Examples with ObjectType com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType used on opensource projects

Example 26 with ObjectType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType in project midpoint by Evolveum.

the class CryptoUtil method checkEncrypted.

private static <T extends ObjectType> void checkEncrypted(PrismPropertyValue<?> pval) {
    Itemable item = pval.getParent();
    if (item == null) {
        return;
    }
    ItemDefinition itemDef = item.getDefinition();
    if (itemDef == null || itemDef.getTypeName() == null) {
        return;
    }
    if (itemDef.getTypeName().equals(ProtectedStringType.COMPLEX_TYPE)) {
        QName propName = item.getElementName();
        PrismPropertyValue<ProtectedStringType> psPval = (PrismPropertyValue<ProtectedStringType>) pval;
        ProtectedStringType ps = psPval.getValue();
        if (ps.getClearValue() != null) {
            throw new IllegalStateException("Unencrypted value in field " + propName);
        }
    } else if (itemDef.getTypeName().equals(NotificationConfigurationType.COMPLEX_TYPE)) {
        // this is really ugly hack needed because currently it is not possible to break NotificationConfigurationType into prism item [pm]
        NotificationConfigurationType ncfg = ((PrismPropertyValue<NotificationConfigurationType>) pval).getValue();
        if (ncfg.getMail() != null) {
            for (MailServerConfigurationType mscfg : ncfg.getMail().getServer()) {
                if (mscfg.getPassword() != null && mscfg.getPassword().getClearValue() != null) {
                    throw new IllegalStateException("Unencrypted value in mail server config password entry");
                }
            }
        }
        if (ncfg.getSms() != null) {
            for (SmsConfigurationType smscfg : ncfg.getSms()) {
                for (SmsGatewayConfigurationType gwcfg : smscfg.getGateway()) {
                    if (gwcfg.getPassword() != null && gwcfg.getPassword().getClearValue() != null) {
                        throw new IllegalStateException("Unencrypted value in SMS gateway config password entry");
                    }
                }
            }
        }
    }
}

Example 27 with ObjectType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType in project midpoint by Evolveum.

the class CryptoUtil method encryptValue.

private static <T extends ObjectType> void encryptValue(Protector protector, PrismPropertyValue<?> pval) throws EncryptionException {
    Itemable item = pval.getParent();
    if (item == null) {
        return;
    }
    ItemDefinition itemDef = item.getDefinition();
    if (itemDef == null || itemDef.getTypeName() == null) {
        return;
    }
    if (itemDef.getTypeName().equals(ProtectedStringType.COMPLEX_TYPE)) {
        QName propName = item.getElementName();
        PrismPropertyValue<ProtectedStringType> psPval = (PrismPropertyValue<ProtectedStringType>) pval;
        ProtectedStringType ps = psPval.getValue();
        encryptProtectedStringType(protector, ps, propName.getLocalPart());
        if (pval.getParent() == null) {
            pval.setParent(item);
        }
    } else if (itemDef.getTypeName().equals(NotificationConfigurationType.COMPLEX_TYPE)) {
        // this is really ugly hack needed because currently it is not possible to break NotificationConfigurationType into prism item [pm]
        NotificationConfigurationType ncfg = ((PrismPropertyValue<NotificationConfigurationType>) pval).getValue();
        if (ncfg.getMail() != null) {
            for (MailServerConfigurationType mscfg : ncfg.getMail().getServer()) {
                encryptProtectedStringType(protector, mscfg.getPassword(), "mail server password");
            }
        }
        if (ncfg.getSms() != null) {
            for (SmsConfigurationType smscfg : ncfg.getSms()) {
                for (SmsGatewayConfigurationType gwcfg : smscfg.getGateway()) {
                    encryptProtectedStringType(protector, gwcfg.getPassword(), "sms gateway password");
                }
            }
        }
    }
}

Example 28 with ObjectType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType in project midpoint by Evolveum.

the class ModelCrudService method modifyObject.

/**
	 * <p>
	 * Modifies object using relative change description.
	 * </p>
	 * <p>
	 * Must fail if user with provided OID does not exists. Must fail if any of
	 * the described changes cannot be applied. Should be atomic.
	 * </p>
	 * <p>
	 * If two or more modify operations are executed in parallel, the operations
	 * should be merged. In case that the operations are in conflict (e.g. one
	 * operation adding a value and the other removing the same value), the
	 * result is not deterministic.
	 * </p>
	 * <p>
	 * The operation may fail if the modified object does not conform to the
	 * underlying schema of the storage system or the schema enforced by the
	 * implementation.
	 * </p>
	 * 
	 * @param parentResult
	 *            parent OperationResult (in/out)
	 * @throws ObjectNotFoundException
	 *             specified object does not exist
	 * @throws SchemaException
	 *             resulting object would violate the schema
	 * @throws ExpressionEvaluationException
	 * 				evaluation of expression associated with the object has failed
	 * @throws CommunicationException 
	 * @throws ObjectAlreadyExistsException
	 * 				If the account or another "secondary" object already exists and cannot be created
	 * @throws PolicyViolationException 
	 * 				Policy violation was detected during processing of the object
	 * @throws IllegalArgumentException
	 *             wrong OID format, described change is not applicable
	 * @throws SystemException
	 *             unknown error from underlying layers or other unexpected
	 *             state
	 */
public <T extends ObjectType> void modifyObject(Class<T> type, String oid, Collection<? extends ItemDelta> modifications, ModelExecuteOptions options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, ObjectAlreadyExistsException, PolicyViolationException, SecurityViolationException {
    Validate.notNull(modifications, "Object modification must not be null.");
    Validate.notEmpty(oid, "Change oid must not be null or empty.");
    Validate.notNull(parentResult, "Result type must not be null.");
    if (LOGGER.isTraceEnabled()) {
        LOGGER.trace("Modifying object with oid {}", oid);
        LOGGER.trace(DebugUtil.debugDump(modifications));
    }
    if (modifications.isEmpty()) {
        LOGGER.warn("Calling modifyObject with empty modificaiton set");
        return;
    }
    ItemDelta.checkConsistence(modifications, ConsistencyCheckScope.THOROUGH);
    // TODO: check definitions, but tolerate missing definitions in <attributes>
    OperationResult result = parentResult.createSubresult(MODIFY_OBJECT);
    result.addCollectionOfSerializablesAsParam("modifications", modifications);
    RepositoryCache.enter();
    try {
        ObjectDelta<T> objectDelta = (ObjectDelta<T>) ObjectDelta.createModifyDelta(oid, modifications, type, prismContext);
        Collection<ObjectDelta<? extends ObjectType>> deltas = MiscSchemaUtil.createCollection(objectDelta);
        modelService.executeChanges(deltas, options, task, result);
        result.computeStatus();
    } catch (ExpressionEvaluationException ex) {
        LOGGER.error("model.modifyObject failed: {}", ex.getMessage(), ex);
        result.recordFatalError(ex);
        throw ex;
    } catch (ObjectNotFoundException ex) {
        LOGGER.error("model.modifyObject failed: {}", ex.getMessage(), ex);
        result.recordFatalError(ex);
        throw ex;
    } catch (SchemaException ex) {
        ModelUtils.recordFatalError(result, ex);
        throw ex;
    } catch (ConfigurationException ex) {
        ModelUtils.recordFatalError(result, ex);
        throw ex;
    } catch (SecurityViolationException ex) {
        ModelUtils.recordFatalError(result, ex);
        throw ex;
    } catch (RuntimeException ex) {
        ModelUtils.recordFatalError(result, ex);
        throw ex;
    } finally {
        RepositoryCache.exit();
    }
}

Example 29 with ObjectType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType in project midpoint by Evolveum.

the class ModelWebServiceRaw method invokeAllowingFaults.

public DOMSource invokeAllowingFaults(DOMSource request) throws FaultMessage {
    Node rootNode = request.getNode();
    Element rootElement;
    if (rootNode instanceof Document) {
        rootElement = ((Document) rootNode).getDocumentElement();
    } else if (rootNode instanceof Element) {
        rootElement = (Element) rootNode;
    } else {
        throw ws.createIllegalArgumentFault("Unexpected DOM node type: " + rootNode);
    }
    Object requestObject;
    try {
        requestObject = prismContext.parserFor(rootElement).parseRealValue();
    } catch (SchemaException e) {
        throw ws.createIllegalArgumentFault("Couldn't parse SOAP request body because of schema exception: " + e.getMessage());
    }
    Node response;
    Holder<OperationResultType> operationResultTypeHolder = new Holder<>();
    try {
        PrismSerializer<Element> serializer = prismContext.domSerializer().options(SerializationOptions.createSerializeReferenceNames());
        if (requestObject instanceof GetObjectType) {
            GetObjectType g = (GetObjectType) requestObject;
            Holder<ObjectType> objectTypeHolder = new Holder<>();
            ws.getObject(g.getObjectType(), g.getOid(), g.getOptions(), objectTypeHolder, operationResultTypeHolder);
            GetObjectResponseType gr = new GetObjectResponseType();
            gr.setObject(objectTypeHolder.value);
            gr.setResult(operationResultTypeHolder.value);
            response = serializer.serializeAnyData(gr, ModelPort.GET_OBJECT_RESPONSE);
        } else if (requestObject instanceof SearchObjectsType) {
            SearchObjectsType s = (SearchObjectsType) requestObject;
            Holder<ObjectListType> objectListTypeHolder = new Holder<>();
            ws.searchObjects(s.getObjectType(), s.getQuery(), s.getOptions(), objectListTypeHolder, operationResultTypeHolder);
            SearchObjectsResponseType sr = new SearchObjectsResponseType();
            sr.setObjectList(objectListTypeHolder.value);
            sr.setResult(operationResultTypeHolder.value);
            response = serializer.serializeAnyData(sr, ModelPort.SEARCH_OBJECTS_RESPONSE);
        } else if (requestObject instanceof ExecuteChangesType) {
            ExecuteChangesType e = (ExecuteChangesType) requestObject;
            ObjectDeltaOperationListType objectDeltaOperationListType = ws.executeChanges(e.getDeltaList(), e.getOptions());
            ExecuteChangesResponseType er = new ExecuteChangesResponseType();
            er.setDeltaOperationList(objectDeltaOperationListType);
            response = serializer.serializeAnyData(er, ModelPort.EXECUTE_CHANGES_RESPONSE);
        } else if (requestObject instanceof FindShadowOwnerType) {
            FindShadowOwnerType f = (FindShadowOwnerType) requestObject;
            Holder<UserType> userTypeHolder = new Holder<>();
            ws.findShadowOwner(f.getShadowOid(), userTypeHolder, operationResultTypeHolder);
            FindShadowOwnerResponseType fsr = new FindShadowOwnerResponseType();
            fsr.setUser(userTypeHolder.value);
            fsr.setResult(operationResultTypeHolder.value);
            response = serializer.serializeAnyData(fsr, ModelPort.FIND_SHADOW_OWNER_RESPONSE);
        } else if (requestObject instanceof TestResourceType) {
            TestResourceType tr = (TestResourceType) requestObject;
            OperationResultType operationResultType = ws.testResource(tr.getResourceOid());
            TestResourceResponseType trr = new TestResourceResponseType();
            trr.setResult(operationResultType);
            response = serializer.serializeAnyData(trr, ModelPort.TEST_RESOURCE_RESPONSE);
        } else if (requestObject instanceof ExecuteScriptsType) {
            ExecuteScriptsType es = (ExecuteScriptsType) requestObject;
            ExecuteScriptsResponseType esr = ws.executeScripts(es);
            response = serializer.serializeAnyData(esr, ModelPort.EXECUTE_SCRIPTS_RESPONSE);
        } else if (requestObject instanceof ImportFromResourceType) {
            ImportFromResourceType ifr = (ImportFromResourceType) requestObject;
            TaskType taskType = ws.importFromResource(ifr.getResourceOid(), ifr.getObjectClass());
            ImportFromResourceResponseType ifrr = new ImportFromResourceResponseType();
            ifrr.setTask(taskType);
            response = serializer.serializeAnyData(ifrr, ModelPort.IMPORT_FROM_RESOURCE_RESPONSE);
        } else if (requestObject instanceof NotifyChangeType) {
            NotifyChangeType nc = (NotifyChangeType) requestObject;
            TaskType taskType = ws.notifyChange(nc.getChangeDescription());
            NotifyChangeResponseType ncr = new NotifyChangeResponseType();
            ncr.setTask(taskType);
            response = serializer.serializeAnyData(ncr, ModelPort.NOTIFY_CHANGE_RESPONSE);
        } else {
            throw ws.createIllegalArgumentFault("Unsupported request type: " + requestObject);
        }
    } catch (SchemaException e) {
        throwFault(e, operationResultTypeHolder.value);
        // not reached
        return null;
    }
    return new DOMSource(response);
}

Example 30 with ObjectType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType in project midpoint by Evolveum.

the class AuditController method rollBackTime.

private <O extends ObjectType> PrismObject<O> rollBackTime(PrismObject<O> object, List<AuditEventRecord> changeTrail) throws SchemaException {
    for (AuditEventRecord event : changeTrail) {
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Applying event {} ({})", event.getEventIdentifier(), XmlTypeConverter.createXMLGregorianCalendar(event.getTimestamp()));
        }
        Collection<ObjectDeltaOperation<? extends ObjectType>> deltaOperations = event.getDeltas();
        if (deltaOperations != null) {
            for (ObjectDeltaOperation<? extends ObjectType> deltaOperation : deltaOperations) {
                ObjectDelta<O> objectDelta = (ObjectDelta<O>) deltaOperation.getObjectDelta();
                if (!isApplicable(deltaOperation, object, event)) {
                    continue;
                }
                if (objectDelta.isDelete()) {
                    throw new SchemaException("Delete delta found in the audit trail. Object history cannot be reconstructed.");
                }
                if (objectDelta.isAdd()) {
                    throw new SchemaException("Add delta found in the audit trail. Object history cannot be reconstructed.");
                }
                ObjectDelta<O> reverseDelta = objectDelta.createReverseDelta();
                if (LOGGER.isTraceEnabled()) {
                    LOGGER.trace("Applying delta (reverse):\n{}", reverseDelta.debugDump(1));
                }
                reverseDelta.applyTo(object);
            }
        }
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Object after application of event {} ({}):\n{}", event.getEventIdentifier(), XmlTypeConverter.createXMLGregorianCalendar(event.getTimestamp()), object.debugDump(1));
        }
    }
    return object;
}