Search in sources :

Example 6 with ResourceObjectDefinition

use of com.evolveum.midpoint.schema.processor.ResourceObjectDefinition in project midpoint by Evolveum.

the class TestRefinedSchema method test122DetermineObjectClassKindIntentModel.

@Test
public void test122DetermineObjectClassKindIntentModel() throws Exception {
    OperationResult result = createOperationResult();
    importObjectFromFile(TASK_RECONCILE_DUMMY_KIND_INTENT_FILE);
    Task task = taskManager.getTaskPlain(TASK_RECONCILE_DUMMY_KIND_INTENT_OID, result);
    display("Task", task);
    // WHEN
    ResourceObjectDefinition objectClass = ModelImplUtils.determineObjectDefinition(refinedSchemaModel, task);
    // THEN
    displayDumpable("Object class", objectClass);
    displayValue("Object class (toString)", objectClass.toString());
    deleteObject(TaskType.class, TASK_RECONCILE_DUMMY_KIND_INTENT_OID);
    assertLayerRefinedObjectClass(objectClass, RESOURCE_DUMMY_PRIVILEGE_OBJECTCLASS_QNAME, ShadowKindType.ENTITLEMENT, "privilege", LayerType.MODEL);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Example 7 with ResourceObjectDefinition

use of com.evolveum.midpoint.schema.processor.ResourceObjectDefinition in project midpoint by Evolveum.

the class TestRefinedSchema method test110DetermineObjectClassObjectClass.

@Test
public void test110DetermineObjectClassObjectClass() throws Exception {
    OperationResult result = createOperationResult();
    importObjectFromFile(TASK_RECONCILE_DUMMY_OBJECTCLASS_FILE);
    Task task = taskManager.getTaskPlain(TASK_RECONCILE_DUMMY_OBJECTCLASS_OID, result);
    display("Task", task);
    // WHEN
    ResourceObjectDefinition objectClass = ModelImplUtils.determineObjectDefinition(refinedSchema, task);
    // THEN
    displayDumpable("Object class", objectClass);
    deleteObject(TaskType.class, TASK_RECONCILE_DUMMY_OBJECTCLASS_OID);
    assertObjectClass(objectClass, RESOURCE_DUMMY_ACCOUNT_OBJECTCLASS_QNAME);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Example 8 with ResourceObjectDefinition

use of com.evolveum.midpoint.schema.processor.ResourceObjectDefinition in project midpoint by Evolveum.

the class AbstractModelImplementationIntegrationTest method createAccountDelta.

protected <T> ObjectDelta<ShadowType> createAccountDelta(LensProjectionContext accCtx, String accountOid, String attributeLocalName, T... propertyValues) throws SchemaException {
    ResourceType resourceType = accCtx.getResource();
    QName attrQName = new QName(MidPointConstants.NS_RI, attributeLocalName);
    ItemPath attrPath = ItemPath.create(ShadowType.F_ATTRIBUTES, attrQName);
    ResourceObjectDefinition refinedAccountDefinition = accCtx.getCompositeObjectDefinition();
    // noinspection unchecked
    ResourceAttributeDefinition<T> attrDef = (ResourceAttributeDefinition<T>) refinedAccountDefinition.findAttributeDefinition(attrQName);
    assertNotNull("No definition of attribute " + attrQName + " in account def " + refinedAccountDefinition, attrDef);
    ObjectDelta<ShadowType> accountDelta = prismContext.deltaFactory().object().createEmptyModifyDelta(ShadowType.class, accountOid);
    PropertyDelta<T> attrDelta = prismContext.deltaFactory().property().create(attrPath, attrDef);
    attrDelta.setValuesToReplace(PrismValueCollectionsUtil.createCollection(prismContext, propertyValues));
    accountDelta.addModification(attrDelta);
    return accountDelta;
}
Also used : ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) ResourceAttributeDefinition(com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition) QName(javax.xml.namespace.QName) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Example 9 with ResourceObjectDefinition

use of com.evolveum.midpoint.schema.processor.ResourceObjectDefinition in project midpoint by Evolveum.

the class TestSecurityBasic method test258AutzJackSelfAccountsPartialControlPassword.

@Test
public void test258AutzJackSelfAccountsPartialControlPassword() throws Exception {
    given();
    cleanupAutzTest(USER_JACK_OID);
    assignRole(USER_JACK_OID, ROLE_SELF_ACCOUNTS_PARTIAL_CONTROL_PASSWORD_OID);
    assignAccountToUser(USER_JACK_OID, RESOURCE_DUMMY_OID, null);
    assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
    when();
    login(USER_JACK_USERNAME);
    then();
    assertGetAllow(UserType.class, USER_JACK_OID);
    assertGetDeny(UserType.class, USER_GUYBRUSH_OID);
    assertAddDeny();
    assertModifyAllow(UserType.class, USER_JACK_OID, UserType.F_NICK_NAME, PrismTestUtil.createPolyString("jackie"));
    assertModifyDeny(UserType.class, USER_JACK_OID, UserType.F_HONORIFIC_PREFIX, PrismTestUtil.createPolyString("Captain"));
    assertModifyDeny(UserType.class, USER_GUYBRUSH_OID, UserType.F_HONORIFIC_PREFIX, PrismTestUtil.createPolyString("Pirate"));
    assertDeleteDeny();
    assertDeleteDeny(UserType.class, USER_JACK_OID);
    PrismObject<UserType> user = getUser(USER_JACK_OID);
    String accountOid = getSingleLinkOid(user);
    assertGetAllow(ShadowType.class, accountOid);
    PrismObject<ShadowType> shadow = getObject(ShadowType.class, accountOid);
    display("Jack's shadow", shadow);
    Task task = getTestTask();
    OperationResult result = task.getResult();
    ResourceObjectDefinition rOcDef = modelInteractionService.getEditObjectClassDefinition(shadow, getDummyResourceObject(), null, task, result);
    displayDumpable("Refined objectclass def", rOcDef);
    assertAttributeFlags(rOcDef, SchemaConstants.ICFS_UID, true, false, false);
    assertAttributeFlags(rOcDef, SchemaConstants.ICFS_NAME, true, false, false);
    assertAttributeFlags(rOcDef, new QName("location"), true, true, true);
    assertAttributeFlags(rOcDef, new QName("weapon"), true, false, false);
    // Not linked to jack
    assertGetDeny(ShadowType.class, ACCOUNT_SHADOW_ELAINE_DUMMY_OID);
    // Not linked to jack
    assertAddDeny(ACCOUNT_JACK_DUMMY_RED_FILE);
    // Not even jack's account
    assertAddDeny(ACCOUNT_GUYBRUSH_DUMMY_FILE);
    assertPasswordChangeAllow(UserType.class, USER_JACK_OID, "nbusr123");
    assertPasswordChangeDeny(UserType.class, USER_GUYBRUSH_OID, "nbusr123");
    PrismObjectDefinition<UserType> rDef = modelInteractionService.getEditObjectDefinition(user, AuthorizationPhaseType.REQUEST, task, result);
    assertItemFlags(rDef, PASSWORD_PATH, true, false, false);
    assertGlobalStateUntouched();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) QName(javax.xml.namespace.QName) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Example 10 with ResourceObjectDefinition

use of com.evolveum.midpoint.schema.processor.ResourceObjectDefinition in project midpoint by Evolveum.

the class TestSecurityBasic method test256AutzJackSelfAccountsPartialControl.

@Test
public void test256AutzJackSelfAccountsPartialControl() throws Exception {
    given();
    cleanupAutzTest(USER_JACK_OID);
    assignRole(USER_JACK_OID, ROLE_SELF_ACCOUNTS_PARTIAL_CONTROL_OID);
    assignAccountToUser(USER_JACK_OID, RESOURCE_DUMMY_OID, null);
    assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
    when();
    login(USER_JACK_USERNAME);
    then();
    assertGetAllow(UserType.class, USER_JACK_OID);
    assertGetDeny(UserType.class, USER_GUYBRUSH_OID);
    assertAddDeny();
    assertModifyAllow(UserType.class, USER_JACK_OID, UserType.F_NICK_NAME, PrismTestUtil.createPolyString("jackie"));
    assertModifyDeny(UserType.class, USER_JACK_OID, UserType.F_HONORIFIC_PREFIX, PrismTestUtil.createPolyString("Captain"));
    assertModifyDeny(UserType.class, USER_GUYBRUSH_OID, UserType.F_HONORIFIC_PREFIX, PrismTestUtil.createPolyString("Pirate"));
    assertDeleteDeny();
    assertDeleteDeny(UserType.class, USER_JACK_OID);
    PrismObject<UserType> user = getUser(USER_JACK_OID);
    String accountOid = getSingleLinkOid(user);
    assertGetAllow(ShadowType.class, accountOid);
    PrismObject<ShadowType> shadow = getObject(ShadowType.class, accountOid);
    display("Jack's shadow", shadow);
    Task task = getTestTask();
    OperationResult result = task.getResult();
    ResourceObjectDefinition rOcDef = modelInteractionService.getEditObjectClassDefinition(shadow, getDummyResourceObject(), null, task, result);
    displayDumpable("Refined objectclass def", rOcDef);
    assertAttributeFlags(rOcDef, SchemaConstants.ICFS_UID, true, false, false);
    assertAttributeFlags(rOcDef, SchemaConstants.ICFS_NAME, true, false, false);
    assertAttributeFlags(rOcDef, new QName("location"), true, true, true);
    assertAttributeFlags(rOcDef, new QName("weapon"), true, false, false);
    // Not linked to jack
    assertGetDeny(ShadowType.class, ACCOUNT_SHADOW_ELAINE_DUMMY_OID);
    // Not linked to jack
    assertAddDeny(ACCOUNT_JACK_DUMMY_RED_FILE);
    // Not even jack's account
    assertAddDeny(ACCOUNT_GUYBRUSH_DUMMY_FILE);
    assertPasswordChangeDeny(UserType.class, USER_JACK_OID, "nbusr123");
    assertPasswordChangeDeny(UserType.class, USER_GUYBRUSH_OID, "nbusr123");
    PrismObjectDefinition<UserType> rDef = modelInteractionService.getEditObjectDefinition(user, AuthorizationPhaseType.REQUEST, task, result);
    assertItemFlags(rDef, PASSWORD_PATH, true, false, false);
    assertGlobalStateUntouched();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition) QName(javax.xml.namespace.QName) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Test(org.testng.annotations.Test)

Aggregations

ResourceObjectDefinition (com.evolveum.midpoint.schema.processor.ResourceObjectDefinition)64 QName (javax.xml.namespace.QName)19 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)17 ResourceSchema (com.evolveum.midpoint.schema.processor.ResourceSchema)16 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)14 ArrayList (java.util.ArrayList)14 Task (com.evolveum.midpoint.task.api.Task)12 Test (org.testng.annotations.Test)12 ResourceAttributeDefinition (com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition)8 NotNull (org.jetbrains.annotations.NotNull)8 ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)6 ResourceAssociationDefinition (com.evolveum.midpoint.schema.processor.ResourceAssociationDefinition)5 Collection (java.util.Collection)5 Nullable (org.jetbrains.annotations.Nullable)5 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)4 ResourceAttribute (com.evolveum.midpoint.schema.processor.ResourceAttribute)4 ResourceObjectTypeDefinition (com.evolveum.midpoint.schema.processor.ResourceObjectTypeDefinition)4 AutoCompleteQNamePanel (com.evolveum.midpoint.gui.api.component.autocomplete.AutoCompleteQNamePanel)3 AutoCompleteTextPanel (com.evolveum.midpoint.gui.api.component.autocomplete.AutoCompleteTextPanel)2 ItemName (com.evolveum.midpoint.prism.path.ItemName)2