use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.
the class AbstractInboundSyncTest method assertShadowOperationalData.
protected void assertShadowOperationalData(PrismObject<ShadowType> shadow, SynchronizationSituationType expectedSituation) {
ShadowType shadowType = shadow.asObjectable();
SynchronizationSituationType actualSituation = shadowType.getSynchronizationSituation();
assertEquals("Wrong situation in shadow " + shadow, expectedSituation, actualSituation);
XMLGregorianCalendar actualTimestampCal = shadowType.getSynchronizationTimestamp();
assert actualTimestampCal != null : "No synchronization timestamp in shadow " + shadow;
long actualTimestamp = XmlTypeConverter.toMillis(actualTimestampCal);
assert actualTimestamp >= timeBeforeSync : "Synchronization timestamp was not updated in shadow " + shadow;
// TODO: assert sync description
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.
the class AbstractObjTemplateSyncTest method assertShadowOperationalData.
protected void assertShadowOperationalData(PrismObject<ShadowType> shadow, SynchronizationSituationType expectedSituation) {
ShadowType shadowType = shadow.asObjectable();
SynchronizationSituationType actualSituation = shadowType.getSynchronizationSituation();
assertEquals("Wrong situation in shadow " + shadow, expectedSituation, actualSituation);
XMLGregorianCalendar actualTimestampCal = shadowType.getSynchronizationTimestamp();
assert actualTimestampCal != null : "No synchronization timestamp in shadow " + shadow;
long actualTimestamp = XmlTypeConverter.toMillis(actualTimestampCal);
assert actualTimestamp >= timeBeforeSync : "Synchronization timestamp was not updated in shadow " + shadow;
// TODO: assert sync description
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.
the class SynchronizationServiceImpl method determineSituation.
/**
* XXX: in situation when one account belongs to two different idm users
* (repository returns only first user, method
* {@link com.evolveum.midpoint.model.api.ModelService#findShadowOwner(String, Task, OperationResult)}
* (String, com.evolveum.midpoint.schema.result.OperationResult)} ). It
* should be changed because otherwise we can't find
* {@link SynchronizationSituationType#DISPUTED} situation
*/
private <F extends FocusType> SynchronizationSituation determineSituation(Class<F> focusType, ResourceObjectShadowChangeDescription change, ObjectSynchronizationType synchronizationPolicy, SystemConfigurationType configurationType, Task task, OperationResult result) {
OperationResult subResult = result.createSubresult(CHECK_SITUATION);
LOGGER.trace("Determining situation for resource object shadow.");
SynchronizationSituation situation = null;
try {
String shadowOid = getOidFromChange(change);
Validate.notEmpty(shadowOid, "Couldn't get resource object shadow oid from change.");
PrismObject<F> owner = repositoryService.searchShadowOwner(shadowOid, SelectorOptions.createCollection(GetOperationOptions.createAllowNotFound()), subResult);
if (owner != null) {
F ownerType = owner.asObjectable();
LOGGER.trace("Shadow OID {} does have owner: {}", shadowOid, ownerType.getName());
SynchronizationSituationType state = null;
switch(getModificationType(change)) {
case ADD:
case MODIFY:
// if user is found it means account/group is linked to
// resource
state = SynchronizationSituationType.LINKED;
break;
case DELETE:
state = SynchronizationSituationType.DELETED;
}
situation = new SynchronizationSituation<>(ownerType, null, state);
} else {
LOGGER.trace("Resource object shadow doesn't have owner.");
situation = determineSituationWithCorrelation(focusType, change, synchronizationPolicy, owner, configurationType, task, result);
}
} catch (Exception ex) {
LOGGER.error("Error occurred during resource object shadow owner lookup.");
throw new SystemException("Error occurred during resource object shadow owner lookup, reason: " + ex.getMessage(), ex);
} finally {
subResult.computeStatus();
}
return situation;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.
the class SynchronizationServiceImpl method reactToChange.
private <F extends FocusType> SynchronizationSituationType reactToChange(Class<F> focusClass, ResourceObjectShadowChangeDescription change, ObjectSynchronizationType synchronizationPolicy, SynchronizationSituation<F> situation, ResourceType resource, boolean logDebug, PrismObject<SystemConfigurationType> configuration, Task task, OperationResult parentResult) throws ConfigurationException, ObjectNotFoundException, SchemaException, PolicyViolationException, ExpressionEvaluationException, ObjectAlreadyExistsException, CommunicationException, SecurityViolationException {
SynchronizationSituationType newSituation = situation.getSituation();
SynchronizationReactionType reactionDefinition = findReactionDefinition(synchronizationPolicy, situation, change.getSourceChannel(), resource);
if (reactionDefinition == null) {
LOGGER.trace("No reaction is defined for situation {} in {}", situation.getSituation(), resource);
return newSituation;
}
// seems to be unused so commented it out [med]
// PrismObject<? extends ObjectType> shadow = null;
// if (change.getCurrentShadow() != null) {
// shadow = change.getCurrentShadow();
// } else if (change.getOldShadow() != null) {
// shadow = change.getOldShadow();
// }
Boolean doReconciliation = determineReconciliation(synchronizationPolicy, reactionDefinition);
if (doReconciliation == null) {
// shadow.
if (change.getObjectDelta() == null) {
doReconciliation = true;
}
}
Boolean limitPropagation = determinePropagationLimitation(synchronizationPolicy, reactionDefinition, change.getSourceChannel());
ModelExecuteOptions options = new ModelExecuteOptions();
options.setReconcile(doReconciliation);
options.setLimitPropagation(limitPropagation);
final boolean willSynchronize = isSynchronize(reactionDefinition);
LensContext<F> lensContext = null;
if (willSynchronize) {
lensContext = createLensContext(focusClass, change, reactionDefinition, synchronizationPolicy, situation, options, configuration, parentResult);
}
if (LOGGER.isTraceEnabled() && lensContext != null) {
LOGGER.trace("---[ SYNCHRONIZATION context before action execution ]-------------------------\n" + "{}\n------------------------------------------", lensContext.debugDump());
}
if (willSynchronize) {
// there's no point in calling executeAction without context - so
// the actions are executed only if synchronize == true
executeActions(reactionDefinition, lensContext, situation, BeforeAfterType.BEFORE, resource, logDebug, task, parentResult);
Iterator<LensProjectionContext> iterator = lensContext.getProjectionContextsIterator();
LensProjectionContext originalProjectionContext = iterator.hasNext() ? iterator.next() : null;
try {
clockwork.run(lensContext, task, parentResult);
} catch (ConfigurationException | ObjectNotFoundException | SchemaException | PolicyViolationException | ExpressionEvaluationException | ObjectAlreadyExistsException | CommunicationException | SecurityViolationException e) {
LOGGER.error("SYNCHRONIZATION: Error in synchronization on {} for situation {}: {}: {}. Change was {}", new Object[] { resource, situation.getSituation(), e.getClass().getSimpleName(), e.getMessage(), change, e });
// what to do here? We cannot throw the error back. All that the notifyChange method
// could do is to convert it to SystemException. But that indicates an internal error and it will
// break whatever code called the notifyChange in the first place. We do not want that.
// If the clockwork could not do anything with the exception then perhaps nothing can be done at all.
// So just log the error (the error should be remembered in the result and task already)
// and then just go on.
}
// note: actions "AFTER" seem to be useless here (basically they
// modify lens context - which is relevant only if followed by
// clockwork run)
executeActions(reactionDefinition, lensContext, situation, BeforeAfterType.AFTER, resource, logDebug, task, parentResult);
if (originalProjectionContext != null) {
newSituation = originalProjectionContext.getSynchronizationSituationResolved();
}
} else {
LOGGER.trace("Skipping clockwork run on {} for situation {}, synchronize is set to false.", new Object[] { resource, situation.getSituation() });
}
return newSituation;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.SynchronizationSituationType in project midpoint by Evolveum.
the class SynchronizationServiceImpl method determineSituationWithCorrelation.
/**
* account is not linked to user. you have to use correlation and
* confirmation rule to be sure user for this account doesn't exists
* resourceShadow only contains the data that were in the repository before
* the change. But the correlation/confirmation should work on the updated
* data. Therefore let's apply the changes before running
* correlation/confirmation
*/
private <F extends FocusType> SynchronizationSituation determineSituationWithCorrelation(Class<F> focusType, ResourceObjectShadowChangeDescription change, ObjectSynchronizationType synchronizationPolicy, PrismObject<F> owner, SystemConfigurationType configurationType, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException {
if (ChangeType.DELETE.equals(getModificationType(change))) {
// account was deleted and we know it didn't have owner
return new SynchronizationSituation<>(owner == null ? null : owner.asObjectable(), null, SynchronizationSituationType.DELETED);
}
PrismObject<? extends ShadowType> resourceShadow = change.getCurrentShadow();
ObjectDelta syncDelta = change.getObjectDelta();
if (resourceShadow == null && syncDelta != null && ChangeType.ADD.equals(syncDelta.getChangeType())) {
LOGGER.trace("Trying to compute current shadow from change delta add.");
PrismObject<ShadowType> shadow = syncDelta.computeChangedObject(syncDelta.getObjectToAdd());
resourceShadow = shadow;
change.setCurrentShadow(shadow);
}
Validate.notNull(resourceShadow, "Current shadow must not be null.");
ResourceType resource = change.getResource().asObjectable();
validateResourceInShadow(resourceShadow.asObjectable(), resource);
SynchronizationSituationType state = null;
LOGGER.trace("SYNCHRONIZATION: CORRELATION: Looking for list of {} objects based on correlation rule.", focusType.getSimpleName());
List<PrismObject<F>> users = correlationConfirmationEvaluator.findFocusesByCorrelationRule(focusType, resourceShadow.asObjectable(), synchronizationPolicy.getCorrelation(), resource, configurationType, task, result);
if (users == null) {
users = new ArrayList<>();
}
if (users.size() > 1) {
if (synchronizationPolicy.getConfirmation() == null) {
LOGGER.trace("SYNCHRONIZATION: CONFIRMATION: no confirmation defined.");
} else {
LOGGER.debug("SYNCHRONIZATION: CONFIRMATION: Checking objects from correlation with confirmation rule.");
users = correlationConfirmationEvaluator.findUserByConfirmationRule(focusType, users, resourceShadow.asObjectable(), resource, configurationType, synchronizationPolicy.getConfirmation(), task, result);
}
}
F user = null;
switch(users.size()) {
case 0:
state = SynchronizationSituationType.UNMATCHED;
break;
case 1:
switch(getModificationType(change)) {
case ADD:
case MODIFY:
state = SynchronizationSituationType.UNLINKED;
break;
case DELETE:
state = SynchronizationSituationType.DELETED;
break;
}
user = users.get(0).asObjectable();
break;
default:
state = SynchronizationSituationType.DISPUTED;
}
return new SynchronizationSituation(null, user, state);
}
Aggregations