Search in sources :

Example 16 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class AbstractLdapConnTest method test312AssignRoleEvilToBarbossa.

/**
	 *  MID-3209: Rename does not change group membership for associations, when resource does not implement its own referential integrity
	 */
@Test
public void test312AssignRoleEvilToBarbossa() throws Exception {
    final String TEST_NAME = "test312AssignRoleEvilToBarbossa";
    TestUtil.displayTestTile(this, TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(this.getClass().getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    // WHEN
    TestUtil.displayWhen(TEST_NAME);
    assignRole(USER_BARBOSSA_OID, ROLE_EVIL_OID, task, result);
    // THEN
    TestUtil.displayThen(TEST_NAME);
    result.computeStatus();
    TestUtil.assertSuccess(result);
    Entry entry = assertLdapAccount(USER_CPTBARBOSSA_USERNAME, USER_BARBOSSA_FULL_NAME);
    display("Account LDAP entry", entry);
    PrismObject<UserType> user = getUser(USER_BARBOSSA_OID);
    String shadowOid = getSingleLinkOid(user);
    PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
    display("Shadow (model)", shadow);
    accountBarbossaOid = shadow.getOid();
    accountBarbossaDn = entry.getDn().toString();
    assertNotNull(accountBarbossaDn);
    Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
    accountBarbossaEntryId = (String) identifiers.iterator().next().getRealValue();
    assertNotNull("No identifier in " + shadow, accountBarbossaEntryId);
    Entry ldapEntryEvil = getLdapEntry(toGroupDn(GROUP_EVIL_CN));
    display("Evil group", ldapEntryEvil);
    Entry ldapEntryUndead = getLdapEntry(toGroupDn(GROUP_UNDEAD_CN));
    display("Undead group", ldapEntryUndead);
    assertLdapGroupMember(entry, GROUP_EVIL_CN);
    assertLdapNoGroupMember(entry, GROUP_UNDEAD_CN);
    IntegrationTestTools.assertAssociation(shadow, getAssociationGroupName(), groupEvilShadowOid);
    assertLdapConnectorInstances(1, 2);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) Entry(org.apache.directory.api.ldap.model.entry.Entry) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) Test(org.testng.annotations.Test)

Example 17 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class ResourceEventListenerImpl method notifyEvent.

@Override
public void notifyEvent(ResourceEventDescription eventDescription, Task task, OperationResult parentResult) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ObjectNotFoundException, GenericConnectorException, ObjectAlreadyExistsException, ExpressionEvaluationException {
    Validate.notNull(eventDescription, "Event description must not be null.");
    Validate.notNull(task, "Task must not be null.");
    Validate.notNull(parentResult, "Operation result must not be null");
    LOGGER.trace("Received event notification with the description: {}", eventDescription.debugDump());
    if (eventDescription.getCurrentShadow() == null && eventDescription.getDelta() == null) {
        throw new IllegalStateException("Neither current shadow, nor delta specified. It is required to have at least one of them specified.");
    }
    applyDefinitions(eventDescription, parentResult);
    PrismObject<ShadowType> shadow = null;
    shadow = eventDescription.getShadow();
    ShadowCache shadowCache = getShadowCache(Mode.STANDARD);
    ProvisioningContext ctx = provisioningContextFactory.create(shadow, task, parentResult);
    ctx.assertDefinition();
    Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
    Change change = new Change(identifiers, eventDescription.getCurrentShadow(), eventDescription.getOldShadow(), eventDescription.getDelta());
    ObjectClassComplexTypeDefinition objectClassDefinition = ShadowUtil.getObjectClassDefinition(shadow);
    change.setObjectClassDefinition(objectClassDefinition);
    ShadowType shadowType = shadow.asObjectable();
    LOGGER.trace("Start to precess change: {}", change.toString());
    shadowCache.processChange(ctx, change, null, parentResult);
    LOGGER.trace("Change after processing {} . Start synchronizing.", change.toString());
    shadowCache.processSynchronization(ctx, change, parentResult);
}
Also used : ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) ObjectClassComplexTypeDefinition(com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition) Change(com.evolveum.midpoint.provisioning.ucf.api.Change) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)

Example 18 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class EntitlementConverter method postProcessEntitlementEntitlementToSubject.

private <S extends ShadowType, T> void postProcessEntitlementEntitlementToSubject(ProvisioningContext subjectCtx, final PrismObject<S> resourceObject, RefinedAssociationDefinition assocDefType, final ProvisioningContext entitlementCtx, ResourceAttributeContainer attributesContainer, final PrismContainer<ShadowAssociationType> associationContainer, OperationResult parentResult) throws SchemaException, CommunicationException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
    ResourceType resourceType = subjectCtx.getResource();
    final QName associationName = assocDefType.getName();
    final RefinedObjectClassDefinition entitlementDef = entitlementCtx.getObjectClassDefinition();
    if (associationName == null) {
        throw new SchemaException("No name in entitlement association " + assocDefType + " in " + resourceType);
    }
    QName associationAuxiliaryObjectClass = assocDefType.getAuxiliaryObjectClass();
    if (associationAuxiliaryObjectClass != null && associationAuxiliaryObjectClass.getNamespaceURI() != null && !associationAuxiliaryObjectClass.getNamespaceURI().equals(ResourceTypeUtil.getResourceNamespace(resourceType))) {
        LOGGER.warn("Auxiliary object class {} in association {} does not have namespace that matches {}", associationAuxiliaryObjectClass, assocDefType.getName(), resourceType);
    }
    if (associationAuxiliaryObjectClass != null && !subjectCtx.getObjectClassDefinition().hasAuxiliaryObjectClass(associationAuxiliaryObjectClass)) {
        LOGGER.trace("Ignoring association {} because subject does not have auxiliary object class {}, it has {}", associationName, associationAuxiliaryObjectClass, subjectCtx.getObjectClassDefinition().getAuxiliaryObjectClassDefinitions());
        return;
    }
    QName assocAttrName = assocDefType.getResourceObjectAssociationType().getAssociationAttribute();
    if (assocAttrName == null) {
        throw new SchemaException("No association attribute defined in entitlement association '" + associationName + "' in " + resourceType);
    }
    RefinedAttributeDefinition assocAttrDef = entitlementDef.findAttributeDefinition(assocAttrName);
    if (assocAttrDef == null) {
        throw new SchemaException("Association attribute '" + assocAttrName + "'defined in entitlement association '" + associationName + "' was not found in schema for " + resourceType);
    }
    QName valueAttrName = assocDefType.getResourceObjectAssociationType().getValueAttribute();
    if (valueAttrName == null) {
        throw new SchemaException("No value attribute defined in entitlement association '" + associationName + "' in " + resourceType);
    }
    ResourceAttribute<T> valueAttr = attributesContainer.findAttribute(valueAttrName);
    if (valueAttr == null || valueAttr.isEmpty()) {
        LOGGER.trace("Ignoring association {} because subject does not have any value in attribute {}", associationName, valueAttrName);
        return;
    }
    if (valueAttr.size() > 1) {
        throw new SchemaException("Value attribute " + valueAttrName + " has no more than one value; attribute defined in entitlement association '" + associationName + "' in " + resourceType);
    }
    ObjectQuery query = createQuery(assocDefType, assocAttrDef, valueAttr);
    AttributesToReturn attributesToReturn = ProvisioningUtil.createAttributesToReturn(entitlementCtx);
    SearchHierarchyConstraints searchHierarchyConstraints = null;
    ResourceObjectReferenceType baseContextRef = entitlementDef.getBaseContext();
    if (baseContextRef != null) {
        // TODO: this should be done once per search. Not in every run of postProcessEntitlementEntitlementToSubject
        // this has to go outside of this method
        PrismObject<ShadowType> baseContextShadow = resourceObjectReferenceResolver.resolve(subjectCtx, baseContextRef, null, "base context specification in " + entitlementDef, parentResult);
        RefinedObjectClassDefinition baseContextObjectClassDefinition = subjectCtx.getRefinedSchema().determineCompositeObjectClassDefinition(baseContextShadow);
        ResourceObjectIdentification baseContextIdentification = ShadowUtil.getResourceObjectIdentification(baseContextShadow, baseContextObjectClassDefinition);
        searchHierarchyConstraints = new SearchHierarchyConstraints(baseContextIdentification, null);
    }
    ResultHandler<ShadowType> handler = new ResultHandler<ShadowType>() {

        @Override
        public boolean handle(PrismObject<ShadowType> entitlementShadow) {
            PrismContainerValue<ShadowAssociationType> associationCVal = associationContainer.createNewValue();
            associationCVal.asContainerable().setName(associationName);
            Collection<ResourceAttribute<?>> entitlementIdentifiers = ShadowUtil.getAllIdentifiers(entitlementShadow);
            try {
                ResourceAttributeContainer identifiersContainer = new ResourceAttributeContainer(ShadowAssociationType.F_IDENTIFIERS, entitlementDef.toResourceAttributeContainerDefinition(), prismContext);
                associationCVal.add(identifiersContainer);
                identifiersContainer.getValue().addAll(ResourceAttribute.cloneCollection(entitlementIdentifiers));
                // Remember the full shadow in user data. This is used later as an optimization to create the shadow in repo 
                identifiersContainer.setUserData(ResourceObjectConverter.FULL_SHADOW_KEY, entitlementShadow);
                if (LOGGER.isTraceEnabled()) {
                    LOGGER.trace("Processed entitlement-to-subject association for account {} and entitlement {}", ShadowUtil.getHumanReadableName(resourceObject), ShadowUtil.getHumanReadableName(entitlementShadow));
                }
            } catch (SchemaException e) {
                throw new TunnelException(e);
            }
            return true;
        }
    };
    ConnectorInstance connector = subjectCtx.getConnector(ReadCapabilityType.class, parentResult);
    try {
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Processed entitlement-to-subject association for account {}: query {}", ShadowUtil.getHumanReadableName(resourceObject), query);
        }
        try {
            connector.search(entitlementDef, query, handler, attributesToReturn, null, searchHierarchyConstraints, subjectCtx, parentResult);
        } catch (GenericFrameworkException e) {
            throw new GenericConnectorException("Generic error in the connector " + connector + ". Reason: " + e.getMessage(), e);
        }
    } catch (TunnelException e) {
        throw (SchemaException) e.getCause();
    }
}
Also used : AttributesToReturn(com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) ResultHandler(com.evolveum.midpoint.provisioning.ucf.api.ResultHandler) PrismObject(com.evolveum.midpoint.prism.PrismObject) TunnelException(com.evolveum.midpoint.util.exception.TunnelException) SearchHierarchyConstraints(com.evolveum.midpoint.schema.processor.SearchHierarchyConstraints) ResourceObjectIdentification(com.evolveum.midpoint.schema.processor.ResourceObjectIdentification) GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException) ResourceObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) ShadowAssociationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) GenericFrameworkException(com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException) QName(javax.xml.namespace.QName) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) ResourceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType) ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery) ConnectorInstance(com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance)

Example 19 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class ConnIdConvertor method convertToResourceObject.

/**
	 * Converts ICF ConnectorObject to the midPoint ResourceObject.
	 * <p/>
	 * All the attributes are mapped using the same way as they are mapped in
	 * the schema (which is actually no mapping at all now).
	 * <p/>
	 * If an optional ResourceObjectDefinition was provided, the resulting
	 * ResourceObject is schema-aware (getDefinition() method works). If no
	 * ResourceObjectDefinition was provided, the object is schema-less. TODO:
	 * this still needs to be implemented.
	 * 
	 * @param co
	 *            ICF ConnectorObject to convert
	 * @param def
	 *            ResourceObjectDefinition (from the schema) or null
	 * @param full
	 *            if true it describes if the returned resource object should
	 *            contain all of the attributes defined in the schema, if false
	 *            the returned resource object will contain only attributed with
	 *            the non-null values.
	 * @return new mapped ResourceObject instance.
	 * @throws SchemaException
	 */
<T extends ShadowType> PrismObject<T> convertToResourceObject(ConnectorObject co, PrismObjectDefinition<T> objectDefinition, boolean full, boolean caseIgnoreAttributeNames, boolean legacySchema) throws SchemaException {
    PrismObject<T> shadowPrism = null;
    if (objectDefinition != null) {
        shadowPrism = objectDefinition.instantiate();
    } else {
        throw new SchemaException("No definition");
    }
    // LOGGER.trace("Instantiated prism object {} from connector object.",
    // shadowPrism.debugDump());
    T shadow = shadowPrism.asObjectable();
    ResourceAttributeContainer attributesContainer = (ResourceAttributeContainer) shadowPrism.findOrCreateContainer(ShadowType.F_ATTRIBUTES);
    ResourceAttributeContainerDefinition attributesContainerDefinition = attributesContainer.getDefinition();
    shadow.setObjectClass(attributesContainerDefinition.getTypeName());
    List<ObjectClassComplexTypeDefinition> auxiliaryObjectClassDefinitions = new ArrayList<>();
    for (Attribute icfAttr : co.getAttributes()) {
        if (icfAttr.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
            List<QName> auxiliaryObjectClasses = shadow.getAuxiliaryObjectClass();
            for (Object auxiliaryIcfObjectClass : icfAttr.getValue()) {
                QName auxiliaryObjectClassQname = icfNameMapper.objectClassToQname(new ObjectClass((String) auxiliaryIcfObjectClass), resourceSchemaNamespace, legacySchema);
                auxiliaryObjectClasses.add(auxiliaryObjectClassQname);
                ObjectClassComplexTypeDefinition auxiliaryObjectClassDefinition = icfNameMapper.getResourceSchema().findObjectClassDefinition(auxiliaryObjectClassQname);
                if (auxiliaryObjectClassDefinition == null) {
                    throw new SchemaException("Resource object " + co + " refers to auxiliary object class " + auxiliaryObjectClassQname + " which is not in the schema");
                }
                auxiliaryObjectClassDefinitions.add(auxiliaryObjectClassDefinition);
            }
            break;
        }
    }
    for (Attribute icfAttr : co.getAttributes()) {
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Reading ICF attribute {}: {}", icfAttr.getName(), icfAttr.getValue());
        }
        if (icfAttr.getName().equals(Uid.NAME)) {
            // UID is handled specially (see above)
            continue;
        }
        if (icfAttr.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
            // Already processed
            continue;
        }
        if (icfAttr.getName().equals(OperationalAttributes.PASSWORD_NAME)) {
            // password has to go to the credentials section
            ProtectedStringType password = getSingleValue(icfAttr, ProtectedStringType.class);
            if (password == null) {
                // equals() instead of == is needed. The AttributeValueCompleteness enum may be loaded by different classloader
                if (!AttributeValueCompleteness.INCOMPLETE.equals(icfAttr.getAttributeValueCompleteness())) {
                    continue;
                }
                // There is no password value in the ConnId attribute. But it was indicated that
                // that attribute is incomplete. Therefore we can assume that there in fact is a value.
                // We just do not know it.
                ShadowUtil.setPasswordIncomplete(shadow);
                LOGGER.trace("Converted password: (incomplete)");
            } else {
                ShadowUtil.setPassword(shadow, password);
                LOGGER.trace("Converted password: {}", password);
            }
            continue;
        }
        if (icfAttr.getName().equals(OperationalAttributes.ENABLE_NAME)) {
            Boolean enabled = getSingleValue(icfAttr, Boolean.class);
            if (enabled == null) {
                continue;
            }
            ActivationType activationType = ShadowUtil.getOrCreateActivation(shadow);
            ActivationStatusType activationStatusType;
            if (enabled) {
                activationStatusType = ActivationStatusType.ENABLED;
            } else {
                activationStatusType = ActivationStatusType.DISABLED;
            }
            activationType.setAdministrativeStatus(activationStatusType);
            activationType.setEffectiveStatus(activationStatusType);
            LOGGER.trace("Converted activation administrativeStatus: {}", activationStatusType);
            continue;
        }
        if (icfAttr.getName().equals(OperationalAttributes.ENABLE_DATE_NAME)) {
            Long millis = getSingleValue(icfAttr, Long.class);
            if (millis == null) {
                continue;
            }
            ActivationType activationType = ShadowUtil.getOrCreateActivation(shadow);
            activationType.setValidFrom(XmlTypeConverter.createXMLGregorianCalendar(millis));
            continue;
        }
        if (icfAttr.getName().equals(OperationalAttributes.DISABLE_DATE_NAME)) {
            Long millis = getSingleValue(icfAttr, Long.class);
            if (millis == null) {
                continue;
            }
            ActivationType activationType = ShadowUtil.getOrCreateActivation(shadow);
            activationType.setValidTo(XmlTypeConverter.createXMLGregorianCalendar(millis));
            continue;
        }
        if (icfAttr.getName().equals(OperationalAttributes.LOCK_OUT_NAME)) {
            Boolean lockOut = getSingleValue(icfAttr, Boolean.class);
            if (lockOut == null) {
                continue;
            }
            ActivationType activationType = ShadowUtil.getOrCreateActivation(shadow);
            LockoutStatusType lockoutStatusType;
            if (lockOut) {
                lockoutStatusType = LockoutStatusType.LOCKED;
            } else {
                lockoutStatusType = LockoutStatusType.NORMAL;
            }
            activationType.setLockoutStatus(lockoutStatusType);
            LOGGER.trace("Converted activation lockoutStatus: {}", lockoutStatusType);
            continue;
        }
        QName qname = icfNameMapper.convertAttributeNameToQName(icfAttr.getName(), attributesContainerDefinition);
        ResourceAttributeDefinition attributeDefinition = attributesContainerDefinition.findAttributeDefinition(qname, caseIgnoreAttributeNames);
        if (attributeDefinition == null) {
            // Try to locate definition in auxiliary object classes
            for (ObjectClassComplexTypeDefinition auxiliaryObjectClassDefinition : auxiliaryObjectClassDefinitions) {
                attributeDefinition = auxiliaryObjectClassDefinition.findAttributeDefinition(qname, caseIgnoreAttributeNames);
                if (attributeDefinition != null) {
                    break;
                }
            }
            if (attributeDefinition == null) {
                throw new SchemaException("Unknown attribute " + qname + " in definition of object class " + attributesContainerDefinition.getTypeName() + ". Original ICF name: " + icfAttr.getName(), qname);
            }
        }
        if (caseIgnoreAttributeNames) {
            // normalized version
            qname = attributeDefinition.getName();
        }
        ResourceAttribute<Object> resourceAttribute = attributeDefinition.instantiate(qname);
        // resource object also with the null-values attributes
        if (full) {
            if (icfAttr.getValue() != null) {
                // of them may need it (e.g. GuardedString)
                for (Object icfValue : icfAttr.getValue()) {
                    Object value = convertValueFromIcf(icfValue, qname);
                    resourceAttribute.add(new PrismPropertyValue<>(value));
                }
            }
            LOGGER.trace("Converted attribute {}", resourceAttribute);
            attributesContainer.getValue().add(resourceAttribute);
        // in this case when false, we need only the attributes with the
        // non-null values.
        } else {
            if (icfAttr.getValue() != null && !icfAttr.getValue().isEmpty()) {
                // Convert the values. While most values do not need
                // conversions, some of them may need it (e.g. GuardedString)
                boolean empty = true;
                for (Object icfValue : icfAttr.getValue()) {
                    if (icfValue != null) {
                        Object value = convertValueFromIcf(icfValue, qname);
                        empty = false;
                        resourceAttribute.add(new PrismPropertyValue<>(value));
                    }
                }
                if (!empty) {
                    LOGGER.trace("Converted attribute {}", resourceAttribute);
                    attributesContainer.getValue().add(resourceAttribute);
                }
            }
        }
    }
    // Add Uid if it is not there already. It can be already present, 
    // e.g. if Uid and Name represent the same attribute
    Uid uid = co.getUid();
    ObjectClassComplexTypeDefinition ocDef = attributesContainerDefinition.getComplexTypeDefinition();
    ResourceAttributeDefinition<String> uidDefinition = ConnIdUtil.getUidDefinition(ocDef);
    if (uidDefinition == null) {
        throw new SchemaException("No definition for ConnId UID attribute found in definition " + ocDef);
    }
    if (attributesContainer.getValue().findItem(uidDefinition.getName()) == null) {
        ResourceAttribute<String> uidRoa = uidDefinition.instantiate();
        uidRoa.setValue(new PrismPropertyValue<String>(uid.getUidValue()));
        attributesContainer.getValue().add(uidRoa);
    }
    return shadowPrism;
}
Also used : ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute) Attribute(org.identityconnectors.framework.common.objects.Attribute) ArrayList(java.util.ArrayList) ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer) ObjectClassComplexTypeDefinition(com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition) GuardedString(org.identityconnectors.common.security.GuardedString) ResourceAttributeContainerDefinition(com.evolveum.midpoint.schema.processor.ResourceAttributeContainerDefinition) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass) QName(javax.xml.namespace.QName) ActivationStatusType(com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType) Uid(org.identityconnectors.framework.common.objects.Uid) ResourceAttributeDefinition(com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition) ActivationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType) LockoutStatusType(com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType) PrismObject(com.evolveum.midpoint.prism.PrismObject) ConnectorObject(org.identityconnectors.framework.common.objects.ConnectorObject) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 20 with ResourceAttribute

use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.

the class ConnIdUtil method convertToIdentifiers.

public static Collection<ResourceAttribute<?>> convertToIdentifiers(Uid uid, ObjectClassComplexTypeDefinition ocDef, ResourceSchema resourceSchema) throws SchemaException {
    ObjectClassComplexTypeDefinition concreteObjectClassDefinition = getConcreteObjectClassDefinition(ocDef, resourceSchema);
    if (concreteObjectClassDefinition == null) {
        throw new SchemaException("Concrete object class of " + ocDef + " cannot be found");
    }
    ResourceAttributeDefinition<String> uidDefinition = getUidDefinition(concreteObjectClassDefinition);
    if (uidDefinition == null) {
        throw new SchemaException("No definition for ConnId UID attribute found in definition " + ocDef);
    }
    Collection<ResourceAttribute<?>> identifiers = new ArrayList<ResourceAttribute<?>>(2);
    ResourceAttribute<String> uidRoa = uidDefinition.instantiate();
    uidRoa.setValue(new PrismPropertyValue<String>(uid.getUidValue()));
    identifiers.add(uidRoa);
    if (uid.getNameHint() != null) {
        ResourceAttributeDefinition<String> nameDefinition = getNameDefinition(concreteObjectClassDefinition);
        if (nameDefinition == null) {
            throw new SchemaException("No definition for ConnId NAME attribute found in definition " + ocDef);
        }
        ResourceAttribute<String> nameRoa = nameDefinition.instantiate();
        nameRoa.setValue(new PrismPropertyValue<String>(uid.getNameHintValue()));
        identifiers.add(nameRoa);
    }
    return identifiers;
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ArrayList(java.util.ArrayList) ObjectClassComplexTypeDefinition(com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition) GuardedString(org.identityconnectors.common.security.GuardedString) ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)

Aggregations

ResourceAttribute (com.evolveum.midpoint.schema.processor.ResourceAttribute)39 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)30 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)23 Test (org.testng.annotations.Test)18 ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)16 Task (com.evolveum.midpoint.task.api.Task)12 QName (javax.xml.namespace.QName)12 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)10 DummyAccount (com.evolveum.icf.dummy.resource.DummyAccount)7 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)7 Entry (org.apache.directory.api.ldap.model.entry.Entry)7 ResourceObjectShadowChangeDescription (com.evolveum.midpoint.provisioning.api.ResourceObjectShadowChangeDescription)6 ResourceShadowDiscriminator (com.evolveum.midpoint.schema.ResourceShadowDiscriminator)6 ArrayList (java.util.ArrayList)6 RefinedObjectClassDefinition (com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition)4 PrismObject (com.evolveum.midpoint.prism.PrismObject)4 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)4 ObjectClassComplexTypeDefinition (com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition)4 AbstractModelIntegrationTest (com.evolveum.midpoint.model.test.AbstractModelIntegrationTest)3 Containerable (com.evolveum.midpoint.prism.Containerable)3