Example 11 with LockoutStatusType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType in project midpoint by Evolveum.
the class FocusProcessor method processActivationLockout.
private <F extends FocusType> void processActivationLockout(LensFocusContext<UserType> focusContext, XMLGregorianCalendar now, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException {
ObjectDelta<UserType> focusPrimaryDelta = focusContext.getPrimaryDelta();
if (focusPrimaryDelta != null) {
PropertyDelta<LockoutStatusType> lockoutStatusDelta = focusContext.getPrimaryDelta().findPropertyDelta(SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS);
if (lockoutStatusDelta != null) {
if (lockoutStatusDelta.isAdd()) {
for (PrismPropertyValue<LockoutStatusType> pval : lockoutStatusDelta.getValuesToAdd()) {
if (pval.getValue() == LockoutStatusType.LOCKED) {
throw new SchemaException("Lockout status cannot be changed to LOCKED value");
}
}
} else if (lockoutStatusDelta.isReplace()) {
for (PrismPropertyValue<LockoutStatusType> pval : lockoutStatusDelta.getValuesToReplace()) {
if (pval.getValue() == LockoutStatusType.LOCKED) {
throw new SchemaException("Lockout status cannot be changed to LOCKED value");
}
}
}
}
}
ActivationType activationNew = null;
ActivationType activationCurrent = null;
LockoutStatusType lockoutStatusNew = null;
LockoutStatusType lockoutStatusCurrent = null;
PrismObject<UserType> focusNew = focusContext.getObjectNew();
if (focusNew != null) {
activationNew = focusNew.asObjectable().getActivation();
if (activationNew != null) {
lockoutStatusNew = activationNew.getLockoutStatus();
}
}
PrismObject<UserType> focusCurrent = focusContext.getObjectCurrent();
if (focusCurrent != null) {
activationCurrent = focusCurrent.asObjectable().getActivation();
if (activationCurrent != null) {
lockoutStatusCurrent = activationCurrent.getLockoutStatus();
}
}
if (lockoutStatusNew == lockoutStatusCurrent) {
// No change, (almost) no work
LOGGER.trace("Skipping lockout processing because there was no change ({} -> {})", lockoutStatusCurrent, lockoutStatusNew);
return;
}
LOGGER.trace("Lockout change {} -> {}", lockoutStatusCurrent, lockoutStatusNew);
if (lockoutStatusNew == LockoutStatusType.NORMAL) {
CredentialsType credentialsTypeNew = focusNew.asObjectable().getCredentials();
if (credentialsTypeNew != null) {
resetFailedLogins(focusContext, credentialsTypeNew.getPassword(), SchemaConstants.PATH_CREDENTIALS_PASSWORD_FAILED_LOGINS);
resetFailedLogins(focusContext, credentialsTypeNew.getNonce(), SchemaConstants.PATH_CREDENTIALS_NONCE_FAILED_LOGINS);
resetFailedLogins(focusContext, credentialsTypeNew.getSecurityQuestions(), SchemaConstants.PATH_CREDENTIALS_SECURITY_QUESTIONS_FAILED_LOGINS);
}
if (activationNew != null && activationNew.getLockoutExpirationTimestamp() != null) {
PrismContainerDefinition<ActivationType> activationDefinition = getActivationDefinition();
PrismPropertyDefinition<XMLGregorianCalendar> lockoutExpirationTimestampDef = activationDefinition.findPropertyDefinition(ActivationType.F_LOCKOUT_EXPIRATION_TIMESTAMP);
PropertyDelta<XMLGregorianCalendar> lockoutExpirationTimestampDelta = lockoutExpirationTimestampDef.createEmptyDelta(new ItemPath(UserType.F_ACTIVATION, ActivationType.F_LOCKOUT_EXPIRATION_TIMESTAMP));
lockoutExpirationTimestampDelta.setValueToReplace();
focusContext.swallowToProjectionWaveSecondaryDelta(lockoutExpirationTimestampDelta);
}
}
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
NoFocusNameSchemaException(com.evolveum.midpoint.util.exception.NoFocusNameSchemaException)
CredentialsType(com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
ActivationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType)
LockoutStatusType(com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType)
UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)
PrismPropertyValue(com.evolveum.midpoint.prism.PrismPropertyValue)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Aggregations
LockoutStatusType (com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType)7
ActivationType (com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType)5
AbstractIntegrationTest (com.evolveum.midpoint.test.AbstractIntegrationTest)3
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)3
ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)3
ActivationLockoutStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType)3
XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)3
Test (org.testng.annotations.Test)3
PrismPropertyValue (com.evolveum.midpoint.prism.PrismPropertyValue)2
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)2
ActivationStatusType (com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType)2
ActivationCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType)2
Entry (org.apache.directory.api.ldap.model.entry.Entry)2
PageBase (com.evolveum.midpoint.gui.api.page.PageBase)1
PrismObject (com.evolveum.midpoint.prism.PrismObject)1
PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)1
ObjectClassComplexTypeDefinition (com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition)1
ResourceAttribute (com.evolveum.midpoint.schema.processor.ResourceAttribute)1
ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)1
ResourceAttributeContainerDefinition (com.evolveum.midpoint.schema.processor.ResourceAttributeContainerDefinition)1
