Search in sources :

Example 31 with ValuePolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType in project midpoint by Evolveum.

the class SecurityHelper method setDeprecatedPasswordPolicyProperties.

private void setDeprecatedPasswordPolicyProperties(ValuePolicyType passwordPolicyType, PasswordCredentialsPolicyType passwd) {
    PasswordLifeTimeType lifetime = passwordPolicyType.getLifetime();
    if (lifetime != null) {
        Integer expiration = lifetime.getExpiration();
        if (expiration != null && expiration != 0 && passwd.getMaxAge() == null) {
            passwd.setMaxAge(daysToDuration(expiration));
        }
        Integer minPasswordAge = lifetime.getMinPasswordAge();
        if (minPasswordAge != null && minPasswordAge != 0 && passwd.getMinAge() == null) {
            passwd.setMinAge(daysToDuration(minPasswordAge));
        }
        Integer passwordHistoryLength = lifetime.getPasswordHistoryLength();
        if (passwordHistoryLength != null && passwd.getHistoryLength() == null) {
            passwd.setHistoryLength(passwordHistoryLength);
        }
    }
    String minOccurs = passwordPolicyType.getMinOccurs();
    if (minOccurs != null && passwd.getMinOccurs() == null) {
        passwd.setMinOccurs(minOccurs);
    }
}
Also used : PasswordLifeTimeType(com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordLifeTimeType)

Example 32 with ValuePolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType in project midpoint by Evolveum.

the class SecurityHelper method postProcessPasswordCredentialPolicy.

private void postProcessPasswordCredentialPolicy(SecurityPolicyType securityPolicyType, PasswordCredentialsPolicyType passwd, Task task, OperationResult result) {
    // Deprecated settings
    Integer passwordHistoryLength = passwd.getPasswordHistoryLength();
    if (passwordHistoryLength != null && passwd.getHistoryLength() == null) {
        passwd.setHistoryLength(passwordHistoryLength);
    }
    ObjectReferenceType passwordPolicyRef = passwd.getPasswordPolicyRef();
    if (passwordPolicyRef != null && passwd.getValuePolicyRef() == null) {
        passwd.setValuePolicyRef(passwordPolicyRef.clone());
    }
    ValuePolicyType valuePolicyType = postProcessCredentialPolicy(securityPolicyType, passwd, "password credential policy", task, result);
    if (valuePolicyType != null) {
        setDeprecatedPasswordPolicyProperties(valuePolicyType, passwd);
    }
}
Also used : ObjectReferenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType) ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)

Example 33 with ValuePolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType in project midpoint by Evolveum.

the class ProjectionCredentialsProcessor method determinePasswordPolicy.

private <F extends FocusType> ValuePolicyType determinePasswordPolicy(LensContext<F> context, final LensProjectionContext projCtx, XMLGregorianCalendar now, Task task, OperationResult result) {
    ValuePolicyType passwordPolicy = projCtx.getAccountPasswordPolicy();
    if (passwordPolicy != null) {
        return passwordPolicy;
    }
    LensFocusContext<F> focusContext = context.getFocusContext();
    if (focusContext == null) {
        return null;
    }
    return SecurityUtil.getPasswordPolicy(focusContext.getSecurityPolicy());
}
Also used : ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)

Example 34 with ValuePolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType in project midpoint by Evolveum.

the class ProjectionCredentialsProcessor method processProjectionCredentialsFocus.

public <F extends FocusType> void processProjectionCredentialsFocus(LensContext<F> context, LensProjectionContext projectionContext, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException {
    ValuePolicyType passwordPolicy = determinePasswordPolicy(context, projectionContext, now, task, result);
    processProjectionPasswordMapping(context, projectionContext, passwordPolicy, now, task, result);
    validateProjectionPassword(context, projectionContext, passwordPolicy, now, task, result);
    applyMetadata(context, projectionContext, now, task, result);
}
Also used : ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)

Example 35 with ValuePolicyType

use of com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType in project midpoint by Evolveum.

the class TestProjector method test451GuybrushInboundFromAbsolute.

@Test
public void test451GuybrushInboundFromAbsolute() throws Exception {
    final String TEST_NAME = "test451GuybrushInboundFromAbsolute";
    TestUtil.displayTestTile(this, TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(TestProjector.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    assumeAssignmentPolicy(AssignmentPolicyEnforcementType.POSITIVE);
    PrismObject<ValuePolicyType> passPolicy = PrismTestUtil.parseObject(PASSWORD_POLICY_GLOBAL_FILE);
    ObjectDelta delta = ObjectDelta.createAddDelta(passPolicy);
    Collection<ObjectDelta<? extends ObjectType>> deltas = new ArrayList<ObjectDelta<? extends ObjectType>>();
    deltas.add(delta);
    modelService.executeChanges(deltas, null, task, result);
    deltas = new ArrayList<ObjectDelta<? extends ObjectType>>();
    ObjectDelta refDelta = ObjectDelta.createModificationAddReference(SystemConfigurationType.class, SYSTEM_CONFIGURATION_OID, SystemConfigurationType.F_GLOBAL_PASSWORD_POLICY_REF, prismContext, passPolicy);
    // We need to execute this using repo. Otherwise logging config will be ruined
    repositoryService.modifyObject(SystemConfigurationType.class, SYSTEM_CONFIGURATION_OID, refDelta.getModifications(), result);
    PrismObject<ValuePolicyType> passPol = modelService.getObject(ValuePolicyType.class, PASSWORD_POLICY_GLOBAL_OID, null, task, result);
    assertNotNull(passPol);
    PrismObject<SystemConfigurationType> sysConfig = modelService.getObject(SystemConfigurationType.class, SYSTEM_CONFIGURATION_OID, null, task, result);
    assertNotNull("No global password policy", sysConfig.asObjectable().getGlobalPasswordPolicyRef());
    assertEquals(PASSWORD_POLICY_GLOBAL_OID, sysConfig.asObjectable().getGlobalPasswordPolicyRef().getOid());
    // GIVEN
    LensContext<UserType> context = createUserLensContext();
    fillContextWithUser(context, USER_GUYBRUSH_OID, result);
    fillContextWithAccountFromFile(context, ACCOUNT_GUYBRUSH_DUMMY_FILE, task, result);
    LensProjectionContext guybrushAccountContext = context.findProjectionContextByOid(ACCOUNT_SHADOW_GUYBRUSH_OID);
    guybrushAccountContext.setFullShadow(true);
    guybrushAccountContext.setDoReconciliation(true);
    context.recompute();
    display("Input context", context);
    assertFocusModificationSanity(context);
    // WHEN
    projector.project(context, "test", task, result);
    // THEN
    display("Output context", context);
    assertNoUserPrimaryDelta(context);
    assertUserSecondaryDelta(context);
    ObjectDelta<UserType> userSecondaryDelta = context.getFocusContext().getSecondaryDelta();
    assertTrue(userSecondaryDelta.getChangeType() == ChangeType.MODIFY);
    PrismAsserts.assertPropertyAdd(userSecondaryDelta, UserType.F_ORGANIZATIONAL_UNIT, PrismTestUtil.createPolyString("The crew of The Sea Monkey"));
    assertOriginWithSideEffectChanges(userSecondaryDelta, OriginType.INBOUND);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ValuePolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType) ArrayList(java.util.ArrayList) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) ObjectType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType) SystemConfigurationType(com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationType) ObjectDelta(com.evolveum.midpoint.prism.delta.ObjectDelta) UserType(com.evolveum.midpoint.xml.ns._public.common.common_3.UserType) Test(org.testng.annotations.Test)

Aggregations

ValuePolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.ValuePolicyType)35 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)19 Test (org.testng.annotations.Test)14 Task (com.evolveum.midpoint.task.api.Task)12 AbstractInternalModelIntegrationTest (com.evolveum.midpoint.model.impl.AbstractInternalModelIntegrationTest)10 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)8 ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)8 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)7 File (java.io.File)7 ExpressionEvaluationException (com.evolveum.midpoint.util.exception.ExpressionEvaluationException)6 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)6 StringPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.StringPolicyType)6 PrismObject (com.evolveum.midpoint.prism.PrismObject)5 UserType (com.evolveum.midpoint.xml.ns._public.common.common_3.UserType)5 PrismPropertyValue (com.evolveum.midpoint.prism.PrismPropertyValue)4 PolyString (com.evolveum.midpoint.prism.polystring.PolyString)4 StringPolicyResolver (com.evolveum.midpoint.repo.common.expression.StringPolicyResolver)4 ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)4 ItemDefinition (com.evolveum.midpoint.prism.ItemDefinition)3 PrismContext (com.evolveum.midpoint.prism.PrismContext)3