use of com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType in project midpoint by Evolveum.
the class TestUtil method assertModifyTimestamp.
public static void assertModifyTimestamp(PrismObject<? extends ObjectType> object, XMLGregorianCalendar start, XMLGregorianCalendar end, String channel) {
MetadataType metadata = object.asObjectable().getMetadata();
assertNotNull("No metadata in " + object, metadata);
assertBetween("modifyTimestamp in " + object, start, end, metadata.getModifyTimestamp());
if (channel != null) {
assertEquals("Wrong channel", channel, metadata.getModifyChannel());
}
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType in project midpoint by Evolveum.
the class ObjectValuePolicyEvaluator method validateMinAge.
private void validateMinAge(StringBuilder messageBuilder, OperationResult result) {
if (oldCredentialType == null) {
return;
}
Duration minAge = getMinAge();
if (minAge == null) {
return;
}
MetadataType currentCredentialMetadata = oldCredentialType.getMetadata();
if (currentCredentialMetadata == null) {
return;
}
XMLGregorianCalendar lastChangeTimestamp = currentCredentialMetadata.getModifyTimestamp();
if (lastChangeTimestamp == null) {
lastChangeTimestamp = currentCredentialMetadata.getCreateTimestamp();
}
if (lastChangeTimestamp == null) {
return;
}
XMLGregorianCalendar changeAllowedTimestamp = XmlTypeConverter.addDuration(lastChangeTimestamp, minAge);
if (changeAllowedTimestamp.compare(now) == DatatypeConstants.GREATER) {
LOGGER.trace("Password minAge violated. lastChange={}, minAge={}, now={}", lastChangeTimestamp, minAge, now);
String msg = shortDesc + " could not be changed because password minimal age was not yet reached.";
result.addSubresult(new OperationResult("Password minimal age", OperationResultStatus.FATAL_ERROR, msg));
messageBuilder.append(msg);
messageBuilder.append("\n");
}
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType in project midpoint by Evolveum.
the class CredentialPolicyEvaluator method createAddHistoryDelta.
// TODO: generalize for other credentials
private <F extends FocusType> int createAddHistoryDelta(PrismContainer<R> oldCredentialContainer) throws SchemaException {
R oldCredentialContainerType = oldCredentialContainer.getValue().asContainerable();
MetadataType oldCredentialMetadata = oldCredentialContainerType.getMetadata();
PrismProperty<ProtectedStringType> oldValueProperty = oldCredentialContainer.findProperty(getCredentialRelativeValuePath());
if (oldValueProperty == null) {
return 0;
}
ProtectedStringType newHistoryValue = oldValueProperty.getRealValue();
ProtectedStringType passwordPsForStorage = newHistoryValue.clone();
CredentialsStorageTypeType storageType = SecurityUtil.getCredentialStoragetTypeType(getCredentialPolicy().getHistoryStorageMethod());
if (storageType == null) {
storageType = CredentialsStorageTypeType.HASHING;
}
prepareProtectedStringForStorage(passwordPsForStorage, storageType);
PrismContainerDefinition<PasswordHistoryEntryType> historyEntryDefinition = oldCredentialContainer.getDefinition().findContainerDefinition(PasswordType.F_HISTORY_ENTRY);
PrismContainer<PasswordHistoryEntryType> historyEntry = historyEntryDefinition.instantiate();
PrismContainerValue<PasswordHistoryEntryType> hisotryEntryValue = historyEntry.createNewValue();
PasswordHistoryEntryType entryType = hisotryEntryValue.asContainerable();
entryType.setValue(passwordPsForStorage);
entryType.setMetadata(oldCredentialMetadata == null ? null : oldCredentialMetadata.clone());
entryType.setChangeTimestamp(now);
ContainerDelta<PasswordHistoryEntryType> addHisotryDelta = ContainerDelta.createModificationAdd(new ItemPath(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_HISTORY_ENTRY), UserType.class, prismContext, entryType.clone());
context.getFocusContext().swallowToSecondaryDelta(addHisotryDelta);
return 1;
}
Aggregations