Examples with ResourceAssociationDefinition com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition used on opensource projects

Example 1 with ResourceAssociationDefinition

use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.

the class EvaluatedAssignedResourceObjectConstructionImpl method getAssociationsToEvaluate.

@Override
protected List<AssociationEvaluation<AH>> getAssociationsToEvaluate(ConstructionEvaluation<AH, ?> constructionEvaluation) throws SchemaException {
    List<AssociationEvaluation<AH>> associationsToEvaluate = new ArrayList<>();
    for (ResourceObjectAssociationType associationDefinitionBean : construction.getConstructionBean().getAssociation()) {
        QName assocName = ItemPathTypeUtil.asSingleNameOrFailNullSafe(associationDefinitionBean.getRef());
        if (assocName == null) {
            throw new SchemaException("No association name (ref) in association definition in construction in " + construction.getSource());
        }
        MappingType outboundMappingBean = associationDefinitionBean.getOutbound();
        if (outboundMappingBean == null) {
            throw new SchemaException("No outbound section in definition of association " + assocName + " in construction in " + construction.getSource());
        }
        ResourceAssociationDefinition resourceAssociationDefinition = construction.findAssociationDefinition(assocName);
        if (resourceAssociationDefinition == null) {
            throw new SchemaException("Association " + assocName + " not found in schema for resource object type " + getIntent() + ", " + construction.getResolvedResource().resource + " as defined in " + construction.getSource(), assocName);
        }
        associationsToEvaluate.add(new AssociationEvaluation<>(constructionEvaluation, resourceAssociationDefinition, outboundMappingBean, OriginType.ASSIGNMENTS, MappingKindType.CONSTRUCTION));
    }
    return associationsToEvaluate;
}

Example 2 with ResourceAssociationDefinition

use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.

the class EvaluatedPlainResourceObjectConstructionImpl method getAssociationsToEvaluate.

@Override
protected List<AssociationEvaluation<AH>> getAssociationsToEvaluate(ConstructionEvaluation<AH, ?> constructionEvaluation) {
    List<AssociationEvaluation<AH>> associationsToEvaluate = new ArrayList<>();
    ResourceObjectDefinition objectDefinition = construction.getResourceObjectDefinitionRequired();
    for (ResourceAssociationDefinition associationDefinition : objectDefinition.getAssociationDefinitions()) {
        MappingType outboundMappingBean = associationDefinition.getOutboundMappingType();
        if (outboundMappingBean == null) {
            continue;
        }
        associationsToEvaluate.add(new AssociationEvaluation<>(constructionEvaluation, associationDefinition, outboundMappingBean, OriginType.OUTBOUND, MappingKindType.OUTBOUND));
    }
    return associationsToEvaluate;
}

Example 3 with ResourceAssociationDefinition

use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.

the class ShadowCreator method createRepositoryShadow.

/**
 * Create a copy of a resource object (or another shadow) that is suitable for repository storage.
 */
@NotNull
PrismObject<ShadowType> createRepositoryShadow(ProvisioningContext ctx, PrismObject<ShadowType> resourceObjectOrShadow) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException, EncryptionException {
    ResourceAttributeContainer attributesContainer = ShadowUtil.getAttributesContainer(resourceObjectOrShadow);
    PrismObject<ShadowType> repoShadow = resourceObjectOrShadow.clone();
    ShadowType repoShadowType = repoShadow.asObjectable();
    ResourceAttributeContainer repoAttributesContainer = ShadowUtil.getAttributesContainer(repoShadow);
    repoShadowType.setPrimaryIdentifierValue(helper.determinePrimaryIdentifierValue(ctx, resourceObjectOrShadow));
    CachingStategyType cachingStrategy = ProvisioningUtil.getCachingStrategy(ctx);
    if (cachingStrategy == CachingStategyType.NONE) {
        // Clean all repoShadow attributes and add only those that should be there
        repoAttributesContainer.clear();
        Collection<ResourceAttribute<?>> primaryIdentifiers = attributesContainer.getPrimaryIdentifiers();
        for (PrismProperty<?> p : primaryIdentifiers) {
            repoAttributesContainer.add(p.clone());
        }
        Collection<ResourceAttribute<?>> secondaryIdentifiers = attributesContainer.getSecondaryIdentifiers();
        for (PrismProperty<?> p : secondaryIdentifiers) {
            repoAttributesContainer.add(p.clone());
        }
        // Also add all the attributes that act as association identifiers.
        // We will need them when the shadow is deleted (to remove the shadow from entitlements).
        ResourceObjectDefinition objectDefinition = ctx.getObjectDefinitionRequired();
        for (ResourceAssociationDefinition associationDef : objectDefinition.getAssociationDefinitions()) {
            if (associationDef.getDirection() == ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
                QName valueAttributeName = associationDef.getDefinitionBean().getValueAttribute();
                if (repoAttributesContainer.findAttribute(valueAttributeName) == null) {
                    ResourceAttribute<Object> valueAttribute = attributesContainer.findAttribute(valueAttributeName);
                    if (valueAttribute != null) {
                        repoAttributesContainer.add(valueAttribute.clone());
                    }
                }
            }
        }
        repoShadowType.setCachingMetadata(null);
        ProvisioningUtil.cleanupShadowActivation(repoShadowType);
    } else if (cachingStrategy == CachingStategyType.PASSIVE) {
        // Do not need to clear anything. Just store all attributes and add metadata.
        CachingMetadataType cachingMetadata = new CachingMetadataType();
        cachingMetadata.setRetrievalTimestamp(clock.currentTimeXMLGregorianCalendar());
        repoShadowType.setCachingMetadata(cachingMetadata);
    } else {
        throw new ConfigurationException("Unknown caching strategy " + cachingStrategy);
    }
    helper.setKindIfNecessary(repoShadowType, ctx);
    // setIntentIfNecessary(repoShadowType, objectClassDefinition);
    // Store only password meta-data in repo - unless there is explicit caching
    CredentialsType creds = repoShadowType.getCredentials();
    if (creds != null) {
        PasswordType passwordType = creds.getPassword();
        if (passwordType != null) {
            preparePasswordForStorage(passwordType, ctx);
            ObjectReferenceType owner = ctx.getTask() != null ? ctx.getTask().getOwnerRef() : null;
            ProvisioningUtil.addPasswordMetadata(passwordType, clock.currentTimeXMLGregorianCalendar(), owner);
        }
    // TODO: other credential types - later
    }
    // now
    if (repoShadowType.getResourceRef() == null) {
        repoShadowType.setResourceRef(ObjectTypeUtil.createObjectRef(ctx.getResource(), prismContext));
    }
    if (repoShadowType.getName() == null) {
        repoShadowType.setName(new PolyStringType(ShadowUtil.determineShadowName(resourceObjectOrShadow)));
    }
    if (repoShadowType.getObjectClass() == null) {
        repoShadowType.setObjectClass(attributesContainer.getDefinition().getTypeName());
    }
    if (repoShadowType.isProtectedObject() != null) {
        repoShadowType.setProtectedObject(null);
    }
    helper.normalizeAttributes(repoShadow, ctx.getObjectDefinitionRequired());
    return repoShadow;
}

Example 4 with ResourceAssociationDefinition

use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.

the class ShadowedObjectConstruction method getAssociationDefinition.

@NotNull
private ResourceAssociationDefinition getAssociationDefinition(QName associationName) throws SchemaException {
    ResourceObjectDefinition objectDefinition = ctx.getObjectDefinitionRequired();
    ResourceAssociationDefinition rEntitlementAssociationDef = objectDefinition.findAssociationDefinition(associationName);
    if (rEntitlementAssociationDef == null) {
        LOGGER.trace("Entitlement association with name {} couldn't be found in {} {}\nresource shadow:\n{}\nrepo shadow:\n{}", associationName, objectDefinition, ctx.getDesc(), resourceObject.debugDumpLazily(1), repoShadow.debugDumpLazily(1));
        LOGGER.trace("Full [refined] definition: {}", objectDefinition.debugDumpLazily());
        throw new SchemaException("Entitlement association with name " + associationName + " couldn't be found in " + ctx);
    }
    return rEntitlementAssociationDef;
}

Example 5 with ResourceAssociationDefinition

use of com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition in project midpoint by Evolveum.

the class ShadowedObjectConstruction method setAssociationValueShadowRef.

/**
 * Tries to acquire (find/create) shadow for given association value and fill-in its reference.
 *
 * @return false if the association value does not fit and should be removed
 */
private boolean setAssociationValueShadowRef(PrismContainerValue<ShadowAssociationType> associationValue, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, ExpressionEvaluationException, SecurityViolationException, EncryptionException {
    LOGGER.trace("Determining shadowRef for {}", associationValue);
    ResourceAttributeContainer identifierContainer = ShadowUtil.getAttributesContainer(associationValue, ShadowAssociationType.F_IDENTIFIERS);
    ShadowAssociationType associationValueBean = associationValue.asContainerable();
    QName associationName = associationValueBean.getName();
    ResourceAssociationDefinition rAssociationDef = getAssociationDefinition(associationName);
    ShadowKindType entitlementKind = rAssociationDef.getKind();
    for (String entitlementIntent : rAssociationDef.getIntents()) {
        LOGGER.trace("Processing kind={}, intent={} (from the definition)", entitlementKind, entitlementIntent);
        ProvisioningContext ctxEntitlement = ctx.spawnForKindIntent(entitlementKind, entitlementIntent);
        PrismObject<ShadowType> entitlementRepoShadow = acquireEntitlementRepoShadow(associationValue, identifierContainer, ctxEntitlement, result);
        if (entitlementRepoShadow == null) {
            // maybe we should try another intent
            continue;
        }
        if (doesAssociationMatch(rAssociationDef, entitlementRepoShadow)) {
            LOGGER.trace("Association value matches. Repo shadow is: {}", entitlementRepoShadow);
            associationValueBean.setShadowRef(createObjectRef(entitlementRepoShadow, beans.prismContext));
        } else {
            LOGGER.trace("Association value does not match. Repo shadow is: {}", entitlementRepoShadow);
            // See MID-5790
            return false;
        }
    }
    return true;
}