Example 21 with SKIP
use of com.evolveum.midpoint.xml.ns._public.common.common_3.PartialProcessingTypeType.SKIP in project midpoint by Evolveum.
the class SynchronizationInfoAsserter method assertTransition.
public SynchronizationInfoAsserter<RA> assertTransition(SynchronizationSituationType onProcessingStart, SynchronizationSituationType onSyncStart, SynchronizationSituationType onSyncEnd, SynchronizationExclusionReasonType exclusionReason, int success, int error, int skip) {
SynchronizationSituationTransitionType matching = SyncSituationUtil.findMatchingTransition(information, onProcessingStart, onSyncStart, onSyncEnd, exclusionReason);
String transition = onProcessingStart + "->" + onSyncStart + "->" + onSyncEnd + " (" + exclusionReason + ")";
if (matching == null) {
if (success != 0 || error != 0 || skip != 0) {
fail("Expected transition for " + transition + " was not found in " + information);
}
} else {
assertThat(getSuccessCount(matching.getCounter())).as("Expected success count for " + transition).isEqualTo(success);
assertThat(getFailureCount(matching.getCounter())).as("Expected failure count for " + transition).isEqualTo(error);
assertThat(getSkipCount(matching.getCounter())).as("Expected skip count for " + transition).isEqualTo(skip);
}
return this;
}
Also used :
SynchronizationSituationTransitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationTransitionType)
Example 22 with SKIP
use of com.evolveum.midpoint.xml.ns._public.common.common_3.PartialProcessingTypeType.SKIP in project midpoint by Evolveum.
the class AbstractValuePolicyOriginResolver method handleProjections.
private <P extends ObjectType> void handleProjections(ResultHandler<P> handler, ProhibitedValueItemType prohibitedValueItemType, String contextDescription, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
// Not very efficient. We will usually read the shadows again, as they are already in model context.
// It will also work only for the items that are stored in shadow (usually not attributes, unless caching is enabled).
// But this is good enough for now.
FocusType focus;
if (object.canRepresent(FocusType.class)) {
focus = (FocusType) object.asObjectable();
} else if (object.canRepresent(ShadowType.class)) {
if (object.getOid() == null) {
// process only provided shadow or do not handle projection?
return;
}
ObjectQuery query = object.getPrismContext().queryFor(FocusType.class).item(FocusType.F_LINK_REF).ref(object.getOid()).maxSize(1).build();
try {
List<PrismObject<FocusType>> objects = objectResolver.searchObjects(FocusType.class, query, createReadOnlyCollection(), task, result);
if (objects.isEmpty()) {
return;
}
focus = MiscUtil.extractSingleton(objects).asObjectable();
} catch (CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) {
throw new SystemException(e.getMessage(), e);
}
} else {
return;
}
// We want to provide default intent to allow configurators to be a little lazy and skip intent specification.
// Consider changing this if necessary.
ResourceShadowDiscriminator shadowDiscriminator = ResourceShadowDiscriminator.fromResourceShadowDiscriminatorType(prohibitedValueItemType.getProjectionDiscriminator(), true);
for (ObjectReferenceType linkRef : focus.getLinkRef()) {
GetOperationOptions options = GetOperationOptions.createReadOnly();
options.setNoFetch(true);
ShadowType resolvedShadow = objectResolver.resolve(linkRef, ShadowType.class, SelectorOptions.createCollection(options), "resolving projection shadow in " + contextDescription, task, result);
if (shadowDiscriminator != null) {
if (!ShadowUtil.matches(resolvedShadow.asPrismObject(), shadowDiscriminator)) {
LOGGER.trace("Skipping evaluation of projection {} in {} because it does not match discriminator", resolvedShadow, contextDescription);
continue;
}
}
// noinspection unchecked
handler.handle((PrismObject<P>) resolvedShadow.asPrismObject(), result);
}
}
Also used :
ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
FocusType(com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType)
List(java.util.List)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
Example 23 with SKIP
use of com.evolveum.midpoint.xml.ns._public.common.common_3.PartialProcessingTypeType.SKIP in project midpoint by Evolveum.
the class ProjectionCredentialsProcessor method processProjectionPasswordMapping.
private <F extends FocusType> void processProjectionPasswordMapping(LensContext<F> context, final LensProjectionContext projCtx, final SecurityPolicyType securityPolicy, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException {
LensFocusContext<F> focusContext = context.getFocusContext();
PrismObject<F> focusNew = focusContext.getObjectNew();
if (focusNew == null) {
// This must be a focus delete or something similar. No point in proceeding
LOGGER.trace("focusNew is null, skipping credentials processing");
return;
}
PrismObjectDefinition<ShadowType> accountDefinition = prismContext.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(ShadowType.class);
PrismPropertyDefinition<ProtectedStringType> projPasswordPropertyDefinition = accountDefinition.findPropertyDefinition(SchemaConstants.PATH_PASSWORD_VALUE);
ResourceShadowDiscriminator rsd = projCtx.getResourceShadowDiscriminator();
ResourceObjectDefinition objectDefinition = projCtx.getStructuralObjectDefinition();
if (objectDefinition == null) {
LOGGER.trace("No ResourceObjectTypeDefinition, therefore also no password outbound definition," + " skipping credentials processing for projection {}", rsd);
return;
}
List<MappingType> outboundMappingBeans = objectDefinition.getPasswordOutbound();
if (outboundMappingBeans.isEmpty()) {
LOGGER.trace("No outbound password mapping for {}, skipping credentials processing", rsd);
return;
}
ObjectDeltaObject<F> objectDeltaObject = focusContext.getObjectDeltaObjectAbsolute();
// HACK
if (!projCtx.isDoReconciliation() && !projCtx.isAdd() && !isActivated(outboundMappingBeans, objectDeltaObject.getObjectDelta())) {
LOGGER.trace("Outbound password mappings not activated for type {}, skipping credentials processing", rsd);
return;
}
ObjectDelta<ShadowType> projDelta = projCtx.getCurrentDelta();
PropertyDelta<ProtectedStringType> projPasswordDelta;
if (projDelta != null && projDelta.getChangeType() == MODIFY) {
projPasswordDelta = projDelta.findPropertyDelta(SchemaConstants.PATH_PASSWORD_VALUE);
} else {
projPasswordDelta = null;
}
checkExistingDeltaSanity(projCtx, projPasswordDelta);
boolean evaluateWeak = getEvaluateWeak(projCtx);
// TODO wave
ItemDeltaItem<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>> focusPasswordIdi = objectDeltaObject.findIdi(SchemaConstants.PATH_PASSWORD_VALUE);
ConfigurableValuePolicySupplier valuePolicySupplier = (result1) -> SecurityUtil.getPasswordPolicy(securityPolicy);
MappingInitializer<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>> initializer = (builder) -> {
builder.mappingKind(MappingKindType.OUTBOUND).implicitSourcePath(SchemaConstants.PATH_PASSWORD_VALUE).implicitTargetPath(SchemaConstants.PATH_PASSWORD_VALUE);
builder.defaultTargetDefinition(projPasswordPropertyDefinition);
builder.defaultSource(new Source<>(focusPasswordIdi, ExpressionConstants.VAR_INPUT_QNAME));
builder.valuePolicySupplier(valuePolicySupplier);
return builder;
};
MappingOutputProcessor<PrismPropertyValue<ProtectedStringType>> processor = (mappingOutputPath, outputStruct) -> {
PrismValueDeltaSetTriple<PrismPropertyValue<ProtectedStringType>> outputTriple = outputStruct.getOutputTriple();
if (outputTriple == null) {
LOGGER.trace("Credentials 'password' expression resulted in null output triple, skipping credentials processing for {}", rsd);
return false;
}
boolean projectionIsNew = projDelta != null && (projDelta.getChangeType() == ChangeType.ADD || projCtx.getSynchronizationPolicyDecision() == SynchronizationPolicyDecision.ADD);
Collection<PrismPropertyValue<ProtectedStringType>> newValues;
if (projectionIsNew) {
newValues = outputTriple.getNonNegativeValues();
} else {
newValues = outputTriple.getPlusSet();
}
if (!canGetCleartext(newValues)) {
ObjectDelta<ShadowType> projectionPrimaryDelta = projCtx.getPrimaryDelta();
if (projectionPrimaryDelta != null) {
PropertyDelta<ProtectedStringType> passwordPrimaryDelta = projectionPrimaryDelta.findPropertyDelta(SchemaConstants.PATH_PASSWORD_VALUE);
if (passwordPrimaryDelta != null) {
// We have only hashed value coming from the mapping. There are not very useful
// for provisioning. But we have primary projection delta - and that is very likely
// to be better.
// Skip all password mappings in this case. Primary delta trumps everything.
// No weak, normal or even strong mapping can change that.
// We need to disregard even strong mapping in this case. If we would heed the strong
// mapping then account initialization won't be possible.
LOGGER.trace("We have primary password delta in projection, skipping credentials processing");
return false;
}
}
}
Collection<PrismPropertyValue<ProtectedStringType>> minusSet = outputTriple.getMinusSet();
if (!minusSet.isEmpty()) {
if (!canGetCleartext(minusSet)) {
// We have hashed values in minus set. That is not great, we won't be able to get
// cleartext from that if we need it (e.g. for runAs in provisioning).
// Therefore try to get old value from focus password delta. If that matches with
// hashed value then we have the cleartext.
ProtectedStringType oldProjectionPassword = minusSet.iterator().next().getRealValue();
PropertyDelta<ProtectedStringType> focusPasswordDelta = (PropertyDelta<ProtectedStringType>) focusPasswordIdi.getDelta();
Collection<PrismPropertyValue<ProtectedStringType>> focusPasswordDeltaOldValues = focusPasswordDelta.getEstimatedOldValues();
if (focusPasswordDeltaOldValues != null && !focusPasswordDeltaOldValues.isEmpty()) {
ProtectedStringType oldFocusPassword = requireNonNull(focusPasswordDeltaOldValues.iterator().next().getRealValue());
try {
if (oldFocusPassword.canGetCleartext() && protector.compareCleartext(oldFocusPassword, oldProjectionPassword)) {
outputTriple.clearMinusSet();
outputTriple.addToMinusSet(prismContext.itemFactory().createPropertyValue(oldFocusPassword));
}
} catch (EncryptionException e) {
throw new SystemException(e.getMessage(), e);
}
}
}
}
return true;
};
String projCtxDesc = projCtx.toHumanReadableString();
PrismObject<ShadowType> shadowNew = projCtx.getObjectNew();
MappingInitializer<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>> internalInitializer = builder -> {
builder.addVariableDefinitions(ModelImplUtils.getDefaultVariablesMap(context, projCtx, true));
builder.mappingKind(MappingKindType.OUTBOUND);
builder.originType(OriginType.OUTBOUND);
builder.implicitTargetPath(SchemaConstants.PATH_PASSWORD_VALUE);
builder.originObject(projCtx.getResource());
initializer.initialize(builder);
return builder;
};
MappingEvaluatorParams<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>, ShadowType, F> params = new MappingEvaluatorParams<>();
params.setMappingTypes(outboundMappingBeans);
params.setMappingDesc("password mapping" + " in projection " + projCtxDesc);
params.setNow(now);
params.setInitializer(internalInitializer);
params.setProcessor(processor);
params.setTargetLoader(new ProjectionMappingLoader<>(projCtx, contextLoader));
params.setAPrioriTargetObject(shadowNew);
params.setAPrioriTargetDelta(LensUtil.findAPrioriDelta(context, projCtx));
params.setTargetContext(projCtx);
params.setDefaultTargetItemPath(SchemaConstants.PATH_PASSWORD_VALUE);
if (context.getFocusContext() != null) {
params.setSourceContext(context.getFocusContext().getObjectDeltaObjectAbsolute());
}
params.setEvaluateCurrent(MappingTimeEval.CURRENT);
params.setEvaluateWeak(evaluateWeak);
params.setContext(context);
params.setHasFullTargetObject(projCtx.hasFullShadow());
projectionMappingSetEvaluator.evaluateMappingsToTriples(params, task, result);
}
Also used :
Autowired(org.springframework.beans.factory.annotation.Autowired)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
ExpressionConstants(com.evolveum.midpoint.schema.constants.ExpressionConstants)
ObjectValuePolicyEvaluator(com.evolveum.midpoint.model.common.stringpolicy.ObjectValuePolicyEvaluator)
ProcessorExecution(com.evolveum.midpoint.model.impl.lens.projector.util.ProcessorExecution)
com.evolveum.midpoint.prism(com.evolveum.midpoint.prism)
ItemDeltaItem(com.evolveum.midpoint.prism.util.ItemDeltaItem)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Collection(java.util.Collection)
ResourceTypeUtil(com.evolveum.midpoint.schema.util.ResourceTypeUtil)
Task(com.evolveum.midpoint.task.api.Task)
ResourceShadowDiscriminator(com.evolveum.midpoint.schema.ResourceShadowDiscriminator)
List(java.util.List)
ValuePolicyProcessor(com.evolveum.midpoint.model.common.stringpolicy.ValuePolicyProcessor)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
com.evolveum.midpoint.prism.delta(com.evolveum.midpoint.prism.delta)
CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException)
ProcessorMethod(com.evolveum.midpoint.model.impl.lens.projector.util.ProcessorMethod)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
ContextLoader(com.evolveum.midpoint.model.impl.lens.projector.ContextLoader)
PolicyViolationException(com.evolveum.midpoint.util.exception.PolicyViolationException)
ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition)
PrismContainerValue.asContainerable(com.evolveum.midpoint.prism.PrismContainerValue.asContainerable)
com.evolveum.midpoint.xml.ns._public.common.common_3(com.evolveum.midpoint.xml.ns._public.common.common_3)
ObjectDeltaObject(com.evolveum.midpoint.prism.util.ObjectDeltaObject)
SchemaConstants(com.evolveum.midpoint.schema.constants.SchemaConstants)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
Trace(com.evolveum.midpoint.util.logging.Trace)
ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException)
ModelImplUtils(com.evolveum.midpoint.model.impl.util.ModelImplUtils)
EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException)
CredentialsCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType)
ProjectionMappingSetEvaluator(com.evolveum.midpoint.model.impl.lens.projector.focus.ProjectionMappingSetEvaluator)
SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)
MODIFY(com.evolveum.midpoint.prism.delta.ChangeType.MODIFY)
Objects.requireNonNull(java.util.Objects.requireNonNull)
CapabilityUtil(com.evolveum.midpoint.schema.CapabilityUtil)
com.evolveum.midpoint.model.impl.lens.projector.mappings(com.evolveum.midpoint.model.impl.lens.projector.mappings)
ProjectorProcessor(com.evolveum.midpoint.model.impl.lens.projector.ProjectorProcessor)
ShadowValuePolicyOriginResolver(com.evolveum.midpoint.model.common.stringpolicy.ShadowValuePolicyOriginResolver)
com.evolveum.midpoint.model.impl.lens(com.evolveum.midpoint.model.impl.lens)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)
LocalizableMessageBuilder(com.evolveum.midpoint.util.LocalizableMessageBuilder)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
ConfigurableValuePolicySupplier(com.evolveum.midpoint.repo.common.expression.ConfigurableValuePolicySupplier)
Component(org.springframework.stereotype.Component)
Protector(com.evolveum.midpoint.prism.crypto.Protector)
SecurityUtil(com.evolveum.midpoint.security.api.SecurityUtil)
ModelObjectResolver(com.evolveum.midpoint.model.impl.ModelObjectResolver)
Source(com.evolveum.midpoint.repo.common.expression.Source)
TraceManager(com.evolveum.midpoint.util.logging.TraceManager)
ItemPathType(com.evolveum.prism.xml.ns._public.types_3.ItemPathType)
Source(com.evolveum.midpoint.repo.common.expression.Source)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException)
ConfigurableValuePolicySupplier(com.evolveum.midpoint.repo.common.expression.ConfigurableValuePolicySupplier)
ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition)
Collection(java.util.Collection)
ResourceShadowDiscriminator(com.evolveum.midpoint.schema.ResourceShadowDiscriminator)
ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)
Example 24 with SKIP
use of com.evolveum.midpoint.xml.ns._public.common.common_3.PartialProcessingTypeType.SKIP in project midpoint by Evolveum.
the class ObjectMerger method computeDefaultDeltas.
private <O extends ObjectType> void computeDefaultDeltas(final ObjectDelta<O> leftObjectDelta, final PrismObject<O> objectLeft, final PrismObject<O> objectRight, final List<ItemPath> processedPaths, MergeConfigurationType mergeConfiguration, final String mergeConfigurationName, final Task task, final OperationResult result) throws SchemaException, ConfigurationException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, SecurityViolationException {
final ItemMergeConfigurationType defaultItemMergeConfig = mergeConfiguration.getDefault();
if (defaultItemMergeConfig != null) {
try {
Visitor visitor = new Visitor() {
@Override
public void visit(Visitable visitable) {
if (!(visitable instanceof Item)) {
return;
}
Item item = (Item) visitable;
ItemPath itemPath = item.getPath();
if (itemPath.isEmpty()) {
return;
}
if (SchemaConstants.PATH_LINK_REF.equivalent(itemPath)) {
// Skip. There is a special processing for this.
return;
}
boolean found = false;
for (ItemPath processedPath : processedPaths) {
// Need to check for super-paths here.
// E.g. if we have already processed metadata, we do not want to process
// metadata/modifyTimestamp
CompareResult compareResult = processedPath.compareComplex(itemPath);
if (compareResult == CompareResult.EQUIVALENT || compareResult == CompareResult.SUBPATH) {
found = true;
break;
}
}
if (found) {
return;
}
processedPaths.add(itemPath);
if (item instanceof PrismContainer<?>) {
if (item.getDefinition().isSingleValue()) {
// we will handle every individual property there.
return;
} else {
// TODO: we may need special handling for multi-value containers
// such as assignment
}
}
ItemDelta itemDelta;
try {
itemDelta = mergeItem(objectLeft, objectRight, mergeConfigurationName, defaultItemMergeConfig, itemPath, task, result);
} catch (SchemaException | ConfigurationException | ExpressionEvaluationException | ObjectNotFoundException | CommunicationException | SecurityViolationException e) {
throw new TunnelException(e);
}
LOGGER.trace("Item {} delta (default): {}", itemPath, itemDelta);
if (itemDelta != null && !itemDelta.isEmpty()) {
leftObjectDelta.addModification(itemDelta);
}
}
};
// noinspection unchecked
objectLeft.accept(visitor);
// noinspection unchecked
objectRight.accept(visitor);
} catch (TunnelException te) {
if (te.getCause() instanceof SchemaException) {
throw (SchemaException) te.getCause();
} else if (te.getCause() instanceof ConfigurationException) {
throw (ConfigurationException) te.getCause();
} else if (te.getCause() instanceof ExpressionEvaluationException) {
throw (ExpressionEvaluationException) te.getCause();
} else if (te.getCause() instanceof ObjectNotFoundException) {
throw (ObjectNotFoundException) te.getCause();
} else if (te.getCause() instanceof CommunicationException) {
throw (CommunicationException) te.getCause();
} else if (te.getCause() instanceof SecurityViolationException) {
throw (SecurityViolationException) te.getCause();
} else {
throw new SystemException("Unexpected exception: " + te, te);
}
}
}
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException)
CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException)
SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)
ItemMergeConfigurationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ItemMergeConfigurationType)
CompareResult(com.evolveum.midpoint.prism.path.ItemPath.CompareResult)
TunnelException(com.evolveum.midpoint.util.exception.TunnelException)
SystemException(com.evolveum.midpoint.util.exception.SystemException)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Example 25 with SKIP
use of com.evolveum.midpoint.xml.ns._public.common.common_3.PartialProcessingTypeType.SKIP in project midpoint by Evolveum.
the class ModelController method searchObjectsIterative.
@Override
public <T extends ObjectType> SearchResultMetadata searchObjectsIterative(Class<T> type, ObjectQuery origQuery, ResultHandler<T> handler, Collection<SelectorOptions<GetOperationOptions>> rawOptions, Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
Validate.notNull(type, "Object type must not be null.");
Validate.notNull(parentResult, "Result type must not be null.");
ObjectQuery query = origQuery != null ? origQuery.clone() : null;
if (query != null) {
ModelImplUtils.validatePaging(query.getPaging());
}
OP_LOGGER.trace("MODEL OP enter searchObjectsIterative({},{},{})", type.getSimpleName(), query, rawOptions);
final OperationResult result = parentResult.createSubresult(SEARCH_OBJECTS);
result.addParam(OperationResult.PARAM_QUERY, query);
final Collection<SelectorOptions<GetOperationOptions>> options = preProcessOptionsSecurity(rawOptions, task, result);
final GetOperationOptions rootOptions = SelectorOptions.findRootOptions(options);
ObjectTypes.ObjectManager searchProvider = ObjectTypes.getObjectManagerForClass(type);
if (searchProvider == null || searchProvider == ObjectTypes.ObjectManager.MODEL || GetOperationOptions.isRaw(rootOptions)) {
searchProvider = ObjectTypes.ObjectManager.REPOSITORY;
}
result.addArbitraryObjectAsParam("searchProvider", searchProvider);
// see MID-6115
ObjectQuery processedQuery = preProcessQuerySecurity(type, query, rootOptions, task, result);
if (isFilterNone(processedQuery, result)) {
LOGGER.trace("Skipping search because filter is NONE");
return null;
}
ResultHandler<T> internalHandler = (object, parentResult1) -> {
try {
object = object.cloneIfImmutable();
if (hookRegistry != null) {
for (ReadHook hook : hookRegistry.getAllReadHooks()) {
// TODO result or parentResult??? [med]
hook.invoke(object, options, task, result);
}
}
executeResolveOptions(object.asObjectable(), options, task, result);
schemaTransformer.applySchemasAndSecurity(object, rootOptions, options, null, task, parentResult1);
} catch (SchemaException | ObjectNotFoundException | SecurityViolationException | ExpressionEvaluationException | CommunicationException | ConfigurationException ex) {
parentResult1.recordFatalError(ex);
throw new SystemException(ex.getMessage(), ex);
}
OP_LOGGER.debug("MODEL OP handle searchObjects({},{},{}): {}", type.getSimpleName(), query, rawOptions, object);
if (OP_LOGGER.isTraceEnabled()) {
OP_LOGGER.trace("MODEL OP handle searchObjects({},{},{}):\n{}", type.getSimpleName(), query, rawOptions, object.debugDump(1));
}
return handler.handle(object, parentResult1);
};
SearchResultMetadata metadata;
try {
// skip using cache to avoid potentially many objects there (MID-4615, MID-4959)
enterModelMethodNoRepoCache();
logQuery(processedQuery);
try {
switch(searchProvider) {
case REPOSITORY:
metadata = cacheRepositoryService.searchObjectsIterative(type, processedQuery, internalHandler, options, true, result);
break;
case PROVISIONING:
metadata = provisioning.searchObjectsIterative(type, processedQuery, options, internalHandler, task, result);
break;
case TASK_MANAGER:
metadata = taskManager.searchObjectsIterative(type, processedQuery, options, internalHandler, result);
break;
default:
throw new AssertionError("Unexpected search provider: " + searchProvider);
}
result.computeStatusIfUnknown();
result.cleanupResult();
} catch (CommunicationException | ConfigurationException | ObjectNotFoundException | SchemaException | SecurityViolationException | ExpressionEvaluationException | RuntimeException | Error e) {
processSearchException(e, searchProvider, result);
throw e;
} finally {
if (LOGGER.isTraceEnabled()) {
LOGGER.trace(result.dump(false));
}
}
} finally {
exitModelMethodNoRepoCache();
}
if (OP_LOGGER.isDebugEnabled()) {
OP_LOGGER.debug("MODEL OP exit searchObjects({},{},{}): {}", type.getSimpleName(), query, rawOptions, metadata);
}
return metadata;
}
Also used :
GetOperationOptions.createReadOnlyCollection(com.evolveum.midpoint.schema.GetOperationOptions.createReadOnlyCollection)
ObjectDeltaType(com.evolveum.prism.xml.ns._public.types_3.ObjectDeltaType)
CaseManager(com.evolveum.midpoint.cases.api.CaseManager)
com.evolveum.midpoint.prism.query(com.evolveum.midpoint.prism.query)
SecurityContextManager(com.evolveum.midpoint.security.api.SecurityContextManager)
ChangeType(com.evolveum.midpoint.prism.delta.ChangeType)
AuthorizationConstants(com.evolveum.midpoint.security.api.AuthorizationConstants)
Autowired(org.springframework.beans.factory.annotation.Autowired)
DiffUtil(com.evolveum.midpoint.prism.delta.DiffUtil)
com.evolveum.midpoint.util.exception(com.evolveum.midpoint.util.exception)
InternalsConfig(com.evolveum.midpoint.schema.internals.InternalsConfig)
Collections.singletonList(java.util.Collections.singletonList)
OperationResultStatus(com.evolveum.midpoint.schema.result.OperationResultStatus)
QNameUtil(com.evolveum.midpoint.util.QNameUtil)
TaskActivityManager(com.evolveum.midpoint.repo.common.activity.TaskActivityManager)
AuditEventRecord(com.evolveum.midpoint.audit.api.AuditEventRecord)
com.evolveum.midpoint.prism(com.evolveum.midpoint.prism)
ObjectQueryUtil(com.evolveum.midpoint.schema.util.ObjectQueryUtil)
ScriptingExpressionEvaluator(com.evolveum.midpoint.model.impl.scripting.ScriptingExpressionEvaluator)
AuditHelper(com.evolveum.midpoint.model.common.util.AuditHelper)
OperationResultRunner(com.evolveum.midpoint.schema.result.OperationResultRunner)
ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta)
Collections.emptyList(java.util.Collections.emptyList)
MiscUtil(com.evolveum.midpoint.util.MiscUtil)
ExecutionContext(com.evolveum.midpoint.model.impl.scripting.ExecutionContext)
Task(com.evolveum.midpoint.task.api.Task)
Collectors(java.util.stream.Collectors)
Objects(java.util.Objects)
Nullable(org.jetbrains.annotations.Nullable)
DebugUtil.lazy(com.evolveum.midpoint.util.DebugUtil.lazy)
PolyStringType(com.evolveum.prism.xml.ns._public.types_3.PolyStringType)
SystemObjectCache(com.evolveum.midpoint.model.common.SystemObjectCache)
ProvisioningService(com.evolveum.midpoint.provisioning.api.ProvisioningService)
ExecuteScriptType(com.evolveum.midpoint.xml.ns._public.model.scripting_3.ExecuteScriptType)
QName(javax.xml.namespace.QName)
NotNull(org.jetbrains.annotations.NotNull)
Validate(org.apache.commons.lang.Validate)
ObjectImporter(com.evolveum.midpoint.model.impl.importer.ObjectImporter)
com.evolveum.midpoint.schema(com.evolveum.midpoint.schema)
EvaluationTimeType(com.evolveum.prism.xml.ns._public.types_3.EvaluationTimeType)
java.util(java.util)
CompareResultType(com.evolveum.midpoint.xml.ns._public.common.api_types_3.CompareResultType)
com.evolveum.midpoint.xml.ns._public.common.common_3(com.evolveum.midpoint.xml.ns._public.common.common_3)
ObjectTypeUtil.hasArchetype(com.evolveum.midpoint.schema.util.ObjectTypeUtil.hasArchetype)
SchemaConstants(com.evolveum.midpoint.schema.constants.SchemaConstants)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
Trace(com.evolveum.midpoint.util.logging.Trace)
TaskManager(com.evolveum.midpoint.task.api.TaskManager)
DebugUtil(com.evolveum.midpoint.util.DebugUtil)
LocalizationService(com.evolveum.midpoint.common.LocalizationService)
EventDispatcher(com.evolveum.midpoint.provisioning.api.EventDispatcher)
AuditEventStage(com.evolveum.midpoint.audit.api.AuditEventStage)
ModelImplUtils(com.evolveum.midpoint.model.impl.util.ModelImplUtils)
ItemDelta(com.evolveum.midpoint.prism.delta.ItemDelta)
CorrelationCaseManager(com.evolveum.midpoint.model.impl.correlator.CorrelationCaseManager)
RepositoryCache(com.evolveum.midpoint.repo.cache.RepositoryCache)
ReadHook(com.evolveum.midpoint.model.api.hooks.ReadHook)
com.evolveum.midpoint.model.api(com.evolveum.midpoint.model.api)
HookRegistry(com.evolveum.midpoint.model.api.hooks.HookRegistry)
ObjectTypeUtil(com.evolveum.midpoint.schema.util.ObjectTypeUtil)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
VariablesMap(com.evolveum.midpoint.schema.expression.VariablesMap)
ApprovalUtils(com.evolveum.midpoint.schema.util.cases.ApprovalUtils)
RepositoryService(com.evolveum.midpoint.repo.api.RepositoryService)
ProvisioningOperationOptions(com.evolveum.midpoint.provisioning.api.ProvisioningOperationOptions)
CloneUtil(com.evolveum.midpoint.prism.util.CloneUtil)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
ImportFromResourceLauncher(com.evolveum.midpoint.model.impl.sync.tasks.imp.ImportFromResourceLauncher)
com.evolveum.midpoint.model.impl.lens(com.evolveum.midpoint.model.impl.lens)
GuiProfiledPrincipalManager(com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipalManager)
AuthorizationParameters(com.evolveum.midpoint.security.enforcer.api.AuthorizationParameters)
SecurityEnforcer(com.evolveum.midpoint.security.enforcer.api.SecurityEnforcer)
ExternalResourceEvent(com.evolveum.midpoint.provisioning.api.ExternalResourceEvent)
CertificationManager(com.evolveum.midpoint.certification.api.CertificationManager)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
WorkItemId(com.evolveum.midpoint.schema.util.WorkItemId)
LoggingUtils(com.evolveum.midpoint.util.logging.LoggingUtils)
Component(org.springframework.stereotype.Component)
RepoAddOptions(com.evolveum.midpoint.repo.api.RepoAddOptions)
ItemName(com.evolveum.midpoint.prism.path.ItemName)
java.io(java.io)
AuditEventType(com.evolveum.midpoint.audit.api.AuditEventType)
ScriptingExpressionType(com.evolveum.midpoint.xml.ns._public.model.scripting_3.ScriptingExpressionType)
Protector(com.evolveum.midpoint.prism.crypto.Protector)
ShadowUtil(com.evolveum.midpoint.schema.util.ShadowUtil)
ModelObjectResolver(com.evolveum.midpoint.model.impl.ModelObjectResolver)
ObjectTypes(com.evolveum.midpoint.schema.constants.ObjectTypes)
TraceManager(com.evolveum.midpoint.util.logging.TraceManager)
ReadHook(com.evolveum.midpoint.model.api.hooks.ReadHook)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
ObjectTypes(com.evolveum.midpoint.schema.constants.ObjectTypes)
Aggregations
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)11
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)8
ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)7
Task (com.evolveum.midpoint.task.api.Task)6
ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)6
ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)5
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)5
QName (javax.xml.namespace.QName)5
SystemException (com.evolveum.midpoint.util.exception.SystemException)4
com.evolveum.midpoint.prism (com.evolveum.midpoint.prism)3
ItemDefinition (com.evolveum.midpoint.prism.ItemDefinition)3
PrismObject (com.evolveum.midpoint.prism.PrismObject)3
SchemaConstants (com.evolveum.midpoint.schema.constants.SchemaConstants)3
Trace (com.evolveum.midpoint.util.logging.Trace)3
TraceManager (com.evolveum.midpoint.util.logging.TraceManager)3
com.evolveum.midpoint.xml.ns._public.common.common_3 (com.evolveum.midpoint.xml.ns._public.common.common_3)3
CredentialsCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType)3
Collection (java.util.Collection)3
List (java.util.List)3
SynchronizationPolicyDecision (com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)2
