Example 21 with ObjectTemplateType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType in project midpoint by Evolveum.
the class SchemaTransformer method applySchemasAndSecurity.
/**
* Validate the objects, apply security to the object definition, remove any non-visible properties (security),
* apply object template definitions and so on. This method is called for
* any object that is returned from the Model Service.
*/
public <O extends ObjectType> void applySchemasAndSecurity(PrismObject<O> object, GetOperationOptions rootOptions, AuthorizationPhaseType phase, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException {
OperationResult result = parentResult.createMinorSubresult(SchemaTransformer.class.getName() + ".applySchemasAndSecurity");
validateObject(object, rootOptions, result);
PrismObjectDefinition<O> objectDefinition = object.deepCloneDefinition(true);
ObjectSecurityConstraints securityConstraints;
try {
securityConstraints = securityEnforcer.compileSecurityConstraints(object, null);
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("Security constrains for {}:\n{}", object, securityConstraints == null ? "null" : securityConstraints.debugDump());
}
if (securityConstraints == null) {
SecurityUtil.logSecurityDeny(object, "because no security constraints are defined (default deny)");
throw new AuthorizationException("Access denied");
}
} catch (SecurityViolationException | SchemaException | RuntimeException e) {
result.recordFatalError(e);
throw e;
}
if (phase == null) {
applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, AuthorizationPhaseType.REQUEST, task, result);
applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, AuthorizationPhaseType.EXECUTION, task, result);
} else {
applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, phase, task, result);
}
ObjectTemplateType objectTemplateType;
try {
objectTemplateType = determineObjectTemplate(object, AuthorizationPhaseType.REQUEST, result);
} catch (ConfigurationException | ObjectNotFoundException e) {
result.recordFatalError(e);
throw e;
}
applyObjectTemplateToObject(object, objectTemplateType, result);
result.computeStatus();
result.recordSuccessIfUnknown();
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)
AuthorizationException(com.evolveum.midpoint.util.exception.AuthorizationException)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectSecurityConstraints(com.evolveum.midpoint.security.api.ObjectSecurityConstraints)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
ObjectTemplateType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Example 22 with ObjectTemplateType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType in project midpoint by Evolveum.
the class SchemaTransformer method determineObjectTemplate.
public <O extends ObjectType> ObjectTemplateType determineObjectTemplate(Class<O> objectClass, AuthorizationPhaseType phase, OperationResult result) throws SchemaException, ConfigurationException, ObjectNotFoundException {
PrismObject<SystemConfigurationType> systemConfiguration = systemObjectCache.getSystemConfiguration(result);
if (systemConfiguration == null) {
return null;
}
ObjectPolicyConfigurationType objectPolicyConfiguration = ModelUtils.determineObjectPolicyConfiguration(objectClass, null, systemConfiguration.asObjectable());
if (objectPolicyConfiguration == null) {
return null;
}
ObjectReferenceType objectTemplateRef = objectPolicyConfiguration.getObjectTemplateRef();
if (objectTemplateRef == null) {
return null;
}
PrismObject<ObjectTemplateType> template = cacheRepositoryService.getObject(ObjectTemplateType.class, objectTemplateRef.getOid(), null, result);
return template.asObjectable();
}
Also used :
ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)
ObjectPolicyConfigurationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectPolicyConfigurationType)
ObjectTemplateType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType)
SystemConfigurationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationType)
Aggregations
ObjectTemplateType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType)19
ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)9
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)6
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)5
ObjectTemplateItemDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateItemDefinitionType)5
XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)5
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)4
ObjectTemplateMappingType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateMappingType)4
ItemDelta (com.evolveum.midpoint.prism.delta.ItemDelta)3
ObjectPolicyConfigurationType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectPolicyConfigurationType)3
ItemValueWithOrigin (com.evolveum.midpoint.model.impl.lens.ItemValueWithOrigin)2
PrismObject (com.evolveum.midpoint.prism.PrismObject)2
DeltaSetTriple (com.evolveum.midpoint.prism.delta.DeltaSetTriple)2
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)2
Task (com.evolveum.midpoint.task.api.Task)2
PersonaConstructionType (com.evolveum.midpoint.xml.ns._public.common.common_3.PersonaConstructionType)2
SystemConfigurationType (com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationType)2
ItemPathType (com.evolveum.prism.xml.ns._public.types_3.ItemPathType)2
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
