Example 1 with ResourceObjectReferenceType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType in project midpoint by Evolveum.
the class ResourceObjectReferenceResolver method resolve.
PrismObject<ShadowType> resolve(ProvisioningContext ctx, ResourceObjectReferenceType resourceObjectReference, QName objectClass, final String desc, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
if (resourceObjectReference == null) {
return null;
}
ObjectReferenceType shadowRef = resourceObjectReference.getShadowRef();
if (shadowRef != null && shadowRef.getOid() != null) {
if (resourceObjectReference.getResolutionFrequency() == null || resourceObjectReference.getResolutionFrequency() == ResourceObjectReferenceResolutionFrequencyType.ONCE) {
PrismObject<ShadowType> shadow = repositoryService.getObject(ShadowType.class, shadowRef.getOid(), null, result);
return shadow;
}
} else if (resourceObjectReference.getResolutionFrequency() == ResourceObjectReferenceResolutionFrequencyType.NEVER) {
throw new ObjectNotFoundException("No shadowRef OID in " + desc + " and resolution frequency set to NEVER");
}
if (resourceObjectReference.getObjectClass() != null) {
objectClass = resourceObjectReference.getObjectClass();
if (objectClass.getNamespaceURI() == null) {
objectClass = new QName(ResourceTypeUtil.getResourceNamespace(ctx.getResource()), objectClass.getLocalPart());
}
}
ProvisioningContext subctx = ctx.spawn(objectClass);
// Use "raw" definitions from the original schema to avoid endless loops
subctx.setUseRefinedDefinition(false);
subctx.assertDefinition();
ObjectQuery refQuery = QueryJaxbConvertor.createObjectQuery(ShadowType.class, resourceObjectReference.getFilter(), prismContext);
ObjectFilter baseFilter = ObjectQueryUtil.createResourceAndObjectClassFilter(ctx.getResource().getOid(), objectClass, prismContext);
ObjectFilter filter = AndFilter.createAnd(baseFilter, refQuery.getFilter());
ObjectQuery query = ObjectQuery.createObjectQuery(filter);
// TODO: implement "repo" search strategies
Collection<SelectorOptions<GetOperationOptions>> options = null;
final Holder<ShadowType> shadowHolder = new Holder<>();
ShadowHandler<ShadowType> handler = new ShadowHandler<ShadowType>() {
@Override
public boolean handle(ShadowType shadow) {
if (shadowHolder.getValue() != null) {
throw new IllegalStateException("More than one search results for " + desc);
}
shadowHolder.setValue(shadow);
return true;
}
};
shadowCache.searchObjectsIterative(subctx, query, options, handler, true, result);
// TODO: implement storage of OID (ONCE search frequency)
ShadowType shadowType = shadowHolder.getValue();
return shadowType == null ? null : shadowType.asPrismObject();
}
Also used :
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
QName(javax.xml.namespace.QName)
Holder(com.evolveum.midpoint.util.Holder)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
ResourceObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType)
ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)
SelectorOptions(com.evolveum.midpoint.schema.SelectorOptions)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Example 2 with ResourceObjectReferenceType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType in project midpoint by Evolveum.
the class EntitlementConverter method postProcessEntitlementEntitlementToSubject.
private <S extends ShadowType, T> void postProcessEntitlementEntitlementToSubject(ProvisioningContext subjectCtx, final PrismObject<S> resourceObject, RefinedAssociationDefinition assocDefType, final ProvisioningContext entitlementCtx, ResourceAttributeContainer attributesContainer, final PrismContainer<ShadowAssociationType> associationContainer, OperationResult parentResult) throws SchemaException, CommunicationException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
ResourceType resourceType = subjectCtx.getResource();
final QName associationName = assocDefType.getName();
final RefinedObjectClassDefinition entitlementDef = entitlementCtx.getObjectClassDefinition();
if (associationName == null) {
throw new SchemaException("No name in entitlement association " + assocDefType + " in " + resourceType);
}
QName associationAuxiliaryObjectClass = assocDefType.getAuxiliaryObjectClass();
if (associationAuxiliaryObjectClass != null && associationAuxiliaryObjectClass.getNamespaceURI() != null && !associationAuxiliaryObjectClass.getNamespaceURI().equals(ResourceTypeUtil.getResourceNamespace(resourceType))) {
LOGGER.warn("Auxiliary object class {} in association {} does not have namespace that matches {}", associationAuxiliaryObjectClass, assocDefType.getName(), resourceType);
}
if (associationAuxiliaryObjectClass != null && !subjectCtx.getObjectClassDefinition().hasAuxiliaryObjectClass(associationAuxiliaryObjectClass)) {
LOGGER.trace("Ignoring association {} because subject does not have auxiliary object class {}, it has {}", associationName, associationAuxiliaryObjectClass, subjectCtx.getObjectClassDefinition().getAuxiliaryObjectClassDefinitions());
return;
}
QName assocAttrName = assocDefType.getResourceObjectAssociationType().getAssociationAttribute();
if (assocAttrName == null) {
throw new SchemaException("No association attribute defined in entitlement association '" + associationName + "' in " + resourceType);
}
RefinedAttributeDefinition assocAttrDef = entitlementDef.findAttributeDefinition(assocAttrName);
if (assocAttrDef == null) {
throw new SchemaException("Association attribute '" + assocAttrName + "'defined in entitlement association '" + associationName + "' was not found in schema for " + resourceType);
}
QName valueAttrName = assocDefType.getResourceObjectAssociationType().getValueAttribute();
if (valueAttrName == null) {
throw new SchemaException("No value attribute defined in entitlement association '" + associationName + "' in " + resourceType);
}
ResourceAttribute<T> valueAttr = attributesContainer.findAttribute(valueAttrName);
if (valueAttr == null || valueAttr.isEmpty()) {
LOGGER.trace("Ignoring association {} because subject does not have any value in attribute {}", associationName, valueAttrName);
return;
}
if (valueAttr.size() > 1) {
throw new SchemaException("Value attribute " + valueAttrName + " has no more than one value; attribute defined in entitlement association '" + associationName + "' in " + resourceType);
}
ObjectQuery query = createQuery(assocDefType, assocAttrDef, valueAttr);
AttributesToReturn attributesToReturn = ProvisioningUtil.createAttributesToReturn(entitlementCtx);
SearchHierarchyConstraints searchHierarchyConstraints = null;
ResourceObjectReferenceType baseContextRef = entitlementDef.getBaseContext();
if (baseContextRef != null) {
// TODO: this should be done once per search. Not in every run of postProcessEntitlementEntitlementToSubject
// this has to go outside of this method
PrismObject<ShadowType> baseContextShadow = resourceObjectReferenceResolver.resolve(subjectCtx, baseContextRef, null, "base context specification in " + entitlementDef, parentResult);
RefinedObjectClassDefinition baseContextObjectClassDefinition = subjectCtx.getRefinedSchema().determineCompositeObjectClassDefinition(baseContextShadow);
ResourceObjectIdentification baseContextIdentification = ShadowUtil.getResourceObjectIdentification(baseContextShadow, baseContextObjectClassDefinition);
searchHierarchyConstraints = new SearchHierarchyConstraints(baseContextIdentification, null);
}
ResultHandler<ShadowType> handler = new ResultHandler<ShadowType>() {
@Override
public boolean handle(PrismObject<ShadowType> entitlementShadow) {
PrismContainerValue<ShadowAssociationType> associationCVal = associationContainer.createNewValue();
associationCVal.asContainerable().setName(associationName);
Collection<ResourceAttribute<?>> entitlementIdentifiers = ShadowUtil.getAllIdentifiers(entitlementShadow);
try {
ResourceAttributeContainer identifiersContainer = new ResourceAttributeContainer(ShadowAssociationType.F_IDENTIFIERS, entitlementDef.toResourceAttributeContainerDefinition(), prismContext);
associationCVal.add(identifiersContainer);
identifiersContainer.getValue().addAll(ResourceAttribute.cloneCollection(entitlementIdentifiers));
// Remember the full shadow in user data. This is used later as an optimization to create the shadow in repo
identifiersContainer.setUserData(ResourceObjectConverter.FULL_SHADOW_KEY, entitlementShadow);
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("Processed entitlement-to-subject association for account {} and entitlement {}", ShadowUtil.getHumanReadableName(resourceObject), ShadowUtil.getHumanReadableName(entitlementShadow));
}
} catch (SchemaException e) {
throw new TunnelException(e);
}
return true;
}
};
ConnectorInstance connector = subjectCtx.getConnector(ReadCapabilityType.class, parentResult);
try {
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("Processed entitlement-to-subject association for account {}: query {}", ShadowUtil.getHumanReadableName(resourceObject), query);
}
try {
connector.search(entitlementDef, query, handler, attributesToReturn, null, searchHierarchyConstraints, subjectCtx, parentResult);
} catch (GenericFrameworkException e) {
throw new GenericConnectorException("Generic error in the connector " + connector + ". Reason: " + e.getMessage(), e);
}
} catch (TunnelException e) {
throw (SchemaException) e.getCause();
}
}
Also used :
AttributesToReturn(com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn)
ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)
ResultHandler(com.evolveum.midpoint.provisioning.ucf.api.ResultHandler)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
TunnelException(com.evolveum.midpoint.util.exception.TunnelException)
SearchHierarchyConstraints(com.evolveum.midpoint.schema.processor.SearchHierarchyConstraints)
ResourceObjectIdentification(com.evolveum.midpoint.schema.processor.ResourceObjectIdentification)
GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException)
ResourceObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType)
ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)
ShadowAssociationType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
GenericFrameworkException(com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException)
QName(javax.xml.namespace.QName)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
ResourceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
ConnectorInstance(com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance)
Example 3 with ResourceObjectReferenceType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType in project midpoint by Evolveum.
the class ResourceObjectReferenceResolver method resolve.
/**
* Resolves a {@link ResourceObjectReferenceType}.
*
* @param useRawDefinition If true, object class definition is used (instead of object type definition).
* This is to avoid endless recursion when resolving the base context for object type.
*/
@Nullable
PrismObject<ShadowType> resolve(@NotNull ProvisioningContext ctx, @NotNull ResourceObjectReferenceType resourceObjectReference, boolean useRawDefinition, @NotNull String desc, @NotNull OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
ObjectReferenceType shadowRef = resourceObjectReference.getShadowRef();
if (shadowRef != null && shadowRef.getOid() != null) {
if (resourceObjectReference.getResolutionFrequency() == null || resourceObjectReference.getResolutionFrequency() == ResourceObjectReferenceResolutionFrequencyType.ONCE) {
PrismObject<ShadowType> shadow = repositoryService.getObject(ShadowType.class, shadowRef.getOid(), null, result);
shadowsFacade.applyDefinition(shadow, ctx.getTask(), result);
return shadow;
}
} else if (resourceObjectReference.getResolutionFrequency() == ResourceObjectReferenceResolutionFrequencyType.NEVER) {
throw new ObjectNotFoundException("No shadowRef OID in " + desc + " and resolution frequency set to NEVER");
}
argCheck(resourceObjectReference.getObjectClass() != null, "No object class name in object reference in %s", desc);
QName objectClassName = QNameUtil.qualifyIfNeeded(resourceObjectReference.getObjectClass(), MidPointConstants.NS_RI);
ProvisioningContext subCtx = useRawDefinition ? ctx.spawnForObjectClassWithRawDefinition(objectClassName) : ctx.spawnForObjectClass(objectClassName);
subCtx.assertDefinition();
ObjectQuery refQuery = prismContext.getQueryConverter().createObjectQuery(ShadowType.class, resourceObjectReference.getFilter());
// No variables. At least not now. We expect that mostly constants will be used here.
VariablesMap variables = new VariablesMap();
ObjectQuery evaluatedRefQuery = ExpressionUtil.evaluateQueryExpressions(refQuery, variables, MiscSchemaUtil.getExpressionProfile(), expressionFactory, prismContext, desc, ctx.getTask(), result);
ObjectFilter baseFilter = ObjectQueryUtil.createResourceAndObjectClassFilter(ctx.getResource().getOid(), objectClassName, prismContext);
ObjectFilter filter = prismContext.queryFactory().createAnd(baseFilter, evaluatedRefQuery.getFilter());
ObjectQuery query = prismContext.queryFactory().createQuery(filter);
// TODO: implement "repo" search strategies, don't forget to apply definitions
Holder<PrismObject<ShadowType>> shadowHolder = new Holder<>();
ResultHandler<ShadowType> handler = (shadow, objResult) -> {
if (shadowHolder.getValue() != null) {
throw new IllegalStateException("More than one search results for " + desc);
}
shadowHolder.setValue(shadow);
return true;
};
shadowsFacade.searchObjectsIterative(subCtx, query, null, handler, result);
return shadowHolder.getValue();
}
Also used :
ResourceAttributeDefinition(com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)
ConnectorInstance(com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance)
QNameUtil(com.evolveum.midpoint.util.QNameUtil)
MiscSchemaUtil(com.evolveum.midpoint.schema.util.MiscSchemaUtil)
ObjectQueryUtil(com.evolveum.midpoint.schema.util.ObjectQueryUtil)
ResultHandler(com.evolveum.midpoint.schema.ResultHandler)
Holder(com.evolveum.midpoint.util.Holder)
PrismProperty(com.evolveum.midpoint.prism.PrismProperty)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
Collection(java.util.Collection)
GenericFrameworkException(com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException)
Nullable(org.jetbrains.annotations.Nullable)
ExpressionFactory(com.evolveum.midpoint.repo.common.expression.ExpressionFactory)
ReadCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ReadCapabilityType)
ShadowsFacade(com.evolveum.midpoint.provisioning.impl.shadows.ShadowsFacade)
ExpressionUtil(com.evolveum.midpoint.repo.common.expression.ExpressionUtil)
CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException)
QName(javax.xml.namespace.QName)
NotNull(org.jetbrains.annotations.NotNull)
ResourceObjectDefinition(com.evolveum.midpoint.schema.processor.ResourceObjectDefinition)
com.evolveum.midpoint.xml.ns._public.common.common_3(com.evolveum.midpoint.xml.ns._public.common.common_3)
PrismContainer(com.evolveum.midpoint.prism.PrismContainer)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
Trace(com.evolveum.midpoint.util.logging.Trace)
PrettyPrinter(com.evolveum.midpoint.util.PrettyPrinter)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException)
ArrayList(java.util.ArrayList)
GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException)
ProvisioningContext(com.evolveum.midpoint.provisioning.impl.ProvisioningContext)
SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)
PrismContext(com.evolveum.midpoint.prism.PrismContext)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
VariablesMap(com.evolveum.midpoint.schema.expression.VariablesMap)
RepositoryService(com.evolveum.midpoint.repo.api.RepositoryService)
Containerable(com.evolveum.midpoint.prism.Containerable)
AttributesToReturn(com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
ResourceObjectIdentification(com.evolveum.midpoint.schema.processor.ResourceObjectIdentification)
Component(org.springframework.stereotype.Component)
MidPointConstants(com.evolveum.midpoint.schema.constants.MidPointConstants)
ShadowUtil(com.evolveum.midpoint.schema.util.ShadowUtil)
MiscUtil.argCheck(com.evolveum.midpoint.util.MiscUtil.argCheck)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
TraceManager(com.evolveum.midpoint.util.logging.TraceManager)
ShadowManager(com.evolveum.midpoint.provisioning.impl.shadows.manager.ShadowManager)
QName(javax.xml.namespace.QName)
Holder(com.evolveum.midpoint.util.Holder)
ObjectFilter(com.evolveum.midpoint.prism.query.ObjectFilter)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
ProvisioningContext(com.evolveum.midpoint.provisioning.impl.ProvisioningContext)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)
VariablesMap(com.evolveum.midpoint.schema.expression.VariablesMap)
Nullable(org.jetbrains.annotations.Nullable)
Example 4 with ResourceObjectReferenceType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType in project midpoint by Evolveum.
the class ResourceObjectConverter method searchResourceObjects.
public SearchResultMetadata searchResourceObjects(final ProvisioningContext ctx, final ResultHandler<ShadowType> resultHandler, ObjectQuery query, final boolean fetchAssociations, final OperationResult parentResult) throws SchemaException, CommunicationException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
LOGGER.trace("Searching resource objects, query: {}", query);
RefinedObjectClassDefinition objectClassDef = ctx.getObjectClassDefinition();
AttributesToReturn attributesToReturn = ProvisioningUtil.createAttributesToReturn(ctx);
SearchHierarchyConstraints searchHierarchyConstraints = null;
ResourceObjectReferenceType baseContextRef = objectClassDef.getBaseContext();
if (baseContextRef != null) {
PrismObject<ShadowType> baseContextShadow = resourceObjectReferenceResolver.resolve(ctx, baseContextRef, null, "base context specification in " + objectClassDef, parentResult);
if (baseContextShadow == null) {
throw new ObjectNotFoundException("No base context defined by " + baseContextRef + " in base context specification in " + objectClassDef);
}
RefinedObjectClassDefinition baseContextObjectClassDefinition = ctx.getRefinedSchema().determineCompositeObjectClassDefinition(baseContextShadow);
ResourceObjectIdentification baseContextIdentification = ShadowUtil.getResourceObjectIdentification(baseContextShadow, baseContextObjectClassDefinition);
searchHierarchyConstraints = new SearchHierarchyConstraints(baseContextIdentification, null);
}
if (InternalsConfig.consistencyChecks && query != null && query.getFilter() != null) {
query.getFilter().checkConsistence(true);
}
ConnectorInstance connector = ctx.getConnector(ReadCapabilityType.class, parentResult);
SearchResultMetadata metadata = null;
try {
metadata = connector.search(objectClassDef, query, (shadow) -> {
// in order to utilize the cache right from the beginning...
RepositoryCache.enter();
try {
try {
shadow = postProcessResourceObjectRead(ctx, shadow, fetchAssociations, parentResult);
} catch (SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ObjectNotFoundException | ExpressionEvaluationException e) {
throw new TunnelException(e);
}
return resultHandler.handle(shadow);
} finally {
RepositoryCache.exit();
}
}, attributesToReturn, objectClassDef.getPagedSearches(), searchHierarchyConstraints, ctx, parentResult);
} catch (GenericFrameworkException e) {
parentResult.recordFatalError("Generic error in the connector: " + e.getMessage(), e);
throw new SystemException("Generic error in the connector: " + e.getMessage(), e);
} catch (CommunicationException ex) {
parentResult.recordFatalError("Error communicating with the connector " + connector + ": " + ex.getMessage(), ex);
throw new CommunicationException("Error communicating with the connector " + connector + ": " + ex.getMessage(), ex);
} catch (SecurityViolationException ex) {
parentResult.recordFatalError("Security violation communicating with the connector " + connector + ": " + ex.getMessage(), ex);
throw new SecurityViolationException("Security violation communicating with the connector " + connector + ": " + ex.getMessage(), ex);
} catch (TunnelException e) {
Throwable cause = e.getCause();
if (cause instanceof SchemaException) {
throw (SchemaException) cause;
} else if (cause instanceof CommunicationException) {
throw (CommunicationException) cause;
} else if (cause instanceof ObjectNotFoundException) {
throw (ObjectNotFoundException) cause;
} else if (cause instanceof ConfigurationException) {
throw (ConfigurationException) cause;
} else if (cause instanceof SecurityViolationException) {
throw (SecurityViolationException) cause;
} else if (cause instanceof ExpressionEvaluationException) {
throw (ExpressionEvaluationException) cause;
} else if (cause instanceof GenericFrameworkException) {
throw new GenericConnectorException(cause.getMessage(), cause);
} else {
throw new SystemException(cause.getMessage(), cause);
}
}
computeResultStatus(parentResult);
LOGGER.trace("Searching resource objects done: {}", parentResult.getStatus());
return metadata;
}
Also used :
StringUtils(org.apache.commons.lang.StringUtils)
ActivationCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
com.evolveum.midpoint.util.exception(com.evolveum.midpoint.util.exception)
InternalsConfig(com.evolveum.midpoint.schema.internals.InternalsConfig)
OperationResultStatus(com.evolveum.midpoint.schema.result.OperationResultStatus)
com.evolveum.midpoint.common.refinery(com.evolveum.midpoint.common.refinery)
AsynchronousOperationReturnValue(com.evolveum.midpoint.schema.result.AsynchronousOperationReturnValue)
com.evolveum.midpoint.prism(com.evolveum.midpoint.prism)
ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta)
ResourceTypeUtil(com.evolveum.midpoint.schema.util.ResourceTypeUtil)
MatchingRuleRegistry(com.evolveum.midpoint.prism.match.MatchingRuleRegistry)
AsynchronousOperationQueryable(com.evolveum.midpoint.schema.result.AsynchronousOperationQueryable)
ResourceShadowDiscriminator(com.evolveum.midpoint.schema.ResourceShadowDiscriminator)
DeleteCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.DeleteCapabilityType)
ReadCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ReadCapabilityType)
UpdateCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.UpdateCapabilityType)
Entry(java.util.Map.Entry)
PropertyDelta(com.evolveum.midpoint.prism.delta.PropertyDelta)
SearchResultMetadata(com.evolveum.midpoint.schema.SearchResultMetadata)
QName(javax.xml.namespace.QName)
NotNull(org.jetbrains.annotations.NotNull)
Clock(com.evolveum.midpoint.common.Clock)
Validate(org.apache.commons.lang.Validate)
CreateCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CreateCapabilityType)
java.util(java.util)
com.evolveum.midpoint.util(com.evolveum.midpoint.util)
com.evolveum.midpoint.xml.ns._public.common.common_3(com.evolveum.midpoint.xml.ns._public.common.common_3)
SchemaConstants(com.evolveum.midpoint.schema.constants.SchemaConstants)
OperationResult(com.evolveum.midpoint.schema.result.OperationResult)
Trace(com.evolveum.midpoint.util.logging.Trace)
ItemDelta(com.evolveum.midpoint.prism.delta.ItemDelta)
GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException)
RepositoryCache(com.evolveum.midpoint.repo.cache.RepositoryCache)
JavaTypeConverter(com.evolveum.midpoint.prism.util.JavaTypeConverter)
ObjectTypeUtil(com.evolveum.midpoint.schema.util.ObjectTypeUtil)
SchemaDebugUtil(com.evolveum.midpoint.schema.util.SchemaDebugUtil)
CapabilityUtil(com.evolveum.midpoint.schema.CapabilityUtil)
AddRemoveAttributeValuesCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.AddRemoveAttributeValuesCapabilityType)
ContainerDelta(com.evolveum.midpoint.prism.delta.ContainerDelta)
PrismUtil(com.evolveum.midpoint.prism.util.PrismUtil)
LiveSyncCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.LiveSyncCapabilityType)
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
QueryBuilder(com.evolveum.midpoint.prism.query.builder.QueryBuilder)
MatchingRule(com.evolveum.midpoint.prism.match.MatchingRule)
Component(org.springframework.stereotype.Component)
com.evolveum.midpoint.provisioning.ucf.api(com.evolveum.midpoint.provisioning.ucf.api)
com.evolveum.midpoint.schema.processor(com.evolveum.midpoint.schema.processor)
AsynchronousOperationResult(com.evolveum.midpoint.schema.result.AsynchronousOperationResult)
ActivationStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)
ProvisioningUtil(com.evolveum.midpoint.provisioning.util.ProvisioningUtil)
ShadowUtil(com.evolveum.midpoint.schema.util.ShadowUtil)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
ActivationLockoutStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType)
TraceManager(com.evolveum.midpoint.util.logging.TraceManager)
SearchResultMetadata(com.evolveum.midpoint.schema.SearchResultMetadata)
GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException)
Example 5 with ResourceObjectReferenceType
use of com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType in project midpoint by Evolveum.
the class EntitlementConverter method collectEntitlementsAsObjectOperationDelete.
/////////
// DELETE
/////////
/**
* This is somehow different that all the other methods. We are not following the content of a shadow or delta. We are following
* the definitions. This is to avoid the need to read the object that is going to be deleted. In fact, the object should not be there
* any more, but we still want to clean up entitlement membership based on the information from the shadow.
*/
public <T> void collectEntitlementsAsObjectOperationDelete(ProvisioningContext subjectCtx, final Map<ResourceObjectDiscriminator, ResourceObjectOperations> roMap, PrismObject<ShadowType> subjectShadow, OperationResult parentResult) throws SchemaException, CommunicationException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
Collection<RefinedAssociationDefinition> entitlementAssociationDefs = subjectCtx.getObjectClassDefinition().getAssociationDefinitions();
if (entitlementAssociationDefs == null || entitlementAssociationDefs.isEmpty()) {
// Nothing to do
LOGGER.trace("No associations in deleted shadow");
return;
}
ResourceAttributeContainer subjectAttributesContainer = ShadowUtil.getAttributesContainer(subjectShadow);
for (final RefinedAssociationDefinition assocDefType : subjectCtx.getObjectClassDefinition().getAssociationDefinitions()) {
if (assocDefType.getResourceObjectAssociationType().getDirection() != ResourceObjectAssociationDirectionType.OBJECT_TO_SUBJECT) {
// We can ignore these. They will die together with the object. No need to explicitly delete them.
LOGGER.trace("Ignoring subject-to-object association in deleted shadow");
continue;
}
if (!assocDefType.requiresExplicitReferentialIntegrity()) {
// Referential integrity not required for this one
LOGGER.trace("Ignoring association in deleted shadow because it does not require explicit referential integrity assurance");
continue;
}
if (assocDefType.getAuxiliaryObjectClass() != null && !subjectCtx.getObjectClassDefinition().hasAuxiliaryObjectClass(assocDefType.getAuxiliaryObjectClass())) {
LOGGER.trace("Ignoring association in deleted shadow because subject does not have {} auxiliary object class", assocDefType.getAuxiliaryObjectClass());
continue;
}
QName associationName = assocDefType.getName();
if (associationName == null) {
throw new SchemaException("No name in entitlement association " + assocDefType + " in " + subjectCtx.getResource());
}
ShadowKindType entitlementKind = assocDefType.getKind();
if (entitlementKind == null) {
entitlementKind = ShadowKindType.ENTITLEMENT;
}
for (String entitlementIntent : assocDefType.getIntents()) {
final ProvisioningContext entitlementCtx = subjectCtx.spawn(entitlementKind, entitlementIntent);
final RefinedObjectClassDefinition entitlementOcDef = entitlementCtx.getObjectClassDefinition();
if (entitlementOcDef == null) {
throw new SchemaException("No definition for entitlement intent(s) '" + assocDefType.getIntents() + "' defined in entitlement association " + associationName + " in " + subjectCtx.getResource());
}
final QName assocAttrName = assocDefType.getResourceObjectAssociationType().getAssociationAttribute();
if (assocAttrName == null) {
throw new SchemaException("No association attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
}
final RefinedAttributeDefinition assocAttrDef = entitlementOcDef.findAttributeDefinition(assocAttrName);
if (assocAttrDef == null) {
throw new SchemaException("Association attribute '" + assocAttrName + "'defined in entitlement association '" + associationName + "' was not found in schema for " + subjectCtx.getResource());
}
QName valueAttrName = assocDefType.getResourceObjectAssociationType().getValueAttribute();
if (valueAttrName == null) {
throw new SchemaException("No value attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
}
final ResourceAttribute<T> valueAttr = subjectAttributesContainer.findAttribute(valueAttrName);
if (valueAttr == null || valueAttr.isEmpty()) {
// Although we cannot really remedy the situation now, we at least throw an error so the problem is detected.
throw new SchemaException("Value attribute " + valueAttrName + " has no value; attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
}
if (valueAttr.size() > 1) {
throw new SchemaException("Value attribute " + valueAttrName + " has no more than one value; attribute defined in entitlement association '" + associationName + "' in " + subjectCtx.getResource());
}
ObjectQuery query = createQuery(assocDefType, assocAttrDef, valueAttr);
AttributesToReturn attributesToReturn = ProvisioningUtil.createAttributesToReturn(entitlementCtx);
SearchHierarchyConstraints searchHierarchyConstraints = null;
ResourceObjectReferenceType baseContextRef = entitlementOcDef.getBaseContext();
if (baseContextRef != null) {
PrismObject<ShadowType> baseContextShadow = resourceObjectReferenceResolver.resolve(subjectCtx, baseContextRef, null, "base context specification in " + entitlementOcDef, parentResult);
RefinedObjectClassDefinition baseContextObjectClassDefinition = subjectCtx.getRefinedSchema().determineCompositeObjectClassDefinition(baseContextShadow);
ResourceObjectIdentification baseContextIdentification = ShadowUtil.getResourceObjectIdentification(baseContextShadow, baseContextObjectClassDefinition);
searchHierarchyConstraints = new SearchHierarchyConstraints(baseContextIdentification, null);
}
ResultHandler<ShadowType> handler = new ResultHandler<ShadowType>() {
@Override
public boolean handle(PrismObject<ShadowType> entitlementShadow) {
Collection<? extends ResourceAttribute<?>> primaryIdentifiers = ShadowUtil.getPrimaryIdentifiers(entitlementShadow);
ResourceObjectDiscriminator disc = new ResourceObjectDiscriminator(entitlementOcDef.getTypeName(), primaryIdentifiers);
ResourceObjectOperations operations = roMap.get(disc);
if (operations == null) {
operations = new ResourceObjectOperations();
roMap.put(disc, operations);
operations.setResourceObjectContext(entitlementCtx);
Collection<? extends ResourceAttribute<?>> allIdentifiers = ShadowUtil.getAllIdentifiers(entitlementShadow);
operations.setAllIdentifiers(allIdentifiers);
}
PropertyDelta<T> attributeDelta = null;
for (Operation operation : operations.getOperations()) {
if (operation instanceof PropertyModificationOperation) {
PropertyModificationOperation propOp = (PropertyModificationOperation) operation;
if (propOp.getPropertyDelta().getElementName().equals(assocAttrName)) {
attributeDelta = propOp.getPropertyDelta();
}
}
}
if (attributeDelta == null) {
attributeDelta = assocAttrDef.createEmptyDelta(new ItemPath(ShadowType.F_ATTRIBUTES, assocAttrName));
PropertyModificationOperation attributeModification = new PropertyModificationOperation(attributeDelta);
attributeModification.setMatchingRuleQName(assocDefType.getMatchingRule());
operations.add(attributeModification);
}
attributeDelta.addValuesToDelete(valueAttr.getClonedValues());
if (LOGGER.isTraceEnabled()) {
LOGGER.trace("Association in deleted shadow delta:\n{}", attributeDelta.debugDump());
}
return true;
}
};
try {
LOGGER.trace("Searching for associations in deleted shadow, query: {}", query);
ConnectorInstance connector = subjectCtx.getConnector(ReadCapabilityType.class, parentResult);
connector.search(entitlementOcDef, query, handler, attributesToReturn, null, searchHierarchyConstraints, subjectCtx, parentResult);
} catch (TunnelException e) {
throw (SchemaException) e.getCause();
} catch (GenericFrameworkException e) {
throw new GenericConnectorException(e.getMessage(), e);
}
}
}
}
Also used :
AttributesToReturn(com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn)
ResourceAttributeContainer(com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)
ResultHandler(com.evolveum.midpoint.provisioning.ucf.api.ResultHandler)
Operation(com.evolveum.midpoint.provisioning.ucf.api.Operation)
PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation)
PrismObject(com.evolveum.midpoint.prism.PrismObject)
TunnelException(com.evolveum.midpoint.util.exception.TunnelException)
SearchHierarchyConstraints(com.evolveum.midpoint.schema.processor.SearchHierarchyConstraints)
ResourceObjectIdentification(com.evolveum.midpoint.schema.processor.ResourceObjectIdentification)
GenericConnectorException(com.evolveum.midpoint.provisioning.api.GenericConnectorException)
PropertyModificationOperation(com.evolveum.midpoint.provisioning.ucf.api.PropertyModificationOperation)
ResourceObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType)
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
GenericFrameworkException(com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException)
QName(javax.xml.namespace.QName)
ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)
ObjectQuery(com.evolveum.midpoint.prism.query.ObjectQuery)
ConnectorInstance(com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance)
ShadowKindType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType)
ItemPath(com.evolveum.midpoint.prism.path.ItemPath)
Aggregations
ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)5
QName (javax.xml.namespace.QName)5
GenericConnectorException (com.evolveum.midpoint.provisioning.api.GenericConnectorException)4
PrismObject (com.evolveum.midpoint.prism.PrismObject)3
AttributesToReturn (com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn)3
ConnectorInstance (com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance)3
GenericFrameworkException (com.evolveum.midpoint.provisioning.ucf.api.GenericFrameworkException)3
ResourceObjectIdentification (com.evolveum.midpoint.schema.processor.ResourceObjectIdentification)3
ItemPath (com.evolveum.midpoint.prism.path.ItemPath)2
ObjectFilter (com.evolveum.midpoint.prism.query.ObjectFilter)2
ResultHandler (com.evolveum.midpoint.provisioning.ucf.api.ResultHandler)2
ResourceAttribute (com.evolveum.midpoint.schema.processor.ResourceAttribute)2
ResourceAttributeContainer (com.evolveum.midpoint.schema.processor.ResourceAttributeContainer)2
SearchHierarchyConstraints (com.evolveum.midpoint.schema.processor.SearchHierarchyConstraints)2
OperationResult (com.evolveum.midpoint.schema.result.OperationResult)2
Holder (com.evolveum.midpoint.util.Holder)2
ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)2
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)2
ResourceObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectReferenceType)2
ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)2
