Search in sources :

Example 6 with SynchronizationSituationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.

the class AbstractInboundSyncTest method assertShadowOperationalData.

protected void assertShadowOperationalData(PrismObject<ShadowType> shadow, SynchronizationSituationType expectedSituation) {
    ShadowType shadowType = shadow.asObjectable();
    SynchronizationSituationType actualSituation = shadowType.getSynchronizationSituation();
    assertEquals("Wrong situation in shadow " + shadow, expectedSituation, actualSituation);
    XMLGregorianCalendar actualTimestampCal = shadowType.getSynchronizationTimestamp();
    assert actualTimestampCal != null : "No synchronization timestamp in shadow " + shadow;
    long actualTimestamp = XmlTypeConverter.toMillis(actualTimestampCal);
    assert actualTimestamp >= timeBeforeSync : "Synchronization timestamp was not updated in shadow " + shadow;
// TODO: assert sync description
}
Also used : SynchronizationSituationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)

Example 7 with SynchronizationSituationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.

the class AbstractObjTemplateSyncTest method assertShadowOperationalData.

protected void assertShadowOperationalData(PrismObject<ShadowType> shadow, SynchronizationSituationType expectedSituation) {
    ShadowType shadowType = shadow.asObjectable();
    SynchronizationSituationType actualSituation = shadowType.getSynchronizationSituation();
    assertEquals("Wrong situation in shadow " + shadow, expectedSituation, actualSituation);
    XMLGregorianCalendar actualTimestampCal = shadowType.getSynchronizationTimestamp();
    assert actualTimestampCal != null : "No synchronization timestamp in shadow " + shadow;
    long actualTimestamp = XmlTypeConverter.toMillis(actualTimestampCal);
    assert actualTimestamp >= timeBeforeSync : "Synchronization timestamp was not updated in shadow " + shadow;
// TODO: assert sync description
}
Also used : SynchronizationSituationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)

Example 8 with SynchronizationSituationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.

the class SynchronizationServiceImpl method determineSituation.

/**
	 * XXX: in situation when one account belongs to two different idm users
	 * (repository returns only first user, method
	 * {@link com.evolveum.midpoint.model.api.ModelService#findShadowOwner(String, Task, OperationResult)}
	 * (String, com.evolveum.midpoint.schema.result.OperationResult)} ). It
	 * should be changed because otherwise we can't find
	 * {@link SynchronizationSituationType#DISPUTED} situation
	 */
private <F extends FocusType> SynchronizationSituation determineSituation(Class<F> focusType, ResourceObjectShadowChangeDescription change, ObjectSynchronizationType synchronizationPolicy, SystemConfigurationType configurationType, Task task, OperationResult result) {
    OperationResult subResult = result.createSubresult(CHECK_SITUATION);
    LOGGER.trace("Determining situation for resource object shadow.");
    SynchronizationSituation situation = null;
    try {
        String shadowOid = getOidFromChange(change);
        Validate.notEmpty(shadowOid, "Couldn't get resource object shadow oid from change.");
        PrismObject<F> owner = repositoryService.searchShadowOwner(shadowOid, SelectorOptions.createCollection(GetOperationOptions.createAllowNotFound()), subResult);
        if (owner != null) {
            F ownerType = owner.asObjectable();
            LOGGER.trace("Shadow OID {} does have owner: {}", shadowOid, ownerType.getName());
            SynchronizationSituationType state = null;
            switch(getModificationType(change)) {
                case ADD:
                case MODIFY:
                    // if user is found it means account/group is linked to
                    // resource
                    state = SynchronizationSituationType.LINKED;
                    break;
                case DELETE:
                    state = SynchronizationSituationType.DELETED;
            }
            situation = new SynchronizationSituation<>(ownerType, null, state);
        } else {
            LOGGER.trace("Resource object shadow doesn't have owner.");
            situation = determineSituationWithCorrelation(focusType, change, synchronizationPolicy, owner, configurationType, task, result);
        }
    } catch (Exception ex) {
        LOGGER.error("Error occurred during resource object shadow owner lookup.");
        throw new SystemException("Error occurred during resource object shadow owner lookup, reason: " + ex.getMessage(), ex);
    } finally {
        subResult.computeStatus();
    }
    return situation;
}
Also used : SynchronizationSituationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType) SystemException(com.evolveum.midpoint.util.exception.SystemException) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) PolyString(com.evolveum.midpoint.prism.polystring.PolyString) ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) ObjectAlreadyExistsException(com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException) SystemException(com.evolveum.midpoint.util.exception.SystemException) CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException) PolicyViolationException(com.evolveum.midpoint.util.exception.PolicyViolationException) ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException) SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException)

Example 9 with SynchronizationSituationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.

the class SynchronizationServiceImpl method reactToChange.

private <F extends FocusType> SynchronizationSituationType reactToChange(Class<F> focusClass, ResourceObjectShadowChangeDescription change, ObjectSynchronizationType synchronizationPolicy, SynchronizationSituation<F> situation, ResourceType resource, boolean logDebug, PrismObject<SystemConfigurationType> configuration, Task task, OperationResult parentResult) throws ConfigurationException, ObjectNotFoundException, SchemaException, PolicyViolationException, ExpressionEvaluationException, ObjectAlreadyExistsException, CommunicationException, SecurityViolationException {
    SynchronizationSituationType newSituation = situation.getSituation();
    SynchronizationReactionType reactionDefinition = findReactionDefinition(synchronizationPolicy, situation, change.getSourceChannel(), resource);
    if (reactionDefinition == null) {
        LOGGER.trace("No reaction is defined for situation {} in {}", situation.getSituation(), resource);
        return newSituation;
    }
    // seems to be unused so commented it out [med]
    // PrismObject<? extends ObjectType> shadow = null;
    // if (change.getCurrentShadow() != null) {
    // shadow = change.getCurrentShadow();
    // } else if (change.getOldShadow() != null) {
    // shadow = change.getOldShadow();
    // }
    Boolean doReconciliation = determineReconciliation(synchronizationPolicy, reactionDefinition);
    if (doReconciliation == null) {
        // shadow.
        if (change.getObjectDelta() == null) {
            doReconciliation = true;
        }
    }
    Boolean limitPropagation = determinePropagationLimitation(synchronizationPolicy, reactionDefinition, change.getSourceChannel());
    ModelExecuteOptions options = new ModelExecuteOptions();
    options.setReconcile(doReconciliation);
    options.setLimitPropagation(limitPropagation);
    final boolean willSynchronize = isSynchronize(reactionDefinition);
    LensContext<F> lensContext = null;
    if (willSynchronize) {
        lensContext = createLensContext(focusClass, change, reactionDefinition, synchronizationPolicy, situation, options, configuration, parentResult);
    }
    if (LOGGER.isTraceEnabled() && lensContext != null) {
        LOGGER.trace("---[ SYNCHRONIZATION context before action execution ]-------------------------\n" + "{}\n------------------------------------------", lensContext.debugDump());
    }
    if (willSynchronize) {
        // there's no point in calling executeAction without context - so
        // the actions are executed only if synchronize == true
        executeActions(reactionDefinition, lensContext, situation, BeforeAfterType.BEFORE, resource, logDebug, task, parentResult);
        Iterator<LensProjectionContext> iterator = lensContext.getProjectionContextsIterator();
        LensProjectionContext originalProjectionContext = iterator.hasNext() ? iterator.next() : null;
        try {
            clockwork.run(lensContext, task, parentResult);
        } catch (ConfigurationException | ObjectNotFoundException | SchemaException | PolicyViolationException | ExpressionEvaluationException | ObjectAlreadyExistsException | CommunicationException | SecurityViolationException e) {
            LOGGER.error("SYNCHRONIZATION: Error in synchronization on {} for situation {}: {}: {}. Change was {}", new Object[] { resource, situation.getSituation(), e.getClass().getSimpleName(), e.getMessage(), change, e });
        // what to do here? We cannot throw the error back. All that the notifyChange method
        // could do is to convert it to SystemException. But that indicates an internal error and it will
        // break whatever code called the notifyChange in the first place. We do not want that.
        // If the clockwork could not do anything with the exception then perhaps nothing can be done at all.
        // So just log the error (the error should be remembered in the result and task already)
        // and then just go on.
        }
        // note: actions "AFTER" seem to be useless here (basically they
        // modify lens context - which is relevant only if followed by
        // clockwork run)
        executeActions(reactionDefinition, lensContext, situation, BeforeAfterType.AFTER, resource, logDebug, task, parentResult);
        if (originalProjectionContext != null) {
            newSituation = originalProjectionContext.getSynchronizationSituationResolved();
        }
    } else {
        LOGGER.trace("Skipping clockwork run on {} for situation {}, synchronize is set to false.", new Object[] { resource, situation.getSituation() });
    }
    return newSituation;
}
Also used : SynchronizationSituationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType) SynchronizationReactionType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationReactionType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) ExpressionEvaluationException(com.evolveum.midpoint.util.exception.ExpressionEvaluationException) CommunicationException(com.evolveum.midpoint.util.exception.CommunicationException) SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException) LensProjectionContext(com.evolveum.midpoint.model.impl.lens.LensProjectionContext) ModelExecuteOptions(com.evolveum.midpoint.model.api.ModelExecuteOptions) ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) PrismObject(com.evolveum.midpoint.prism.PrismObject) PolicyViolationException(com.evolveum.midpoint.util.exception.PolicyViolationException) ObjectAlreadyExistsException(com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException)

Example 10 with SynchronizationSituationType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.

the class SynchronizationServiceImpl method determineSituationWithCorrelation.

/**
	 * account is not linked to user. you have to use correlation and
	 * confirmation rule to be sure user for this account doesn't exists
	 * resourceShadow only contains the data that were in the repository before
	 * the change. But the correlation/confirmation should work on the updated
	 * data. Therefore let's apply the changes before running
	 * correlation/confirmation
	 */
private <F extends FocusType> SynchronizationSituation determineSituationWithCorrelation(Class<F> focusType, ResourceObjectShadowChangeDescription change, ObjectSynchronizationType synchronizationPolicy, PrismObject<F> owner, SystemConfigurationType configurationType, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException {
    if (ChangeType.DELETE.equals(getModificationType(change))) {
        // account was deleted and we know it didn't have owner
        return new SynchronizationSituation<>(owner == null ? null : owner.asObjectable(), null, SynchronizationSituationType.DELETED);
    }
    PrismObject<? extends ShadowType> resourceShadow = change.getCurrentShadow();
    ObjectDelta syncDelta = change.getObjectDelta();
    if (resourceShadow == null && syncDelta != null && ChangeType.ADD.equals(syncDelta.getChangeType())) {
        LOGGER.trace("Trying to compute current shadow from change delta add.");
        PrismObject<ShadowType> shadow = syncDelta.computeChangedObject(syncDelta.getObjectToAdd());
        resourceShadow = shadow;
        change.setCurrentShadow(shadow);
    }
    Validate.notNull(resourceShadow, "Current shadow must not be null.");
    ResourceType resource = change.getResource().asObjectable();
    validateResourceInShadow(resourceShadow.asObjectable(), resource);
    SynchronizationSituationType state = null;
    LOGGER.trace("SYNCHRONIZATION: CORRELATION: Looking for list of {} objects based on correlation rule.", focusType.getSimpleName());
    List<PrismObject<F>> users = correlationConfirmationEvaluator.findFocusesByCorrelationRule(focusType, resourceShadow.asObjectable(), synchronizationPolicy.getCorrelation(), resource, configurationType, task, result);
    if (users == null) {
        users = new ArrayList<>();
    }
    if (users.size() > 1) {
        if (synchronizationPolicy.getConfirmation() == null) {
            LOGGER.trace("SYNCHRONIZATION: CONFIRMATION: no confirmation defined.");
        } else {
            LOGGER.debug("SYNCHRONIZATION: CONFIRMATION: Checking objects from correlation with confirmation rule.");
            users = correlationConfirmationEvaluator.findUserByConfirmationRule(focusType, users, resourceShadow.asObjectable(), resource, configurationType, synchronizationPolicy.getConfirmation(), task, result);
        }
    }
    F user = null;
    switch(users.size()) {
        case 0:
            state = SynchronizationSituationType.UNMATCHED;
            break;
        case 1:
            switch(getModificationType(change)) {
                case ADD:
                case MODIFY:
                    state = SynchronizationSituationType.UNLINKED;
                    break;
                case DELETE:
                    state = SynchronizationSituationType.DELETED;
                    break;
            }
            user = users.get(0).asObjectable();
            break;
        default:
            state = SynchronizationSituationType.DISPUTED;
    }
    return new SynchronizationSituation(null, user, state);
}
Also used : SynchronizationSituationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType) PrismObject(com.evolveum.midpoint.prism.PrismObject) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) ResourceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType) ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta)

Aggregations

SynchronizationSituationType (com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType)9 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)7 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)4 ConfigurationException (com.evolveum.midpoint.util.exception.ConfigurationException)4 XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)4 PrismObject (com.evolveum.midpoint.prism.PrismObject)3 PropertyDelta (com.evolveum.midpoint.prism.delta.PropertyDelta)3 CommunicationException (com.evolveum.midpoint.util.exception.CommunicationException)3 ExpressionEvaluationException (com.evolveum.midpoint.util.exception.ExpressionEvaluationException)3 ObjectAlreadyExistsException (com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException)3 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)3 PolicyViolationException (com.evolveum.midpoint.util.exception.PolicyViolationException)3 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)3 SecurityViolationException (com.evolveum.midpoint.util.exception.SecurityViolationException)3 LoadableModel (com.evolveum.midpoint.gui.api.model.LoadableModel)2 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)2 ObjectFilter (com.evolveum.midpoint.prism.query.ObjectFilter)2 ObjectQuery (com.evolveum.midpoint.prism.query.ObjectQuery)2 SelectorOptions (com.evolveum.midpoint.schema.SelectorOptions)2 Task (com.evolveum.midpoint.task.api.Task)2