Examples with ConfigurationException com.evolveum.midpoint.util.exception.ConfigurationException used on opensource projects

Example 26 with ConfigurationException

use of com.evolveum.midpoint.util.exception.ConfigurationException in project midpoint by Evolveum.

the class ShadowManager method createRepositoryShadow.

/**
	 * Create a copy of a shadow that is suitable for repository storage. 
	 */
private PrismObject<ShadowType> createRepositoryShadow(ProvisioningContext ctx, PrismObject<ShadowType> shadow) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
    ResourceAttributeContainer attributesContainer = ShadowUtil.getAttributesContainer(shadow);
    PrismObject<ShadowType> repoShadow = shadow.clone();
    ShadowType repoShadowType = repoShadow.asObjectable();
    ResourceAttributeContainer repoAttributesContainer = ShadowUtil.getAttributesContainer(repoShadow);
    CachingStategyType cachingStrategy = ProvisioningUtil.getCachingStrategy(ctx);
    if (cachingStrategy == CachingStategyType.NONE) {
        // Clean all repoShadow attributes and add only those that should be
        // there
        repoAttributesContainer.clear();
        Collection<ResourceAttribute<?>> primaryIdentifiers = attributesContainer.getPrimaryIdentifiers();
        for (PrismProperty<?> p : primaryIdentifiers) {
            repoAttributesContainer.add(p.clone());
        }
        Collection<ResourceAttribute<?>> secondaryIdentifiers = attributesContainer.getSecondaryIdentifiers();
        for (PrismProperty<?> p : secondaryIdentifiers) {
            repoAttributesContainer.add(p.clone());
        }
        // Also add all the attributes that act as association identifiers.
        // We will need them when the shadow is deleted (to remove the shadow from entitlements).
        RefinedObjectClassDefinition objectClassDefinition = ctx.getObjectClassDefinition();
        for (RefinedAssociationDefinition associationDef : objectClassDefinition.getAssociationDefinitions()) {
            if (associationDef.getResourceObjectAssociationType().getDirection() == ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
                QName valueAttributeName = associationDef.getResourceObjectAssociationType().getValueAttribute();
                if (repoAttributesContainer.findAttribute(valueAttributeName) == null) {
                    ResourceAttribute<Object> valueAttribute = attributesContainer.findAttribute(valueAttributeName);
                    if (valueAttribute != null) {
                        repoAttributesContainer.add(valueAttribute.clone());
                    }
                }
            }
        }
        repoShadowType.setCachingMetadata(null);
        ProvisioningUtil.cleanupShadowActivation(repoShadowType);
    } else if (cachingStrategy == CachingStategyType.PASSIVE) {
        // Do not need to clear anything. Just store all attributes and add metadata.
        CachingMetadataType cachingMetadata = new CachingMetadataType();
        cachingMetadata.setRetrievalTimestamp(clock.currentTimeXMLGregorianCalendar());
        repoShadowType.setCachingMetadata(cachingMetadata);
    } else {
        throw new ConfigurationException("Unknown caching strategy " + cachingStrategy);
    }
    setKindIfNecessary(repoShadowType, ctx.getObjectClassDefinition());
    //        setIntentIfNecessary(repoShadowType, objectClassDefinition);
    // Store only password meta-data in repo
    CredentialsType creds = repoShadowType.getCredentials();
    if (creds != null) {
        PasswordType passwordType = creds.getPassword();
        if (passwordType != null) {
            ProvisioningUtil.cleanupShadowPassword(passwordType);
            PrismObject<UserType> owner = null;
            if (ctx.getTask() != null) {
                owner = ctx.getTask().getOwner();
            }
            ProvisioningUtil.addPasswordMetadata(passwordType, clock.currentTimeXMLGregorianCalendar(), owner);
        }
    // TODO: other credential types - later
    }
    // convert to the resource reference.
    if (repoShadowType.getResource() != null) {
        repoShadowType.setResource(null);
        repoShadowType.setResourceRef(ObjectTypeUtil.createObjectRef(ctx.getResource()));
    }
    // now
    if (repoShadowType.getResourceRef() == null) {
        repoShadowType.setResourceRef(ObjectTypeUtil.createObjectRef(ctx.getResource()));
    }
    if (repoShadowType.getName() == null) {
        repoShadowType.setName(new PolyStringType(ShadowUtil.determineShadowName(shadow)));
    }
    if (repoShadowType.getObjectClass() == null) {
        repoShadowType.setObjectClass(attributesContainer.getDefinition().getTypeName());
    }
    if (repoShadowType.isProtectedObject() != null) {
        repoShadowType.setProtectedObject(null);
    }
    normalizeAttributes(repoShadow, ctx.getObjectClassDefinition());
    return repoShadow;
}

Example 27 with ConfigurationException

use of com.evolveum.midpoint.util.exception.ConfigurationException in project midpoint by Evolveum.

the class AbstractModelIntegrationTest method assertAllowRequestItems.

protected void assertAllowRequestItems(String userOid, String targetRoleOid, AuthorizationDecisionType expectedDefaultDecision, QName... expectedAllowedItemQNames) throws SchemaException, SecurityViolationException, CommunicationException, ObjectNotFoundException, ConfigurationException, ExpressionEvaluationException {
    PrismObject<UserType> user = getUser(userOid);
    PrismObject<RoleType> target = getRole(targetRoleOid);
    ItemSecurityDecisions decisions = modelInteractionService.getAllowedRequestAssignmentItems(user, target);
    display("Request decisions for " + target, decisions);
    assertEquals("Wrong assign default decision", expectedDefaultDecision, decisions.getDefaultDecision());
    assertEquals("Unexpected number of allowed items", expectedAllowedItemQNames.length, decisions.getItemDecisionMap().size());
    decisions.getItemDecisionMap().forEach((path, decision) -> {
        assertEquals("wrong item " + path + " decision", AuthorizationDecisionType.ALLOW, decision);
        QName lastPathName = path.lastNamed().getName();
        if (!Arrays.stream(expectedAllowedItemQNames).anyMatch(qname -> QNameUtil.match(qname, lastPathName))) {
            AssertJUnit.fail("Unexpected path " + path);
        }
    });
}

Example 28 with ConfigurationException

use of com.evolveum.midpoint.util.exception.ConfigurationException in project midpoint by Evolveum.

the class TestDummy method test107AGetModifiedAccountFromCacheMax.

// test102-test106 in the superclasses
/**
	 * Make a native modification to an account and read it with max staleness option.
	 * As there is no caching enabled this should throw an error.
	 * 
	 * Note: This test is overridden in TestDummyCaching
	 * 
	 * MID-3481
	 */
@Test
public void test107AGetModifiedAccountFromCacheMax() throws Exception {
    final String TEST_NAME = "test107AGetModifiedAccountFromCacheMax";
    TestUtil.displayTestTile(TEST_NAME);
    // GIVEN
    OperationResult result = new OperationResult(TestDummy.class.getName() + "." + TEST_NAME);
    rememberShadowFetchOperationCount();
    DummyAccount accountWill = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    accountWill.replaceAttributeValue(DummyResourceContoller.DUMMY_ACCOUNT_ATTRIBUTE_TITLE_NAME, "Nice Pirate");
    accountWill.replaceAttributeValue(DummyResourceContoller.DUMMY_ACCOUNT_ATTRIBUTE_SHIP_NAME, "Interceptor");
    accountWill.setEnabled(true);
    Collection<SelectorOptions<GetOperationOptions>> options = SelectorOptions.createCollection(GetOperationOptions.createMaxStaleness());
    XMLGregorianCalendar startTs = clock.currentTimeXMLGregorianCalendar();
    // WHEN
    TestUtil.displayWhen(TEST_NAME);
    try {
        ShadowType shadow = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, options, null, result).asObjectable();
        AssertJUnit.fail("Unexpected success");
    } catch (ConfigurationException e) {
        // Caching is disabled, this is expected.
        TestUtil.displayThen(TEST_NAME);
        display("Expected exception", e);
        result.computeStatus();
        TestUtil.assertFailure(result);
    }
    PrismObject<ShadowType> shadowRepo = repositoryService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, result);
    checkRepoAccountShadowWillBasic(shadowRepo, null, startTs, null);
    assertRepoShadowCachedAttributeValue(shadowRepo, DummyResourceContoller.DUMMY_ACCOUNT_ATTRIBUTE_TITLE_NAME, "Pirate");
    assertRepoShadowCachedAttributeValue(shadowRepo, DummyResourceContoller.DUMMY_ACCOUNT_ATTRIBUTE_SHIP_NAME, "Black Pearl");
    assertRepoShadowCachedAttributeValue(shadowRepo, DummyResourceContoller.DUMMY_ACCOUNT_ATTRIBUTE_WEAPON_NAME, "Sword", "LOVE");
    assertRepoShadowCachedAttributeValue(shadowRepo, DummyResourceContoller.DUMMY_ACCOUNT_ATTRIBUTE_LOOT_NAME, 42);
    assertRepoShadowCacheActivation(shadowRepo, ActivationStatusType.DISABLED);
    assertShadowFetchOperationCountIncrement(0);
    assertSteadyResource();
}

Example 29 with ConfigurationException

use of com.evolveum.midpoint.util.exception.ConfigurationException in project midpoint by Evolveum.

the class ConnectorInstanceConnIdImpl method addObject.

@Override
public AsynchronousOperationReturnValue<Collection<ResourceAttribute<?>>> addObject(PrismObject<? extends ShadowType> shadow, Collection<Operation> additionalOperations, StateReporter reporter, OperationResult parentResult) throws CommunicationException, GenericFrameworkException, SchemaException, ObjectAlreadyExistsException, ConfigurationException {
    validateShadow(shadow, "add", false);
    ShadowType shadowType = shadow.asObjectable();
    ResourceAttributeContainer attributesContainer = ShadowUtil.getAttributesContainer(shadow);
    OperationResult result = parentResult.createSubresult(ConnectorInstance.class.getName() + ".addObject");
    result.addParam("resourceObject", shadow);
    // because of serialization issues
    result.addParam("additionalOperations", DebugUtil.debugDump(additionalOperations));
    ObjectClassComplexTypeDefinition ocDef;
    ResourceAttributeContainerDefinition attrContDef = attributesContainer.getDefinition();
    if (attrContDef != null) {
        ocDef = attrContDef.getComplexTypeDefinition();
    } else {
        ocDef = resourceSchema.findObjectClassDefinition(shadow.asObjectable().getObjectClass());
        if (ocDef == null) {
            throw new SchemaException("Unknown object class " + shadow.asObjectable().getObjectClass());
        }
    }
    // getting icf object class from resource object class
    ObjectClass icfObjectClass = connIdNameMapper.objectClassToIcf(shadow, getSchemaNamespace(), connectorType, legacySchema);
    if (icfObjectClass == null) {
        result.recordFatalError("Couldn't get icf object class from " + shadow);
        throw new IllegalArgumentException("Couldn't get icf object class from " + shadow);
    }
    // setting ifc attributes from resource object attributes
    Set<Attribute> attributes = null;
    try {
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("midPoint object before conversion:\n{}", attributesContainer.debugDump());
        }
        attributes = connIdConvertor.convertFromResourceObject(attributesContainer, ocDef);
        if (shadowType.getCredentials() != null && shadowType.getCredentials().getPassword() != null) {
            PasswordType password = shadowType.getCredentials().getPassword();
            ProtectedStringType protectedString = password.getValue();
            GuardedString guardedPassword = ConnIdUtil.toGuardedString(protectedString, "new password", protector);
            if (guardedPassword != null) {
                attributes.add(AttributeBuilder.build(OperationalAttributes.PASSWORD_NAME, guardedPassword));
            }
        }
        if (ActivationUtil.hasAdministrativeActivation(shadowType)) {
            attributes.add(AttributeBuilder.build(OperationalAttributes.ENABLE_NAME, ActivationUtil.isAdministrativeEnabled(shadowType)));
        }
        if (ActivationUtil.hasValidFrom(shadowType)) {
            attributes.add(AttributeBuilder.build(OperationalAttributes.ENABLE_DATE_NAME, XmlTypeConverter.toMillis(shadowType.getActivation().getValidFrom())));
        }
        if (ActivationUtil.hasValidTo(shadowType)) {
            attributes.add(AttributeBuilder.build(OperationalAttributes.DISABLE_DATE_NAME, XmlTypeConverter.toMillis(shadowType.getActivation().getValidTo())));
        }
        if (ActivationUtil.hasLockoutStatus(shadowType)) {
            attributes.add(AttributeBuilder.build(OperationalAttributes.LOCK_OUT_NAME, ActivationUtil.isLockedOut(shadowType)));
        }
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("ICF attributes after conversion:\n{}", ConnIdUtil.dump(attributes));
        }
    } catch (SchemaException | RuntimeException ex) {
        result.recordFatalError("Error while converting resource object attributes. Reason: " + ex.getMessage(), ex);
        throw new SchemaException("Error while converting resource object attributes. Reason: " + ex.getMessage(), ex);
    }
    if (attributes == null) {
        result.recordFatalError("Couldn't set attributes for icf.");
        throw new IllegalStateException("Couldn't set attributes for icf.");
    }
    List<String> icfAuxiliaryObjectClasses = new ArrayList<>();
    for (QName auxiliaryObjectClass : shadowType.getAuxiliaryObjectClass()) {
        icfAuxiliaryObjectClasses.add(connIdNameMapper.objectClassToIcf(auxiliaryObjectClass, resourceSchemaNamespace, connectorType, false).getObjectClassValue());
    }
    if (!icfAuxiliaryObjectClasses.isEmpty()) {
        AttributeBuilder ab = new AttributeBuilder();
        ab.setName(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME);
        ab.addValue(icfAuxiliaryObjectClasses);
        attributes.add(ab.build());
    }
    OperationOptionsBuilder operationOptionsBuilder = new OperationOptionsBuilder();
    OperationOptions options = operationOptionsBuilder.build();
    checkAndExecuteAdditionalOperation(reporter, additionalOperations, BeforeAfterType.BEFORE, result);
    OperationResult connIdResult = result.createSubresult(ConnectorFacade.class.getName() + ".create");
    connIdResult.addArbitraryObjectAsParam("objectClass", icfObjectClass);
    connIdResult.addArbitraryCollectionAsParam("auxiliaryObjectClasses", icfAuxiliaryObjectClasses);
    connIdResult.addArbitraryCollectionAsParam("attributes", attributes);
    connIdResult.addArbitraryObjectAsParam("options", options);
    connIdResult.addContext("connector", connIdConnectorFacade.getClass());
    Uid uid = null;
    try {
        // CALL THE ICF FRAMEWORK
        InternalMonitor.recordConnectorOperation("create");
        // TODO provide object name
        recordIcfOperationStart(reporter, ProvisioningOperation.ICF_CREATE, ocDef, null);
        uid = connIdConnectorFacade.create(icfObjectClass, attributes, options);
        recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_CREATE, ocDef, uid);
    } catch (Throwable ex) {
        // TODO name
        recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_CREATE, ocDef, ex, null);
        Throwable midpointEx = processIcfException(ex, this, connIdResult);
        result.computeStatus("Add object failed");
        // exception
        if (midpointEx instanceof ObjectAlreadyExistsException) {
            throw (ObjectAlreadyExistsException) midpointEx;
        } else if (midpointEx instanceof CommunicationException) {
            //				result.muteError();
            throw (CommunicationException) midpointEx;
        } else if (midpointEx instanceof GenericFrameworkException) {
            throw (GenericFrameworkException) midpointEx;
        } else if (midpointEx instanceof SchemaException) {
            throw (SchemaException) midpointEx;
        } else if (midpointEx instanceof ConfigurationException) {
            throw (ConfigurationException) midpointEx;
        } else if (midpointEx instanceof RuntimeException) {
            throw (RuntimeException) midpointEx;
        } else if (midpointEx instanceof Error) {
            throw (Error) midpointEx;
        } else {
            throw new SystemException("Got unexpected exception: " + ex.getClass().getName() + ": " + ex.getMessage(), ex);
        }
    }
    checkAndExecuteAdditionalOperation(reporter, additionalOperations, BeforeAfterType.AFTER, result);
    if (uid == null || uid.getUidValue() == null || uid.getUidValue().isEmpty()) {
        connIdResult.recordFatalError("ICF did not returned UID after create");
        result.computeStatus("Add object failed");
        throw new GenericFrameworkException("ICF did not returned UID after create");
    }
    Collection<ResourceAttribute<?>> identifiers = ConnIdUtil.convertToIdentifiers(uid, attributesContainer.getDefinition().getComplexTypeDefinition(), resourceSchema);
    for (ResourceAttribute<?> identifier : identifiers) {
        attributesContainer.getValue().addReplaceExisting(identifier);
    }
    connIdResult.recordSuccess();
    result.recordSuccess();
    return AsynchronousOperationReturnValue.wrap(attributesContainer.getAttributes(), result);
}

Example 30 with ConfigurationException

use of com.evolveum.midpoint.util.exception.ConfigurationException in project midpoint by Evolveum.

the class ConnectorInstanceConnIdImpl method retrieveResourceSchema.

private void retrieveResourceSchema(List<QName> generateObjectClasses, OperationResult parentResult) throws CommunicationException, ConfigurationException, GenericFrameworkException {
    // Connector operation cannot create result for itself, so we need to
    // create result for it
    OperationResult icfResult = parentResult.createSubresult(ConnectorFacade.class.getName() + ".schema");
    icfResult.addContext("connector", connIdConnectorFacade.getClass());
    org.identityconnectors.framework.common.objects.Schema icfSchema = null;
    try {
        // Fetch the schema from the connector (which actually gets that
        // from the resource).
        InternalMonitor.recordConnectorOperation("schema");
        // TODO have context present
        //recordIcfOperationStart(reporter, ProvisioningOperation.ICF_GET_SCHEMA, null);
        icfSchema = connIdConnectorFacade.schema();
        //recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_GET_SCHEMA, null);
        icfResult.recordSuccess();
    } catch (UnsupportedOperationException ex) {
        //recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_GET_SCHEMA, null, ex);
        // The connector does no support schema() operation.
        icfResult.recordStatus(OperationResultStatus.NOT_APPLICABLE, ex.getMessage());
        resetResourceSchema();
        return;
    } catch (Throwable ex) {
        //recordIcfOperationEnd(reporter, ProvisioningOperation.ICF_GET_SCHEMA, null, ex);
        // conditions.
        // Therefore this kind of heavy artillery is necessary.
        // ICF interface does not specify exceptions or other error
        // TODO maybe we can try to catch at least some specific exceptions
        Throwable midpointEx = processIcfException(ex, this, icfResult);
        // exception
        if (midpointEx instanceof CommunicationException) {
            icfResult.recordFatalError(midpointEx.getMessage(), midpointEx);
            throw (CommunicationException) midpointEx;
        } else if (midpointEx instanceof ConfigurationException) {
            icfResult.recordFatalError(midpointEx.getMessage(), midpointEx);
            throw (ConfigurationException) midpointEx;
        } else if (midpointEx instanceof GenericFrameworkException) {
            icfResult.recordFatalError(midpointEx.getMessage(), midpointEx);
            throw (GenericFrameworkException) midpointEx;
        } else if (midpointEx instanceof RuntimeException) {
            icfResult.recordFatalError(midpointEx.getMessage(), midpointEx);
            throw (RuntimeException) midpointEx;
        } else if (midpointEx instanceof Error) {
            icfResult.recordFatalError(midpointEx.getMessage(), midpointEx);
            throw (Error) midpointEx;
        } else {
            icfResult.recordFatalError(midpointEx.getMessage(), midpointEx);
            throw new SystemException("Got unexpected exception: " + ex.getClass().getName() + ": " + ex.getMessage(), ex);
        }
    }
    if (icfSchema == null) {
        icfResult.recordStatus(OperationResultStatus.NOT_APPLICABLE, "Null schema returned");
        resetResourceSchema();
        return;
    }
    parseResourceSchema(icfSchema, generateObjectClasses);
}