use of com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType in project midpoint by Evolveum.
the class FocusProcessor method processActivationLockout.
private <F extends FocusType> void processActivationLockout(LensFocusContext<UserType> focusContext, XMLGregorianCalendar now, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException {
ObjectDelta<UserType> focusPrimaryDelta = focusContext.getPrimaryDelta();
if (focusPrimaryDelta != null) {
PropertyDelta<LockoutStatusType> lockoutStatusDelta = focusContext.getPrimaryDelta().findPropertyDelta(SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS);
if (lockoutStatusDelta != null) {
if (lockoutStatusDelta.isAdd()) {
for (PrismPropertyValue<LockoutStatusType> pval : lockoutStatusDelta.getValuesToAdd()) {
if (pval.getValue() == LockoutStatusType.LOCKED) {
throw new SchemaException("Lockout status cannot be changed to LOCKED value");
}
}
} else if (lockoutStatusDelta.isReplace()) {
for (PrismPropertyValue<LockoutStatusType> pval : lockoutStatusDelta.getValuesToReplace()) {
if (pval.getValue() == LockoutStatusType.LOCKED) {
throw new SchemaException("Lockout status cannot be changed to LOCKED value");
}
}
}
}
}
ActivationType activationNew = null;
ActivationType activationCurrent = null;
LockoutStatusType lockoutStatusNew = null;
LockoutStatusType lockoutStatusCurrent = null;
PrismObject<UserType> focusNew = focusContext.getObjectNew();
if (focusNew != null) {
activationNew = focusNew.asObjectable().getActivation();
if (activationNew != null) {
lockoutStatusNew = activationNew.getLockoutStatus();
}
}
PrismObject<UserType> focusCurrent = focusContext.getObjectCurrent();
if (focusCurrent != null) {
activationCurrent = focusCurrent.asObjectable().getActivation();
if (activationCurrent != null) {
lockoutStatusCurrent = activationCurrent.getLockoutStatus();
}
}
if (lockoutStatusNew == lockoutStatusCurrent) {
// No change, (almost) no work
LOGGER.trace("Skipping lockout processing because there was no change ({} -> {})", lockoutStatusCurrent, lockoutStatusNew);
return;
}
LOGGER.trace("Lockout change {} -> {}", lockoutStatusCurrent, lockoutStatusNew);
if (lockoutStatusNew == LockoutStatusType.NORMAL) {
CredentialsType credentialsTypeNew = focusNew.asObjectable().getCredentials();
if (credentialsTypeNew != null) {
resetFailedLogins(focusContext, credentialsTypeNew.getPassword(), SchemaConstants.PATH_CREDENTIALS_PASSWORD_FAILED_LOGINS);
resetFailedLogins(focusContext, credentialsTypeNew.getNonce(), SchemaConstants.PATH_CREDENTIALS_NONCE_FAILED_LOGINS);
resetFailedLogins(focusContext, credentialsTypeNew.getSecurityQuestions(), SchemaConstants.PATH_CREDENTIALS_SECURITY_QUESTIONS_FAILED_LOGINS);
}
if (activationNew != null && activationNew.getLockoutExpirationTimestamp() != null) {
PrismContainerDefinition<ActivationType> activationDefinition = getActivationDefinition();
PrismPropertyDefinition<XMLGregorianCalendar> lockoutExpirationTimestampDef = activationDefinition.findPropertyDefinition(ActivationType.F_LOCKOUT_EXPIRATION_TIMESTAMP);
PropertyDelta<XMLGregorianCalendar> lockoutExpirationTimestampDelta = lockoutExpirationTimestampDef.createEmptyDelta(new ItemPath(UserType.F_ACTIVATION, ActivationType.F_LOCKOUT_EXPIRATION_TIMESTAMP));
lockoutExpirationTimestampDelta.setValueToReplace();
focusContext.swallowToProjectionWaveSecondaryDelta(lockoutExpirationTimestampDelta);
}
}
}
Aggregations