Examples with PolicyViolationException com.evolveum.midpoint.util.exception.PolicyViolationException used on opensource projects

Example 46 with PolicyViolationException

use of com.evolveum.midpoint.util.exception.PolicyViolationException in project midpoint by Evolveum.

the class TestMultiResource method test350AddAccountLavender.

/**
     * Attempt to add lavender account should fail. There is unsatisfied strict dependency on
     * default dummy resource.
     */
@Test
public void test350AddAccountLavender() throws Exception {
    final String TEST_NAME = "test350AddAccountLavender";
    TestUtil.displayTestTile(TEST_NAME);
    assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
    Task task = taskManager.createTaskInstance(TestRbac.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    ObjectDelta<UserType> userDelta = createModifyUserAddAccount(USER_JACK_OID, resourceDummyLavender);
    // WHEN
    try {
        TestUtil.displayWhen(TEST_NAME);
        modelService.executeChanges(MiscSchemaUtil.createCollection(userDelta), null, task, result);
        AssertJUnit.fail("Unexpected success");
    } catch (PolicyViolationException e) {
        // this is expected
        display("Expected exception", e);
    }
    // THEN
    TestUtil.displayThen(TEST_NAME);
    result.computeStatus();
    TestUtil.assertFailure(result);
    assertNoDummyAccount(RESOURCE_DUMMY_LAVENDER_NAME, ACCOUNT_JACK_DUMMY_USERNAME);
}

Example 47 with PolicyViolationException

use of com.evolveum.midpoint.util.exception.PolicyViolationException in project midpoint by Evolveum.

the class ResourceContentPanel method updateResourceObjectStatusPerformed.

protected void updateResourceObjectStatusPerformed(ShadowType selected, AjaxRequestTarget target, boolean enabled) {
    List<ShadowType> selectedShadow = getSelectedShadowsList(selected);
    OperationResult result = new OperationResult(OPERATION_UPDATE_STATUS);
    Task task = pageBase.createSimpleTask(OPERATION_UPDATE_STATUS);
    if (selectedShadow == null || selectedShadow.isEmpty()) {
        result.recordWarning("Nothing selected to update status");
        getPageBase().showResult(result);
        target.add(getPageBase().getFeedbackPanel());
        return;
    }
    ModelExecuteOptions opts = createModelOptions();
    for (ShadowType shadow : selectedShadow) {
        ActivationStatusType status = enabled ? ActivationStatusType.ENABLED : ActivationStatusType.DISABLED;
        try {
            ObjectDelta<ShadowType> deleteDelta = ObjectDelta.createModificationReplaceProperty(ShadowType.class, shadow.getOid(), SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, getPageBase().getPrismContext(), status);
            getPageBase().getModelService().executeChanges(WebComponentUtil.createDeltaCollection(deleteDelta), opts, task, result);
        } catch (ObjectAlreadyExistsException | ObjectNotFoundException | SchemaException | ExpressionEvaluationException | CommunicationException | ConfigurationException | PolicyViolationException | SecurityViolationException e) {
            // TODO Auto-generated catch block
            result.recordPartialError("Could not update status (to " + status + ") for " + shadow, e);
            LOGGER.error("Could not update status (to {}) for {}, using option {}", status, shadow, opts, e);
            continue;
        }
    }
    result.computeStatusIfUnknown();
    getPageBase().showResult(result);
    getTable().refreshTable(null, target);
    target.add(getPageBase().getFeedbackPanel());
}

Example 48 with PolicyViolationException

use of com.evolveum.midpoint.util.exception.PolicyViolationException in project midpoint by Evolveum.

the class PageSecurityQuestions method resetPassword.

private void resetPassword(UserType user, AjaxRequestTarget target) {
    Task task = createAnonymousTask(OPERATION_RESET_PASSWORD);
    OperationResult result = task.getResult();
    LOGGER.debug("Resetting password for {}", user);
    ProtectedStringType password = new ProtectedStringType();
    Collection<SelectorOptions<GetOperationOptions>> options = SelectorOptions.createCollection(GetOperationOptions.createResolve(), SystemConfigurationType.F_DEFAULT_USER_TEMPLATE, SystemConfigurationType.F_GLOBAL_PASSWORD_POLICY);
    PrismObject<SystemConfigurationType> systemConfig = null;
    String newPassword = "";
    PageBase page = (PageBase) getPage();
    ModelService modelService = page.getModelService();
    try {
        systemConfig = modelService.getObject(SystemConfigurationType.class, SystemObjectsType.SYSTEM_CONFIGURATION.value(), options, task, result);
        LOGGER.trace("system config {}", systemConfig);
        if (systemConfig.asObjectable().getNotificationConfiguration() != null) {
            // Security policy with the minumum number of chars
            if (systemConfig.asObjectable().getGlobalPasswordPolicyRef() != null) {
                PrismObject<ValuePolicyType> valPolicy = modelService.getObject(ValuePolicyType.class, systemConfig.asObjectable().getGlobalPasswordPolicyRef().getOid(), options, task, result);
                LOGGER.trace("password policy {}", valPolicy);
                newPassword = getModelInteractionService().generateValue(valPolicy.asObjectable().getStringPolicy(), valPolicy.asObjectable().getStringPolicy().getLimitations().getMinLength(), false, user.asPrismObject(), "security questions password generation", task, result);
            } else {
                // TODO What if there is no policy? What should be done to
                // provide a new automatic password
                warn(getString("pageSecurityQuestions.message.noPolicySet"));
                target.add(getFeedbackPanel());
                return;
            }
        } else {
            // TODO localization
            getSession().error(getString("pageSecurityQuestions.message.notificationsNotSet"));
            LOGGER.trace("Notificatons not set, returning to login page");
            throw new RestartResponseException(PageLogin.class);
        }
    } catch (ObjectNotFoundException | ExpressionEvaluationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    } catch (SchemaException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
        e1.printStackTrace();
    } catch (SecurityViolationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    } catch (CommunicationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    } catch (ConfigurationException e1) {
        LoggingUtils.logUnexpectedException(LOGGER, "Couldn't reset password", e1);
    }
    password.setClearValue(newPassword);
    WebComponentUtil.encryptProtectedString(password, true, getMidpointApplication());
    final ItemPath valuePath = new ItemPath(SchemaConstantsGenerated.C_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE);
    SchemaRegistry registry = getPrismContext().getSchemaRegistry();
    Collection<ObjectDelta<? extends ObjectType>> deltas = new ArrayList<ObjectDelta<? extends ObjectType>>();
    PrismObjectDefinition objDef = registry.findObjectDefinitionByCompileTimeClass(UserType.class);
    PropertyDelta delta = PropertyDelta.createModificationReplaceProperty(valuePath, objDef, password);
    Class<? extends ObjectType> type = UserType.class;
    deltas.add(ObjectDelta.createModifyDelta(user.getOid(), delta, type, getPrismContext()));
    try {
        modelService.executeChanges(deltas, null, task, result);
        OperationResult parentResult = new OperationResult(OPERATION_LOAD_RESET_PASSWORD_POLICY);
        try {
            if (getModelInteractionService().getCredentialsPolicy(null, null, parentResult).getSecurityQuestions().getResetMethod().getResetType().equals(CredentialsResetTypeType.SECURITY_QUESTIONS)) {
                getSession().setAttribute("pwdReset", newPassword);
                setResponsePage(PageShowPassword.class);
            } else if (getModelInteractionService().getCredentialsPolicy(null, null, parentResult).getSecurityQuestions().getResetMethod().getResetType().equals(CredentialsResetTypeType.SECURITY_QUESTIONS_EMAIL)) {
                if (systemConfig.asObjectable().getNotificationConfiguration() != null && systemConfig.asObjectable().getNotificationConfiguration().getMail() != null) {
                    MailConfigurationType mailConfig = systemConfig.asObjectable().getNotificationConfiguration().getMail();
                    if (mailConfig.getServer() != null) {
                        List serverList = mailConfig.getServer();
                        if (serverList.size() > 0) {
                            MailServerConfigurationType mailServerType = mailConfig.getServer().get(0);
                            sendMailToUser(mailServerType.getUsername(), getMidpointApplication().getProtector().decryptString(mailServerType.getPassword()), newPassword, mailServerType.getHost(), mailServerType.getPort().toString(), mailConfig.getDefaultFrom(), user.getEmailAddress());
                        } else {
                            getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
                            throw new RestartResponseException(PageLogin.class);
                        }
                    } else {
                        getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
                        throw new RestartResponseException(PageLogin.class);
                    }
                } else {
                    // System.out.println("ifff4");
                    getSession().error(getString("pageLogin.message.ForgetPasswordSettingsWrong"));
                    throw new RestartResponseException(PageLogin.class);
                }
            }
        } catch (ObjectNotFoundException | SchemaException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    // TODO ASAP a message should be shown as the result of the process
    // MailMessage mailMessage=new MailMessage(, port);
    // mailTransport.send(mailMessage, transportName, task,
    // parentResult);
    } catch (ObjectAlreadyExistsException | ObjectNotFoundException | SchemaException | ExpressionEvaluationException | CommunicationException | ConfigurationException | PolicyViolationException | SecurityViolationException | EncryptionException e) {
        LoggingUtils.logUnexpectedException(LOGGER, "reset password exception", e);
    }
}

Example 49 with PolicyViolationException

use of com.evolveum.midpoint.util.exception.PolicyViolationException in project midpoint by Evolveum.

the class OrgMemberPanel method removeManagerPerformed.

private void removeManagerPerformed(FocusType manager, AjaxRequestTarget target) {
    OperationResult parentResult = new OperationResult("Remove manager");
    Task task = getPageBase().createSimpleTask("Remove manager");
    try {
        ObjectDelta delta = ObjectDelta.createModificationDeleteContainer(manager.asPrismObject().getCompileTimeClass(), manager.getOid(), FocusType.F_ASSIGNMENT, getPageBase().getPrismContext(), createAssignmentToModify(SchemaConstants.ORG_MANAGER));
        getPageBase().getModelService().executeChanges(WebComponentUtil.createDeltaCollection(delta), null, task, parentResult);
        parentResult.computeStatus();
    } catch (SchemaException | ObjectAlreadyExistsException | ObjectNotFoundException | ExpressionEvaluationException | CommunicationException | ConfigurationException | PolicyViolationException | SecurityViolationException e) {
        parentResult.recordFatalError("Failed to remove manager " + e.getMessage(), e);
        LoggingUtils.logUnexpectedException(LOGGER, "Failed to remove manager", e);
        getPageBase().showResult(parentResult);
    }
    target.add(getPageBase().getFeedbackPanel());
}

Example 50 with PolicyViolationException

use of com.evolveum.midpoint.util.exception.PolicyViolationException in project midpoint by Evolveum.

the class ResourceContentPanel method deleteAccountConfirmedPerformed.

private void deleteAccountConfirmedPerformed(AjaxRequestTarget target, OperationResult result, List<ShadowType> selected) {
    Task task = pageBase.createSimpleTask(OPERATION_DELETE_OBJECT);
    ModelExecuteOptions opts = createModelOptions();
    for (ShadowType shadow : selected) {
        try {
            ObjectDelta<ShadowType> deleteDelta = ObjectDelta.createDeleteDelta(ShadowType.class, shadow.getOid(), getPageBase().getPrismContext());
            getPageBase().getModelService().executeChanges(WebComponentUtil.createDeltaCollection(deleteDelta), opts, task, result);
        } catch (ObjectAlreadyExistsException | ObjectNotFoundException | SchemaException | ExpressionEvaluationException | CommunicationException | ConfigurationException | PolicyViolationException | SecurityViolationException e) {
            result.recordPartialError("Could not delete object " + shadow, e);
            LOGGER.error("Could not delete {}, using option {}", shadow, opts, e);
            continue;
        }
    }
    result.computeStatusIfUnknown();
    getPageBase().showResult(result);
    getTable().refreshTable(null, target);
    target.add(getPageBase().getFeedbackPanel());
}