Search in sources :

Example 21 with ActivationCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.

the class ActivationConverter method determineLockoutStatus.

/**
 * Determines lockout status for resource object. Uses either native or simulated value.
 */
private LockoutStatusType determineLockoutStatus(PrismObject<ShadowType> resourceObject, ActivationCapabilityType activationCapability, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
    ActivationType existingActivation = resourceObject.asObjectable().getActivation();
    LockoutStatusType nativeValue = existingActivation != null ? existingActivation.getLockoutStatus() : null;
    ActivationLockoutStatusCapabilityType lockoutCapability = CapabilityUtil.getEnabledActivationLockoutStrict(activationCapability);
    if (lockoutCapability == null) {
        if (nativeValue != null) {
            LOGGER.trace("The lockout capability is disabled. Ignoring native value: {}", nativeValue);
        }
        // TODO Reconsider this. Maybe we should return native value.
        return null;
    }
    if (lockoutCapability.getAttribute() == null) {
        LOGGER.trace("Simulated lockout status is not configured. Using native value: {}", nativeValue);
        return nativeValue;
    }
    Collection<Object> simulatingAttributeValues = getSimulatingAttributeValues(resourceObject, lockoutCapability.getAttribute());
    TwoStateSimulatedToRealConverter<LockoutStatusType> converter = new TwoStateSimulatedToRealConverter<>(lockoutCapability.getNormalValue(), lockoutCapability.getLockedValue(), LockoutStatusType.NORMAL, LockoutStatusType.LOCKED, "lockout status", ctx);
    LockoutStatusType lockout = converter.convert(simulatingAttributeValues, result);
    LOGGER.trace("Detected simulated activation lockoutStatus attribute {} on {} with value {}, resolved into {}", lazy(() -> SchemaDebugUtil.prettyPrint(lockoutCapability.getAttribute())), ctx.getResource(), simulatingAttributeValues, lockout);
    if (!Boolean.FALSE.equals(lockoutCapability.isIgnoreAttribute())) {
        removeSimulatingAttribute(resourceObject, lockoutCapability.getAttribute());
    }
    return lockout;
}
Also used : ActivationLockoutStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType) PrismObject(com.evolveum.midpoint.prism.PrismObject)

Example 22 with ActivationCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.

the class ActivationConverter method createActivationStatusChange.

private void createActivationStatusChange(Collection<? extends ItemDelta<?, ?>> objectChange, ShadowType shadow, ActivationCapabilityType activationCapability, ResourceType resource, Collection<Operation> operations, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
    PropertyDelta<ActivationStatusType> propertyDelta = findPropertyDelta(objectChange, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS);
    if (propertyDelta == null) {
        return;
    }
    ActivationStatusCapabilityType statusCapability = CapabilityUtil.getEnabledActivationStatus(activationCapability);
    if (statusCapability == null) {
        SchemaException e = new SchemaException("Attempt to change activation administrativeStatus on " + resource + " which does not have the capability");
        result.recordFatalError(e);
        throw e;
    }
    QName simulatingAttributeName = statusCapability.getAttribute();
    if (simulatingAttributeName == null) {
        LOGGER.trace("No simulation attribute, using native value");
        addModification(operations, propertyDelta);
        return;
    }
    ActivationStatusType newStatus = getRealValue(propertyDelta.getPropertyNewMatchingPath());
    LOGGER.trace("Found activation administrativeStatus change to: {}", newStatus);
    PropertyModificationOperation<?> simulatingAttributeModification = TwoStateRealToSimulatedConverter.create(statusCapability, simulatingAttributeName, ctx, beans).convertDelta(newStatus, shadow, result);
    if (simulatingAttributeModification != null) {
        operations.add(simulatingAttributeModification);
    } else {
        addModification(operations, propertyDelta);
    }
}
Also used : QName(javax.xml.namespace.QName) ActivationStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)

Example 23 with ActivationCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.

the class ActivationConverter method transformLockoutStatusOnAdd.

private void transformLockoutStatusOnAdd(ShadowType shadow, ActivationCapabilityType activationCapability, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
    ActivationLockoutStatusCapabilityType lockoutCapability = CapabilityUtil.getEnabledActivationLockoutStrict(activationCapability);
    LOGGER.trace("Lockout status capability:\n{}", lockoutCapability);
    if (lockoutCapability == null) {
        throw new SchemaException("Attempt to set activation/lockoutStatus on " + ctx.getResource() + " that has neither native nor simulated activation/lockoutStatus capability");
    }
    QName simulatingAttributeName = lockoutCapability.getAttribute();
    if (simulatingAttributeName == null) {
        LOGGER.trace("Using native lockout status capability");
        return;
    }
    boolean converted = TwoStateRealToSimulatedConverter.create(lockoutCapability, simulatingAttributeName, ctx, beans).convertProperty(shadow.getActivation().getLockoutStatus(), shadow, result);
    if (converted) {
        shadow.getActivation().setLockoutStatus(null);
    }
}
Also used : ActivationLockoutStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType) QName(javax.xml.namespace.QName)

Example 24 with ActivationCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.

the class TestOpenDj method test005Capabilities.

@Test
public void test005Capabilities() throws Exception {
    // GIVEN
    Task task = getTestTask();
    OperationResult result = task.getResult();
    // WHEN
    ResourceType resource = provisioningService.getObject(ResourceType.class, RESOURCE_OPENDJ_OID, null, task, result).asObjectable();
    // THEN
    display("Resource from provisioninig", resource);
    displayValue("Resource from provisioninig (XML)", PrismTestUtil.serializeObjectToString(resource.asPrismObject(), PrismContext.LANG_XML));
    CapabilityCollectionType nativeCapabilities = resource.getCapabilities().getNative();
    List<Object> nativeCapabilitiesList = nativeCapabilities.getAny();
    assertFalse("Empty capabilities returned", nativeCapabilitiesList.isEmpty());
    CredentialsCapabilityType capCred = CapabilityUtil.getCapability(nativeCapabilitiesList, CredentialsCapabilityType.class);
    assertNotNull("credentials capability not found", capCred);
    PasswordCapabilityType capPassword = capCred.getPassword();
    assertNotNull("password capability not present", capPassword);
    assertPasswordCapability(capPassword);
    // Connector cannot do activation, this should be null
    ActivationCapabilityType capAct = CapabilityUtil.getCapability(nativeCapabilitiesList, ActivationCapabilityType.class);
    assertNull("Found activation capability while not expecting it", capAct);
    ScriptCapabilityType capScript = CapabilityUtil.getCapability(nativeCapabilitiesList, ScriptCapabilityType.class);
    assertNotNull("No script capability", capScript);
    List<Host> scriptHosts = capScript.getHost();
    assertEquals("Wrong number of script hosts", 1, scriptHosts.size());
    Host scriptHost = scriptHosts.get(0);
    assertEquals("Wrong script host type", ProvisioningScriptHostType.CONNECTOR, scriptHost.getType());
    // assertEquals("Wrong script host language", ....., scriptHost.getLanguage());
    ReadCapabilityType capRead = CapabilityUtil.getCapability(nativeCapabilitiesList, ReadCapabilityType.class);
    assertNotNull("No read capability", capRead);
    assertNull("Read capability is caching only", capRead.isCachingOnly());
    assertTrue("Read capability is not 'return default'", capRead.isReturnDefaultAttributesOption());
    CreateCapabilityType capCreate = CapabilityUtil.getCapability(nativeCapabilitiesList, CreateCapabilityType.class);
    assertNotNull("No create capability", capCreate);
    UpdateCapabilityType capUpdate = CapabilityUtil.getCapability(nativeCapabilitiesList, UpdateCapabilityType.class);
    assertNotNull("No update capability", capUpdate);
    DeleteCapabilityType capDelete = CapabilityUtil.getCapability(nativeCapabilitiesList, DeleteCapabilityType.class);
    assertNotNull("No delete capability", capDelete);
    List<Object> effectiveCapabilities = ResourceTypeUtil.getEffectiveCapabilities(resource);
    for (Object capability : effectiveCapabilities) {
        System.out.println("Capability: " + CapabilityUtil.getCapabilityDisplayName(capability) + " : " + capability);
    }
    capCred = ResourceTypeUtil.getEffectiveCapability(resource, CredentialsCapabilityType.class);
    assertNotNull("credentials effective capability not found", capCred);
    assertNotNull("password effective capability not found", capCred.getPassword());
    // Although connector does not support activation, the resource specifies a way how to simulate it.
    // Therefore the following should succeed
    capAct = ResourceTypeUtil.getEffectiveCapability(resource, ActivationCapabilityType.class);
    assertNotNull("activation capability not found", capAct);
    PagedSearchCapabilityType capPage = ResourceTypeUtil.getEffectiveCapability(resource, PagedSearchCapabilityType.class);
    assertNotNull("paged search capability not present", capPage);
    assertShadows(1);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) Host(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ScriptCapabilityType.Host) Test(org.testng.annotations.Test)

Example 25 with ActivationCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.

the class ProvisioningUtil method createAttributesToReturn.

public static AttributesToReturn createAttributesToReturn(ProvisioningContext ctx) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
    ResourceObjectDefinition resourceObjectDefinition = ctx.getObjectDefinitionRequired();
    // The following can be empty if the definition is raw
    Collection<? extends ResourceAttributeDefinition<?>> refinedAttributeDefinitions = resourceObjectDefinition.getAttributeDefinitions();
    ResourceType resource = ctx.getResource();
    boolean apply = false;
    AttributesToReturn attributesToReturn = new AttributesToReturn();
    // Attributes
    boolean hasMinimal = checkForMinimalFetchStrategy(ctx);
    attributesToReturn.setReturnDefaultAttributes(!hasMinimal);
    Collection<ResourceAttributeDefinition<?>> explicit = getExplicitlyFetchedAttributes(ctx, !hasMinimal);
    if (!explicit.isEmpty()) {
        attributesToReturn.setAttributesToReturn(explicit);
        apply = true;
    }
    // Password
    CredentialsCapabilityType credentialsCapability = ResourceTypeUtil.getEffectiveCapability(resource, CredentialsCapabilityType.class);
    if (credentialsCapability != null) {
        if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_PASSWORD_VALUE)) {
            attributesToReturn.setReturnPasswordExplicit(true);
            apply = true;
        } else {
            if (!CapabilityUtil.isPasswordReturnedByDefault(credentialsCapability)) {
                // The resource is capable of returning password but it does not do it by default.
                AttributeFetchStrategyType passwordFetchStrategy = resourceObjectDefinition.getPasswordFetchStrategy();
                if (passwordFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
                    attributesToReturn.setReturnPasswordExplicit(true);
                    apply = true;
                }
            }
        }
    }
    // Activation
    ActivationCapabilityType activationCapability = ResourceTypeUtil.getEffectiveCapability(resource, ActivationCapabilityType.class);
    if (activationCapability != null) {
        if (CapabilityUtil.isCapabilityEnabled(activationCapability.getStatus())) {
            if (!CapabilityUtil.isActivationStatusReturnedByDefault(activationCapability)) {
                // The resource is capable of returning enable flag but it does not do it by default.
                if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS)) {
                    attributesToReturn.setReturnAdministrativeStatusExplicit(true);
                    apply = true;
                } else {
                    AttributeFetchStrategyType administrativeStatusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_ADMINISTRATIVE_STATUS);
                    if (administrativeStatusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
                        attributesToReturn.setReturnAdministrativeStatusExplicit(true);
                        apply = true;
                    }
                }
            }
        }
        if (CapabilityUtil.isCapabilityEnabled(activationCapability.getValidFrom())) {
            if (!CapabilityUtil.isActivationValidFromReturnedByDefault(activationCapability)) {
                if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_VALID_FROM)) {
                    attributesToReturn.setReturnValidFromExplicit(true);
                    apply = true;
                } else {
                    AttributeFetchStrategyType administrativeStatusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_VALID_FROM);
                    if (administrativeStatusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
                        attributesToReturn.setReturnValidFromExplicit(true);
                        apply = true;
                    }
                }
            }
        }
        if (CapabilityUtil.isCapabilityEnabled(activationCapability.getValidTo())) {
            if (!CapabilityUtil.isActivationValidToReturnedByDefault(activationCapability)) {
                if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_VALID_TO)) {
                    attributesToReturn.setReturnValidToExplicit(true);
                    apply = true;
                } else {
                    AttributeFetchStrategyType administrativeStatusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_VALID_TO);
                    if (administrativeStatusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
                        attributesToReturn.setReturnValidToExplicit(true);
                        apply = true;
                    }
                }
            }
        }
        if (CapabilityUtil.isCapabilityEnabled(activationCapability.getLockoutStatus())) {
            if (!CapabilityUtil.isActivationLockoutStatusReturnedByDefault(activationCapability)) {
                // The resource is capable of returning lockout flag but it does not do it by default.
                if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS)) {
                    attributesToReturn.setReturnAdministrativeStatusExplicit(true);
                    apply = true;
                } else {
                    AttributeFetchStrategyType statusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_LOCKOUT_STATUS);
                    if (statusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
                        attributesToReturn.setReturnLockoutStatusExplicit(true);
                        apply = true;
                    }
                }
            }
        }
    }
    if (apply) {
        return attributesToReturn;
    } else {
        return null;
    }
}
Also used : AttributesToReturn(com.evolveum.midpoint.provisioning.ucf.api.AttributesToReturn) ActivationCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType) CredentialsCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType)

Aggregations

ActivationCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType)29 ActivationStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)16 ActivationLockoutStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType)13 QName (javax.xml.namespace.QName)11 Test (org.testng.annotations.Test)9 PrismObject (com.evolveum.midpoint.prism.PrismObject)8 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)8 CredentialsCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType)8 CapabilityCollectionType (com.evolveum.midpoint.xml.ns._public.common.common_3.CapabilityCollectionType)7 ResourceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType)6 ActivationValidityCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType)6 Task (com.evolveum.midpoint.task.api.Task)5 ReadCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ReadCapabilityType)5 SynchronizationPolicyDecision (com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)4 ResourceAttributeDefinition (com.evolveum.midpoint.schema.processor.ResourceAttributeDefinition)4 ResourceSchema (com.evolveum.midpoint.schema.processor.ResourceSchema)4 AbstractModelIntegrationTest (com.evolveum.midpoint.model.test.AbstractModelIntegrationTest)3 ObjectClassComplexTypeDefinition (com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition)3 ObjectType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType)3 CreateCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CreateCapabilityType)3