Collection<? extends ResourceAttribute<?>> primaryIdentifiers = ShadowUtil.getPrimaryIdentifiers(entitlementShadow);
                    ResourceObjectDiscriminator disc = new ResourceObjectDiscriminator(entitlementOcDef.getTypeName(), primaryIdentifiers);
                    ResourceObjectOperations operations = roMap.get(disc);
                    if (operations == null) {
                        operations = new ResourceObjectOperations();
                        roMap.put(disc, operations);
                        operations.setResourceObjectContext(entitlementCtx);
                        Collection<? extends ResourceAttribute<?>> allIdentifiers = ShadowUtil.getAllIdentifiers(entitlementShadow);
                        operations.setAllIdentifiers(allIdentifiers);
                    }
                    PropertyDelta<T> attributeDelta = null;
                    for (Operation operation : operations.getOperations()) {
                        if (operation instanceof PropertyModificationOperation) {
                            PropertyModificationOperation propOp = (PropertyModificationOperation) operation;
                            if (propOp.getPropertyDelta().getElementName().equals(assocAttrName)) {
                                attributeDelta = propOp.getPropertyDelta();
                            }
                        }
                    }
                    if (attributeDelta == null) {
                        attributeDelta = assocAttrDef.createEmptyDelta(new ItemPath(ShadowType.F_ATTRIBUTES, assocAttrName));
                        PropertyModificationOperation attributeModification = new PropertyModificationOperation(attributeDelta);
                        attributeModification.setMatchingRuleQName(assocDefType.getMatchingRule());
                        operations.add(attributeModification);
                    }
                    attributeDelta.addValuesToDelete(valueAttr.getClonedValues());
                    if (LOGGER.isTraceEnabled()) {
                        LOGGER.trace("Association in deleted shadow delta:\n{}", attributeDelta.debugDump());
                    }
                    return true;
                }
            };
            try {
                LOGGER.trace("Searching for associations in deleted shadow, query: {}", query);
                ConnectorInstance connector = subjectCtx.getConnector(ReadCapabilityType.class, parentResult);
                connector.search(entitlementOcDef, query, handler, attributesToReturn, null, searchHierarchyConstraints, subjectCtx, parentResult);
            } catch (TunnelException e) {
                throw (SchemaException) e.getCause();
            } catch (GenericFrameworkException e) {
                throw new GenericConnectorException(e.getMessage(), e);
            }
        }
    }
}
Also used : AttributesToReturn(com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) ResultHandler(com.evolveum.midpoint.provisioning.ucf.api.ResultHandler) Operation(com.evolveum.midpoint.provisioning.ucf.api.Operation) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) PrismObject(com.evolveum.midpoint.prism.PrismObject) TunnelException(com.evolveum.midpoint.util.exception.TunnelException) SearchHierarchyConstraints(com.evolveum.midpoint.schema.processor.SearchHierarchyConstraints) ResourceObjectIdentification(com.evolveum.midpoint.schema.processor.ResourceObjectIdentification) GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException) PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation) ResourceObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) GenericFrameworkException(com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException) QName(javax.xml.namespace.QName) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery) ConnectorInstance(com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance) ShadowKindType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Aggregations

PropertyModificationOperation (com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation)6 QName (javax.xml.namespace.QName)6 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)5 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)4 Operation (com.evolveum.midpoint.provisioning.ucf.api.Operation)4 ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)3 ShadowAssociationType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType)3 GenericFrameworkException (com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException)2 ResourceObjectAssociationDirectionType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectAssociationDirectionType)2 ShadowKindType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType)2 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)2 ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)2 GuardedString (org.identityconnectors.common.security.GuardedString)2 PrismObject (com.evolveum.midpoint.prism.PrismObject)1 PlusMinusZero (com.evolveum.midpoint.prism.delta.PlusMinusZero)1 PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)1 ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)1 GenericConnectorException (com.evolveum.midpoint.provisioning.api.GenericConnectorException)1 AttributesToReturn (com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn)1 ConnectorInstance (com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance)1