Search in sources :

Example 1 with AccessCertificationCampaignType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType in project midpoint by Evolveum.

the class AccessCertificationCampaignCreationTaskHandler method run.

@Override
public TaskRunResult run(Task task) {
    LOGGER.trace("Task run starting");
    long progress = task.getProgress();
    OperationResult opResult = new OperationResult(CLASS_DOT + "run");
    opResult.setSummarizeSuccesses(true);
    TaskRunResult runResult = new TaskRunResult();
    runResult.setOperationResult(opResult);
    String definitionOid = task.getObjectOid();
    if (definitionOid == null) {
        LOGGER.error("No definition OID specified in the task");
        opResult.recordFatalError("No definition OID specified in the task");
        runResult.setRunResultStatus(TaskRunResultStatus.PERMANENT_ERROR);
        return runResult;
    }
    opResult.addContext("definitionOid", definitionOid);
    long started = 0;
    String campaignName = null;
    String campaignOid = null;
    try {
        task.startCollectingOperationStatsFromStoredValues(true, false, false);
        LOGGER.info("Creating campaign with definition of {}", definitionOid);
        AccessCertificationCampaignType campaign = certificationManager.createCampaign(definitionOid, task, opResult);
        LOGGER.info("Campaign {} was created.", ObjectTypeUtil.toShortString(campaign));
        // TODO split this try-catch to two pieces in order to correctly work with iterative op failure recording
        started = System.currentTimeMillis();
        campaignName = campaign.getName().getOrig();
        campaignOid = campaign.getOid();
        task.recordIterativeOperationStart(campaignName, campaignName, AccessCertificationCampaignType.COMPLEX_TYPE, campaignOid);
        certificationManager.openNextStage(campaign.getOid(), 1, task, opResult);
        LOGGER.info("Campaign {} was started.", ObjectTypeUtil.toShortString(campaign));
        task.recordIterativeOperationEnd(campaignName, campaignName, AccessCertificationCampaignType.COMPLEX_TYPE, campaignOid, started, null);
        opResult.computeStatus();
        runResult.setRunResultStatus(TaskRunResultStatus.FINISHED);
        runResult.setProgress(progress + 1);
        return runResult;
    } catch (Exception e) {
        // TODO better error handling
        if (campaignOid != null) {
            task.recordIterativeOperationEnd(campaignName, campaignName, AccessCertificationCampaignType.COMPLEX_TYPE, campaignOid, started, e);
        }
        LoggingUtils.logException(LOGGER, "Error while executing 'create campaign' task handler", e);
        opResult.recordFatalError("Error while executing 'create campaign' task handler: " + e.getMessage(), e);
        runResult.setRunResultStatus(TaskRunResultStatus.PERMANENT_ERROR);
        runResult.setProgress(progress);
        return runResult;
    } finally {
        task.storeOperationStats();
    }
}
Also used : TaskRunResult(com.evolveum.midpoint.task.api.TaskRunResult) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) AccessCertificationCampaignType(com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType)

Example 2 with AccessCertificationCampaignType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType in project midpoint by Evolveum.

the class AccessCertificationCloseStageTriggerHandler method handle.

@Override
public <O extends ObjectType> void handle(PrismObject<O> prismObject, TriggerType trigger, Task task, OperationResult result) {
    try {
        ObjectType object = prismObject.asObjectable();
        if (!(object instanceof AccessCertificationCampaignType)) {
            LOGGER.error("Trigger of this type is supported only on {} objects, not on {}", AccessCertificationCampaignType.class.getSimpleName(), object.getClass().getName());
            return;
        }
        AccessCertificationCampaignType campaign = (AccessCertificationCampaignType) object;
        LOGGER.info("Automatically closing current stage of {}", ObjectTypeUtil.toShortString(campaign));
        if (campaign.getState() != IN_REVIEW_STAGE) {
            LOGGER.warn("Campaign {} is not in a review stage; this 'close stage' trigger will be ignored.", ObjectTypeUtil.toShortString(campaign));
            return;
        }
        int currentStageNumber = campaign.getStageNumber();
        certificationManager.closeCurrentStage(campaign.getOid(), currentStageNumber, task, result);
        if (currentStageNumber < CertCampaignTypeUtil.getNumberOfStages(campaign)) {
            LOGGER.info("Automatically opening next stage of {}", ObjectTypeUtil.toShortString(campaign));
            certificationManager.openNextStage(campaign.getOid(), currentStageNumber + 1, task, result);
        } else {
            LOGGER.info("Automatically starting remediation for {}", ObjectTypeUtil.toShortString(campaign));
            certificationManager.startRemediation(campaign.getOid(), task, result);
        }
    } catch (SchemaException | ObjectNotFoundException | ObjectAlreadyExistsException | SecurityViolationException | RuntimeException e) {
        LoggingUtils.logException(LOGGER, "Couldn't close current campaign and possibly advance to the next one", e);
    }
}
Also used : ObjectType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) ObjectAlreadyExistsException(com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException) AccessCertificationCampaignType(com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType)

Example 3 with AccessCertificationCampaignType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType in project midpoint by Evolveum.

the class AccessCertificationRemediationTaskHandler method run.

@Override
public TaskRunResult run(Task task) {
    LOGGER.trace("Task run starting");
    long progress = task.getProgress();
    OperationResult opResult = new OperationResult(CLASS_DOT + "run");
    opResult.setSummarizeSuccesses(true);
    TaskRunResult runResult = new TaskRunResult();
    runResult.setOperationResult(opResult);
    if (task.getChannel() == null) {
        task.setChannel(SchemaConstants.CHANNEL_REMEDIATION_URI);
    }
    String campaignOid = task.getObjectOid();
    if (campaignOid == null) {
        LOGGER.error("No campaign OID specified in the task");
        opResult.recordFatalError("No campaign OID specified in the task");
        runResult.setRunResultStatus(TaskRunResultStatus.PERMANENT_ERROR);
        return runResult;
    }
    opResult.addContext("campaignOid", campaignOid);
    try {
        AccessCertificationCampaignType campaign = helper.getCampaign(campaignOid, null, task, opResult);
        if (!CertCampaignTypeUtil.isRemediationAutomatic(campaign)) {
            LOGGER.error("Automatic remediation is not configured.");
            opResult.recordFatalError("Automatic remediation is not configured.");
            runResult.setRunResultStatus(TaskRunResultStatus.PERMANENT_ERROR);
            return runResult;
        }
        CertificationHandler handler = certificationManager.findCertificationHandler(campaign);
        int revokedOk = 0;
        int revokedError = 0;
        List<AccessCertificationCaseType> caseList = queryHelper.searchCases(campaignOid, null, null, opResult);
        for (AccessCertificationCaseType _case : caseList) {
            if (helper.isRevoke(_case, campaign)) {
                OperationResult caseResult = opResult.createMinorSubresult(opResult.getOperation() + ".revoke");
                final Long caseId = _case.asPrismContainerValue().getId();
                caseResult.addContext("caseId", caseId);
                try {
                    handler.doRevoke(_case, campaign, task, caseResult);
                    caseHelper.markCaseAsRemedied(campaignOid, caseId, task, caseResult);
                    caseResult.computeStatus();
                    revokedOk++;
                    progress++;
                } catch (Exception e) {
                    // TODO
                    String message = "Couldn't revoke case " + caseId + ": " + e.getMessage();
                    LoggingUtils.logUnexpectedException(LOGGER, message, e);
                    caseResult.recordPartialError(message, e);
                    revokedError++;
                }
                opResult.summarize();
            }
        }
        opResult.createSubresult(CLASS_DOT + "run.statistics").recordStatus(OperationResultStatus.NOT_APPLICABLE, "Successfully revoked items: " + revokedOk + ", tried to revoke but failed: " + revokedError);
        opResult.computeStatus();
        certificationManager.closeCampaign(campaignOid, task, opResult);
        runResult.setRunResultStatus(TaskRunResultStatus.FINISHED);
        runResult.setProgress(progress);
        LOGGER.trace("Task run stopping (campaign {})", ObjectTypeUtil.toShortString(campaign));
        return runResult;
    } catch (Exception e) {
        // TODO better error handling
        LoggingUtils.logException(LOGGER, "Error while executing remediation task handler", e);
        opResult.recordFatalError("Error while executing remediation task handler: " + e.getMessage(), e);
        runResult.setRunResultStatus(TaskRunResultStatus.PERMANENT_ERROR);
        runResult.setProgress(progress);
        return runResult;
    }
}
Also used : AccessCertificationCaseType(com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCaseType) TaskRunResult(com.evolveum.midpoint.task.api.TaskRunResult) CertificationHandler(com.evolveum.midpoint.certification.impl.handlers.CertificationHandler) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) AccessCertificationCampaignType(com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType)

Example 4 with AccessCertificationCampaignType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType in project midpoint by Evolveum.

the class AccessCertificationRemediationTaskHandler method launch.

public void launch(AccessCertificationCampaignType campaign, Task callingTask, OperationResult parentResult) throws SchemaException, ObjectNotFoundException {
    LOGGER.info("Launching remediation task handler for campaign {} as asynchronous task", ObjectTypeUtil.toShortString(campaign));
    OperationResult result = parentResult.createSubresult(CLASS_DOT + "launch");
    result.addParam("campaignOid", campaign.getOid());
    Task task = taskManager.createTaskInstance();
    // Set handler URI so we will be called back
    task.setHandlerUri(HANDLER_URI);
    // Readable task name
    PolyStringType polyString = new PolyStringType("Remediation for " + campaign.getName());
    task.setName(polyString);
    // Set reference to the resource
    task.setObjectRef(ObjectTypeUtil.createObjectRef(campaign));
    task.setOwner(repositoryService.getObject(UserType.class, SystemObjectsType.USER_ADMINISTRATOR.value(), null, result));
    taskManager.switchToBackground(task, result);
    result.setBackgroundTaskOid(task.getOid());
    if (result.isInProgress()) {
        result.recordStatus(OperationResultStatus.IN_PROGRESS, "Remediation task " + task + " was successfully started, please use Server Tasks to see its status.");
    }
    LOGGER.trace("Remediation for {} switched to background, control thread returning with task {}", ObjectTypeUtil.toShortString(campaign), task);
}
Also used : PolyStringType(com.evolveum.prism.xml.ns._public.types_3.PolyStringType) Task(com.evolveum.midpoint.task.api.Task) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)

Example 5 with AccessCertificationCampaignType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType in project midpoint by Evolveum.

the class AccCertCaseOperationsHelper method recordDecision.

void recordDecision(String campaignOid, long caseId, long workItemId, AccessCertificationResponseType response, String comment, Task task, OperationResult result) throws SecurityViolationException, ObjectNotFoundException, SchemaException, ObjectAlreadyExistsException {
    AccessCertificationCaseType _case = queryHelper.getCase(campaignOid, caseId, task, result);
    if (_case == null) {
        throw new ObjectNotFoundException("Case " + caseId + " was not found in campaign " + campaignOid);
    }
    AccessCertificationCampaignType campaign = CertCampaignTypeUtil.getCampaign(_case);
    if (campaign == null) {
        throw new IllegalStateException("No owning campaign present in case " + _case);
    }
    AccessCertificationWorkItemType workItem = CertCampaignTypeUtil.findWorkItem(_case, workItemId);
    if (workItem == null) {
        throw new ObjectNotFoundException("Work item " + workItemId + " was not found in campaign " + toShortString(campaign) + ", case " + caseId);
    }
    if (response == AccessCertificationResponseType.NO_RESPONSE) {
        response = null;
    }
    ObjectReferenceType responderRef = ObjectTypeUtil.createObjectRef(securityEnforcer.getPrincipal().getUser());
    XMLGregorianCalendar now = clock.currentTimeXMLGregorianCalendar();
    ItemPath workItemPath = new ItemPath(F_CASE, caseId, F_WORK_ITEM, workItemId);
    Collection<ItemDelta<?, ?>> deltaList = DeltaBuilder.deltaFor(AccessCertificationCampaignType.class, prismContext).item(workItemPath.subPath(AccessCertificationWorkItemType.F_OUTPUT)).replace(new AbstractWorkItemOutputType().outcome(OutcomeUtils.toUri(response)).comment(comment)).item(workItemPath.subPath(AccessCertificationWorkItemType.F_OUTPUT_CHANGE_TIMESTAMP)).replace(now).item(workItemPath.subPath(AccessCertificationWorkItemType.F_PERFORMER_REF)).replace(responderRef).asItemDeltas();
    ItemDelta.applyTo(deltaList, campaign.asPrismContainerValue());
    String newCurrentOutcome = OutcomeUtils.toUri(computationHelper.computeOutcomeForStage(_case, campaign, campaign.getStageNumber()));
    if (!ObjectUtils.equals(newCurrentOutcome, _case.getCurrentStageOutcome())) {
        deltaList.add(DeltaBuilder.deltaFor(AccessCertificationCampaignType.class, prismContext).item(F_CASE, _case.asPrismContainerValue().getId(), F_CURRENT_STAGE_OUTCOME).replace(newCurrentOutcome).asItemDelta());
    }
    String newOverallOutcome = OutcomeUtils.toUri(computationHelper.computeOverallOutcome(_case, campaign, newCurrentOutcome));
    if (!ObjectUtils.equals(newOverallOutcome, _case.getOutcome())) {
        deltaList.add(DeltaBuilder.deltaFor(AccessCertificationCampaignType.class, prismContext).item(F_CASE, _case.asPrismContainerValue().getId(), F_OUTCOME).replace(newOverallOutcome).asItemDelta());
    }
    updateHelper.modifyObjectViaModel(AccessCertificationCampaignType.class, campaignOid, deltaList, task, result);
}
Also used : AccessCertificationCaseType(com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCaseType) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) ItemDelta(com.evolveum.midpoint.prism.delta.ItemDelta) ObjectTypeUtil.toShortString(com.evolveum.midpoint.schema.util.ObjectTypeUtil.toShortString) ItemPath(com.evolveum.midpoint.prism.path.ItemPath)

Aggregations

OperationResult (com.evolveum.midpoint.schema.result.OperationResult)31 AccessCertificationCampaignType (com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignType)28 AccessCertificationCaseType (com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCaseType)27 Task (com.evolveum.midpoint.task.api.Task)22 Test (org.testng.annotations.Test)18 ItemDelta (com.evolveum.midpoint.prism.delta.ItemDelta)9 ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)7 XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)6 AccessCertificationCampaignStateType (com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCampaignStateType)5 Date (java.util.Date)5 CertificationHandler (com.evolveum.midpoint.certification.impl.handlers.CertificationHandler)4 ObjectTypeUtil.toShortString (com.evolveum.midpoint.schema.util.ObjectTypeUtil.toShortString)4 AccessCertificationWorkItemType (com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationWorkItemType)4 PrismContainerValue (com.evolveum.midpoint.prism.PrismContainerValue)3 PrismContext (com.evolveum.midpoint.prism.PrismContext)3 PrismObject (com.evolveum.midpoint.prism.PrismObject)3 DeltaBuilder (com.evolveum.midpoint.prism.delta.builder.DeltaBuilder)3 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)3 ObjectFilter (com.evolveum.midpoint.prism.query.ObjectFilter)3 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)3