Search in sources :

Example 46 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class AbstractAdLdapMultidomainTest method test700AssignAccountSubmarineAndModify.

/**
 * Create account and modify it in a very quick succession.
 * This test is designed to check if we can live with a long
 * global catalog update delay.
 * MID-2926
 */
@Test
public void test700AssignAccountSubmarineAndModify() throws Exception {
    // GIVEN
    Task task = getTestTask();
    OperationResult result = task.getResult();
    // WHEN
    when();
    assignRole(USER_SUBMARINE_OID, ROLE_SUBMISSIVE_OID, task, result);
    modifyUserReplace(USER_SUBMARINE_OID, UserType.F_TITLE, task, result, PrismTestUtil.createPolyString("Underseadog"));
    // THEN
    then();
    assertSuccess(result);
    Entry entry = assertLdapSubAccount(USER_SUBMARINE_USERNAME, USER_SUBMARINE_FULL_NAME);
    displayValue("Sub entry", entry);
    assertAttribute(entry, "title", "Underseadog");
    PrismObject<UserType> userAfter = getUser(USER_SUBMARINE_OID);
    String shadowOid = getSingleLinkOid(userAfter);
    PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
    display("Shadow (model)", shadow);
    assertThat(shadow.getOid()).isNotBlank();
    Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
    String accountIcfUid = (String) identifiers.iterator().next().getRealValue();
    assertNotNull("No identifier in " + shadow, accountIcfUid);
    assertEquals("Wrong ICFS UID", formatGuidToDashedNotation(MiscUtil.binaryToHex(entry.get(getPrimaryIdentifierAttributeName()).getBytes())), accountIcfUid);
    assertAttribute(entry, ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, "512");
}
Also used : Task(com.evolveum.midpoint.task.api.Task) DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry) Entry(org.apache.directory.api.ldap.model.entry.Entry) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) Test(org.testng.annotations.Test) AbstractAdLdapTest(com.evolveum.midpoint.testing.conntest.ad.AbstractAdLdapTest)

Example 47 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class AbstractAdLdapSimpleTest method test200AssignAccountBarbossa.

@Test
public void test200AssignAccountBarbossa() throws Exception {
    // GIVEN
    Task task = getTestTask();
    OperationResult result = task.getResult();
    long tsStart = System.currentTimeMillis();
    // WHEN
    when();
    assignAccountToUser(USER_BARBOSSA_OID, getResourceOid(), null, task, result);
    // THEN
    then();
    assertSuccess(result);
    long tsEnd = System.currentTimeMillis();
    Entry entry = assertLdapAccount(USER_BARBOSSA_USERNAME, USER_BARBOSSA_FULL_NAME);
    assertAttribute(entry, "title", null);
    PrismObject<UserType> user = getUser(USER_BARBOSSA_OID);
    String shadowOid = getSingleLinkOid(user);
    PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
    display("Shadow (model)", shadow);
    accountBarbossaOid = shadow.getOid();
    Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
    String accountBarbossaIcfUid = (String) identifiers.iterator().next().getRealValue();
    assertNotNull("No identifier in " + shadow, accountBarbossaIcfUid);
    assertEquals("Wrong ICFS UID", formatGuidToDashedNotation(MiscUtil.binaryToHex(entry.get(getPrimaryIdentifierAttributeName()).getBytes())), accountBarbossaIcfUid);
    assertLdapPasswordByFullName(USER_BARBOSSA_FULL_NAME, USER_BARBOSSA_PASSWORD);
    assertAttribute(entry, ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, "512");
    ResourceAttribute<XMLGregorianCalendar> createTimestampAttribute = ShadowUtil.getAttribute(shadow, new QName(MidPointConstants.NS_RI, "createTimeStamp"));
    assertNotNull("No createTimestamp in " + shadow, createTimestampAttribute);
    XMLGregorianCalendar createTimestamp = createTimestampAttribute.getRealValue();
    // LDAP server may be on a different host. Allow for some clock offset.
    TestUtil.assertBetween("Wrong createTimestamp in " + shadow, roundTsDown(tsStart) - 120000, roundTsUp(tsEnd) + 120000, XmlTypeConverter.toMillis(createTimestamp));
    assertLdapConnectorReasonableInstances();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) QName(javax.xml.namespace.QName) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) Test(org.testng.annotations.Test) AbstractAdLdapTest(com.evolveum.midpoint.testing.conntest.ad.AbstractAdLdapTest) AbstractLdapSynchronizationTest(com.evolveum.midpoint.testing.conntest.AbstractLdapSynchronizationTest)

Example 48 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class SyncDeltaConverter method createChange.

@NotNull
UcfLiveSyncChange createChange(int localSequenceNumber, SyncDelta connIdDelta, OperationResult result) {
    // The following should not throw any exception. And if it does, we are lost anyway, because
    // we need this information to create even "errored" change object.
    // For non-nullability of these variables see the code of SyncDelta.
    @NotNull SyncDeltaType icfDeltaType = connIdDelta.getDeltaType();
    @NotNull Uid uid = connIdDelta.getUid();
    @NotNull String uidValue = uid.getUidValue();
    @NotNull UcfSyncToken token = toUcf(connIdDelta.getToken());
    Collection<ResourceAttribute<?>> identifiers = new ArrayList<>();
    ResourceObjectDefinition actualObjectDefinition = null;
    ObjectDelta<ShadowType> objectDelta = null;
    PrismObject<ShadowType> resourceObject = null;
    LOGGER.trace("START creating delta of type {}", icfDeltaType);
    UcfErrorState errorState;
    try {
        actualObjectDefinition = getActualObjectDefinition(connIdDelta);
        assert actualObjectDefinition != null || icfDeltaType == SyncDeltaType.DELETE;
        if (icfDeltaType == SyncDeltaType.DELETE) {
            identifiers.addAll(ConnIdUtil.convertToIdentifiers(uid, actualObjectDefinition, connectorInstance.getRawResourceSchema()));
            objectDelta = prismContext.deltaFactory().object().create(ShadowType.class, ChangeType.DELETE);
        } else if (icfDeltaType == SyncDeltaType.CREATE || icfDeltaType == SyncDeltaType.CREATE_OR_UPDATE || icfDeltaType == SyncDeltaType.UPDATE) {
            PrismObjectDefinition<ShadowType> objectDefinition = toShadowDefinition(actualObjectDefinition);
            LOGGER.trace("Object definition: {}", objectDefinition);
            // We can consider using "fetch result" error reporting method here, and go along with a partial object.
            resourceObject = connIdConvertor.convertToUcfObject(connIdDelta.getObject(), objectDefinition, false, connectorInstance.isCaseIgnoreAttributeNames(), connectorInstance.isLegacySchema(), UcfFetchErrorReportingMethod.EXCEPTION, result).getResourceObject();
            LOGGER.trace("Got (current) resource object: {}", resourceObject.debugDumpLazily());
            identifiers.addAll(emptyIfNull(ShadowUtil.getAllIdentifiers(resourceObject)));
            if (icfDeltaType == SyncDeltaType.CREATE) {
                objectDelta = prismContext.deltaFactory().object().create(ShadowType.class, ChangeType.ADD);
                objectDelta.setObjectToAdd(resourceObject);
            }
        } else {
            throw new GenericFrameworkException("Unexpected sync delta type " + icfDeltaType);
        }
        if (identifiers.isEmpty()) {
            throw new SchemaException("No identifiers in sync delta " + connIdDelta);
        }
        errorState = UcfErrorState.success();
    } catch (Exception e) {
        result.recordFatalError(e);
        errorState = UcfErrorState.error(e);
    }
    UcfLiveSyncChange change = new UcfLiveSyncChange(localSequenceNumber, uidValue, identifiers, actualObjectDefinition, objectDelta, resourceObject, token, errorState);
    LOGGER.trace("END creating change of type {}:\n{}", icfDeltaType, change.debugDumpLazily());
    return change;
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) SyncDeltaType(org.identityconnectors.framework.common.objects.SyncDeltaType) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) PrismObjectDefinition(com.evolveum.midpoint.prism.PrismObjectDefinition) ArrayList(java.util.ArrayList) NotNull(org.jetbrains.annotations.NotNull) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) Uid(org.identityconnectors.framework.common.objects.Uid) ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) NotNull(org.jetbrains.annotations.NotNull)

Example 49 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class AssociationFromLinkExpressionEvaluator method toAssociation.

private void toAssociation(PrismObject<ShadowType> shadow, ShadowAssociationType shadowAssociationType) {
    shadowAssociationType.setShadowRef(new ObjectReferenceType().oid(shadow.getOid()).type(ShadowType.COMPLEX_TYPE));
    // This is not a clean systemic solution. But there was no time for a better solution before 3.9 release.
    try {
        ResourceAttributeContainer shadowAttributesContainer = ShadowUtil.getAttributesContainer(shadow);
        ResourceAttributeContainer identifiersContainer = ObjectFactory.createResourceAttributeContainer(ShadowAssociationType.F_IDENTIFIERS, shadowAttributesContainer.getDefinition());
        shadowAssociationType.asPrismContainerValue().add(identifiersContainer);
        Collection<ResourceAttribute<?>> shadowIdentifiers = Objects.requireNonNull(ShadowUtil.getAllIdentifiers(shadow), "no shadow identifiers");
        for (ResourceAttribute<?> shadowIdentifier : shadowIdentifiers) {
            identifiersContainer.add(shadowIdentifier.clone());
        }
    } catch (SchemaException e) {
        // Should not happen
        throw new SystemException(e.getMessage(), e);
    }
}
Also used : ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)

Example 50 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class ResourceObjectReferenceResolver method resolvePrimaryIdentifier.

/**
 * Resolve primary identifier from a collection of identifiers that may contain only secondary identifiers.
 */
@SuppressWarnings({ "unchecked", "rawtypes" })
Collection<? extends ResourceAttribute<?>> resolvePrimaryIdentifier(ProvisioningContext ctx, Collection<? extends ResourceAttribute<?>> identifiers, final String desc, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
    if (identifiers == null) {
        return null;
    }
    ResourceObjectDefinition objDef = ctx.getObjectDefinitionRequired();
    Collection<ResourceAttribute<?>> secondaryIdentifiers = ShadowUtil.getSecondaryIdentifiers(identifiers, objDef);
    PrismObject<ShadowType> repoShadow = shadowManager.lookupShadowBySecondaryIds(ctx, secondaryIdentifiers, result);
    if (repoShadow == null) {
        return null;
    }
    shadowsFacade.applyDefinition(repoShadow, ctx.getTask(), result);
    PrismContainer<Containerable> attributesContainer = repoShadow.findContainer(ShadowType.F_ATTRIBUTES);
    if (attributesContainer == null) {
        return null;
    }
    Collection primaryIdentifiers = new ArrayList<>();
    for (PrismProperty property : attributesContainer.getValue().getProperties()) {
        if (objDef.isPrimaryIdentifier(property.getElementName())) {
            ResourceAttributeDefinition<?> attrDef = objDef.findAttributeDefinition(property.getElementName());
            if (attrDef == null) {
                throw new IllegalStateException("No definition for attribute " + property);
            }
            ResourceAttribute primaryIdentifier = attrDef.instantiate();
            primaryIdentifier.setRealValue(property.getRealValue());
            primaryIdentifiers.add(primaryIdentifier);
        }
    }
    LOGGER.trace("Resolved identifiers {} to primary identifiers {} (object class {})", identifiers, primaryIdentifiers, objDef);
    return primaryIdentifiers;
}
Also used : PrismProperty(com.evolveum.midpoint.prism.PrismProperty) ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) ArrayList(java.util.ArrayList) Collection(java.util.Collection) Containerable(com.evolveum.midpoint.prism.Containerable) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)

Aggregations

ResourceAttribute (com.evolveum.midpoint.schema.processor.ResourceAttribute)52 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)24 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)23 Test (org.testng.annotations.Test)18 ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)16 Task (com.evolveum.midpoint.task.api.Task)16 QName (javax.xml.namespace.QName)16 PrismObject (com.evolveum.midpoint.prism.PrismObject)10 Entry (org.apache.directory.api.ldap.model.entry.Entry)10 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)9 ArrayList (java.util.ArrayList)8 XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)8 DefaultEntry (org.apache.directory.api.ldap.model.entry.DefaultEntry)7 DummyAccount (com.evolveum.icf.dummy.resource.DummyAccount)6 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)6 Containerable (com.evolveum.midpoint.prism.Containerable)5 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)5 ResourceObjectShadowChangeDescription (com.evolveum.midpoint.provisioning.api.ResourceObjectShadowChangeDescription)4 ResourceShadowDiscriminator (com.evolveum.midpoint.schema.ResourceShadowDiscriminator)4 ResourceObjectDefinition (com.evolveum.midpoint.schema.processor.ResourceObjectDefinition)4