use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.
the class EvaluatedAssignedResourceObjectConstructionImpl method getAssociationsToEvaluate.
@Override
protected List<AssociationEvaluation<AH>> getAssociationsToEvaluate(ConstructionEvaluation<AH, ?> constructionEvaluation) throws SchemaException {
List<AssociationEvaluation<AH>> associationsToEvaluate = new ArrayList<>();
for (ResourceObjectAssociationType associationDefinitionBean : construction.getConstructionBean().getAssociation()) {
QName assocName = ItemPathTypeUtil.asSingleNameOrFailNullSafe(associationDefinitionBean.getRef());
if (assocName == null) {
throw new SchemaException("No association name (ref) in association definition in construction in " + construction.getSource());
}
MappingType outboundMappingBean = associationDefinitionBean.getOutbound();
if (outboundMappingBean == null) {
throw new SchemaException("No outbound section in definition of association " + assocName + " in construction in " + construction.getSource());
}
ResourceAssociationDefinition resourceAssociationDefinition = construction.findAssociationDefinition(assocName);
if (resourceAssociationDefinition == null) {
throw new SchemaException("Association " + assocName + " not found in schema for resource object type " + getIntent() + ", " + construction.getResolvedResource().resource + " as defined in " + construction.getSource(), assocName);
}
associationsToEvaluate.add(new AssociationEvaluation<>(constructionEvaluation, resourceAssociationDefinition, outboundMappingBean, OriginType.ASSIGNMENTS, MappingKindType.CONSTRUCTION));
}
return associationsToEvaluate;
}
use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.
the class EvaluatedPlainResourceObjectConstructionImpl method getAssociationsToEvaluate.
@Override
protected List<AssociationEvaluation<AH>> getAssociationsToEvaluate(ConstructionEvaluation<AH, ?> constructionEvaluation) {
List<AssociationEvaluation<AH>> associationsToEvaluate = new ArrayList<>();
ResourceObjectDefinition objectDefinition = construction.getResourceObjectDefinitionRequired();
for (ResourceAssociationDefinition associationDefinition : objectDefinition.getAssociationDefinitions()) {
MappingType outboundMappingBean = associationDefinition.getOutboundMappingType();
if (outboundMappingBean == null) {
continue;
}
associationsToEvaluate.add(new AssociationEvaluation<>(constructionEvaluation, associationDefinition, outboundMappingBean, OriginType.OUTBOUND, MappingKindType.OUTBOUND));
}
return associationsToEvaluate;
}
use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.
the class ShadowCreator method createRepositoryShadow.
/**
* Create a copy of a resource object (or another shadow) that is suitable for repository storage.
*/
@NotNull
PrismObject<ShadowType> createRepositoryShadow(ProvisioningContext ctx, PrismObject<ShadowType> resourceObjectOrShadow) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException, EncryptionException {
ResourceAttributeContainer attributesContainer = ShadowUtil.getAttributesContainer(resourceObjectOrShadow);
PrismObject<ShadowType> repoShadow = resourceObjectOrShadow.clone();
ShadowType repoShadowType = repoShadow.asObjectable();
ResourceAttributeContainer repoAttributesContainer = ShadowUtil.getAttributesContainer(repoShadow);
repoShadowType.setPrimaryIdentifierValue(helper.determinePrimaryIdentifierValue(ctx, resourceObjectOrShadow));
CachingStategyType cachingStrategy = ProvisioningUtil.getCachingStrategy(ctx);
if (cachingStrategy == CachingStategyType.NONE) {
// Clean all repoShadow attributes and add only those that should be there
repoAttributesContainer.clear();
Collection<ResourceAttribute<?>> primaryIdentifiers = attributesContainer.getPrimaryIdentifiers();
for (PrismProperty<?> p : primaryIdentifiers) {
repoAttributesContainer.add(p.clone());
}
Collection<ResourceAttribute<?>> secondaryIdentifiers = attributesContainer.getSecondaryIdentifiers();
for (PrismProperty<?> p : secondaryIdentifiers) {
repoAttributesContainer.add(p.clone());
}
// Also add all the attributes that act as association identifiers.
// We will need them when the shadow is deleted (to remove the shadow from entitlements).
ResourceObjectDefinition objectDefinition = ctx.getObjectDefinitionRequired();
for (ResourceAssociationDefinition associationDef : objectDefinition.getAssociationDefinitions()) {
if (associationDef.getDirection() == ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
QName valueAttributeName = associationDef.getDefinitionBean().getValueAttribute();
if (repoAttributesContainer.findAttribute(valueAttributeName) == null) {
ResourceAttribute<Object> valueAttribute = attributesContainer.findAttribute(valueAttributeName);
if (valueAttribute != null) {
repoAttributesContainer.add(valueAttribute.clone());
}
}
}
}
repoShadowType.setCachingMetadata(null);
ProvisioningUtil.cleanupShadowActivation(repoShadowType);
} else if (cachingStrategy == CachingStategyType.PASSIVE) {
// Do not need to clear anything. Just store all attributes and add metadata.
CachingMetadataType cachingMetadata = new CachingMetadataType();
cachingMetadata.setRetrievalTimestamp(clock.currentTimeXMLGregorianCalendar());
repoShadowType.setCachingMetadata(cachingMetadata);
} else {
throw new ConfigurationException("Unknown caching strategy " + cachingStrategy);
}
helper.setKindIfNecessary(repoShadowType, ctx);
// setIntentIfNecessary(repoShadowType, objectClassDefinition);
// Store only password meta-data in repo - unless there is explicit caching
CredentialsType creds = repoShadowType.getCredentials();
if (creds != null) {
PasswordType passwordType = creds.getPassword();
if (passwordType != null) {
preparePasswordForStorage(passwordType, ctx);
ObjectReferenceType owner = ctx.getTask() != null ? ctx.getTask().getOwnerRef() : null;
ProvisioningUtil.addPasswordMetadata(passwordType, clock.currentTimeXMLGregorianCalendar(), owner);
}
// TODO: other credential types - later
}
// now
if (repoShadowType.getResourceRef() == null) {
repoShadowType.setResourceRef(ObjectTypeUtil.createObjectRef(ctx.getResource(), prismContext));
}
if (repoShadowType.getName() == null) {
repoShadowType.setName(new PolyStringType(ShadowUtil.determineShadowName(resourceObjectOrShadow)));
}
if (repoShadowType.getObjectClass() == null) {
repoShadowType.setObjectClass(attributesContainer.getDefinition().getTypeName());
}
if (repoShadowType.isProtectedObject() != null) {
repoShadowType.setProtectedObject(null);
}
helper.normalizeAttributes(repoShadow, ctx.getObjectDefinitionRequired());
return repoShadow;
}
use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.
the class ShadowedObjectConstruction method getAssociationDefinition.
@NotNull
private ResourceAssociationDefinition getAssociationDefinition(QName associationName) throws SchemaException {
ResourceObjectDefinition objectDefinition = ctx.getObjectDefinitionRequired();
ResourceAssociationDefinition rEntitlementAssociationDef = objectDefinition.findAssociationDefinition(associationName);
if (rEntitlementAssociationDef == null) {
LOGGER.trace("Entitlement association with name {} couldn't be found in {} {}\nresource shadow:\n{}\nrepo shadow:\n{}", associationName, objectDefinition, ctx.getDesc(), resourceObject.debugDumpLazily(1), repoShadow.debugDumpLazily(1));
LOGGER.trace("Full [refined] definition: {}", objectDefinition.debugDumpLazily());
throw new SchemaException("Entitlement association with name " + associationName + " couldn't be found in " + ctx);
}
return rEntitlementAssociationDef;
}
use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.
the class ShadowedObjectConstruction method setAssociationValueShadowRef.
/**
* Tries to acquire (find/create) shadow for given association value and fill-in its reference.
*
* @return false if the association value does not fit and should be removed
*/
private boolean setAssociationValueShadowRef(PrismContainerValue<ShadowAssociationType> associationValue, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, ExpressionEvaluationException, SecurityViolationException, EncryptionException {
LOGGER.trace("Determining shadowRef for {}", associationValue);
ResourceAttributeContainer identifierContainer = ShadowUtil.getAttributesContainer(associationValue, ShadowAssociationType.F_IDENTIFIERS);
ShadowAssociationType associationValueBean = associationValue.asContainerable();
QName associationName = associationValueBean.getName();
ResourceAssociationDefinition rAssociationDef = getAssociationDefinition(associationName);
ShadowKindType entitlementKind = rAssociationDef.getKind();
for (String entitlementIntent : rAssociationDef.getIntents()) {
LOGGER.trace("Processing kind={}, intent={} (from the definition)", entitlementKind, entitlementIntent);
ProvisioningContext ctxEntitlement = ctx.spawnForKindIntent(entitlementKind, entitlementIntent);
PrismObject<ShadowType> entitlementRepoShadow = acquireEntitlementRepoShadow(associationValue, identifierContainer, ctxEntitlement, result);
if (entitlementRepoShadow == null) {
// maybe we should try another intent
continue;
}
if (doesAssociationMatch(rAssociationDef, entitlementRepoShadow)) {
LOGGER.trace("Association value matches. Repo shadow is: {}", entitlementRepoShadow);
associationValueBean.setShadowRef(createObjectRef(entitlementRepoShadow, beans.prismContext));
} else {
LOGGER.trace("Association value does not match. Repo shadow is: {}", entitlementRepoShadow);
// See MID-5790
return false;
}
}
return true;
}
Aggregations