use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.
the class ActivationConverter method determineLockoutStatus.
/**
* Determines lockout status for resource object. Uses either native or simulated value.
*/
private LockoutStatusType determineLockoutStatus(PrismObject<ShadowType> resourceObject, ActivationCapabilityType activationCapability, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
ActivationType existingActivation = resourceObject.asObjectable().getActivation();
LockoutStatusType nativeValue = existingActivation != null ? existingActivation.getLockoutStatus() : null;
ActivationLockoutStatusCapabilityType lockoutCapability = CapabilityUtil.getEnabledActivationLockoutStrict(activationCapability);
if (lockoutCapability == null) {
if (nativeValue != null) {
LOGGER.trace("The lockout capability is disabled. Ignoring native value: {}", nativeValue);
}
// TODO Reconsider this. Maybe we should return native value.
return null;
}
if (lockoutCapability.getAttribute() == null) {
LOGGER.trace("Simulated lockout status is not configured. Using native value: {}", nativeValue);
return nativeValue;
}
Collection<Object> simulatingAttributeValues = getSimulatingAttributeValues(resourceObject, lockoutCapability.getAttribute());
TwoStateSimulatedToRealConverter<LockoutStatusType> converter = new TwoStateSimulatedToRealConverter<>(lockoutCapability.getNormalValue(), lockoutCapability.getLockedValue(), LockoutStatusType.NORMAL, LockoutStatusType.LOCKED, "lockout status", ctx);
LockoutStatusType lockout = converter.convert(simulatingAttributeValues, result);
LOGGER.trace("Detected simulated activation lockoutStatus attribute {} on {} with value {}, resolved into {}", lazy(() -> SchemaDebugUtil.prettyPrint(lockoutCapability.getAttribute())), ctx.getResource(), simulatingAttributeValues, lockout);
if (!Boolean.FALSE.equals(lockoutCapability.isIgnoreAttribute())) {
removeSimulatingAttribute(resourceObject, lockoutCapability.getAttribute());
}
return lockout;
}
use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.
the class ActivationConverter method createActivationStatusChange.
private void createActivationStatusChange(Collection<? extends ItemDelta<?, ?>> objectChange, ShadowType shadow, ActivationCapabilityType activationCapability, ResourceType resource, Collection<Operation> operations, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
PropertyDelta<ActivationStatusType> propertyDelta = findPropertyDelta(objectChange, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS);
if (propertyDelta == null) {
return;
}
ActivationStatusCapabilityType statusCapability = CapabilityUtil.getEnabledActivationStatus(activationCapability);
if (statusCapability == null) {
SchemaException e = new SchemaException("Attempt to change activation administrativeStatus on " + resource + " which does not have the capability");
result.recordFatalError(e);
throw e;
}
QName simulatingAttributeName = statusCapability.getAttribute();
if (simulatingAttributeName == null) {
LOGGER.trace("No simulation attribute, using native value");
addModification(operations, propertyDelta);
return;
}
ActivationStatusType newStatus = getRealValue(propertyDelta.getPropertyNewMatchingPath());
LOGGER.trace("Found activation administrativeStatus change to: {}", newStatus);
PropertyModificationOperation<?> simulatingAttributeModification = TwoStateRealToSimulatedConverter.create(statusCapability, simulatingAttributeName, ctx, beans).convertDelta(newStatus, shadow, result);
if (simulatingAttributeModification != null) {
operations.add(simulatingAttributeModification);
} else {
addModification(operations, propertyDelta);
}
}
use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.
the class ActivationConverter method transformLockoutStatusOnAdd.
private void transformLockoutStatusOnAdd(ShadowType shadow, ActivationCapabilityType activationCapability, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
ActivationLockoutStatusCapabilityType lockoutCapability = CapabilityUtil.getEnabledActivationLockoutStrict(activationCapability);
LOGGER.trace("Lockout status capability:\n{}", lockoutCapability);
if (lockoutCapability == null) {
throw new SchemaException("Attempt to set activation/lockoutStatus on " + ctx.getResource() + " that has neither native nor simulated activation/lockoutStatus capability");
}
QName simulatingAttributeName = lockoutCapability.getAttribute();
if (simulatingAttributeName == null) {
LOGGER.trace("Using native lockout status capability");
return;
}
boolean converted = TwoStateRealToSimulatedConverter.create(lockoutCapability, simulatingAttributeName, ctx, beans).convertProperty(shadow.getActivation().getLockoutStatus(), shadow, result);
if (converted) {
shadow.getActivation().setLockoutStatus(null);
}
}
use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.
the class TestOpenDj method test005Capabilities.
@Test
public void test005Capabilities() throws Exception {
// GIVEN
Task task = getTestTask();
OperationResult result = task.getResult();
// WHEN
ResourceType resource = provisioningService.getObject(ResourceType.class, RESOURCE_OPENDJ_OID, null, task, result).asObjectable();
// THEN
display("Resource from provisioninig", resource);
displayValue("Resource from provisioninig (XML)", PrismTestUtil.serializeObjectToString(resource.asPrismObject(), PrismContext.LANG_XML));
CapabilityCollectionType nativeCapabilities = resource.getCapabilities().getNative();
List<Object> nativeCapabilitiesList = nativeCapabilities.getAny();
assertFalse("Empty capabilities returned", nativeCapabilitiesList.isEmpty());
CredentialsCapabilityType capCred = CapabilityUtil.getCapability(nativeCapabilitiesList, CredentialsCapabilityType.class);
assertNotNull("credentials capability not found", capCred);
PasswordCapabilityType capPassword = capCred.getPassword();
assertNotNull("password capability not present", capPassword);
assertPasswordCapability(capPassword);
// Connector cannot do activation, this should be null
ActivationCapabilityType capAct = CapabilityUtil.getCapability(nativeCapabilitiesList, ActivationCapabilityType.class);
assertNull("Found activation capability while not expecting it", capAct);
ScriptCapabilityType capScript = CapabilityUtil.getCapability(nativeCapabilitiesList, ScriptCapabilityType.class);
assertNotNull("No script capability", capScript);
List<Host> scriptHosts = capScript.getHost();
assertEquals("Wrong number of script hosts", 1, scriptHosts.size());
Host scriptHost = scriptHosts.get(0);
assertEquals("Wrong script host type", ProvisioningScriptHostType.CONNECTOR, scriptHost.getType());
// assertEquals("Wrong script host language", ....., scriptHost.getLanguage());
ReadCapabilityType capRead = CapabilityUtil.getCapability(nativeCapabilitiesList, ReadCapabilityType.class);
assertNotNull("No read capability", capRead);
assertNull("Read capability is caching only", capRead.isCachingOnly());
assertTrue("Read capability is not 'return default'", capRead.isReturnDefaultAttributesOption());
CreateCapabilityType capCreate = CapabilityUtil.getCapability(nativeCapabilitiesList, CreateCapabilityType.class);
assertNotNull("No create capability", capCreate);
UpdateCapabilityType capUpdate = CapabilityUtil.getCapability(nativeCapabilitiesList, UpdateCapabilityType.class);
assertNotNull("No update capability", capUpdate);
DeleteCapabilityType capDelete = CapabilityUtil.getCapability(nativeCapabilitiesList, DeleteCapabilityType.class);
assertNotNull("No delete capability", capDelete);
List<Object> effectiveCapabilities = ResourceTypeUtil.getEffectiveCapabilities(resource);
for (Object capability : effectiveCapabilities) {
System.out.println("Capability: " + CapabilityUtil.getCapabilityDisplayName(capability) + " : " + capability);
}
capCred = ResourceTypeUtil.getEffectiveCapability(resource, CredentialsCapabilityType.class);
assertNotNull("credentials effective capability not found", capCred);
assertNotNull("password effective capability not found", capCred.getPassword());
// Although connector does not support activation, the resource specifies a way how to simulate it.
// Therefore the following should succeed
capAct = ResourceTypeUtil.getEffectiveCapability(resource, ActivationCapabilityType.class);
assertNotNull("activation capability not found", capAct);
PagedSearchCapabilityType capPage = ResourceTypeUtil.getEffectiveCapability(resource, PagedSearchCapabilityType.class);
assertNotNull("paged search capability not present", capPage);
assertShadows(1);
}
use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType in project midpoint by Evolveum.
the class ProvisioningUtil method createAttributesToReturn.
public static AttributesToReturn createAttributesToReturn(ProvisioningContext ctx) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
ResourceObjectDefinition resourceObjectDefinition = ctx.getObjectDefinitionRequired();
// The following can be empty if the definition is raw
Collection<? extends ResourceAttributeDefinition<?>> refinedAttributeDefinitions = resourceObjectDefinition.getAttributeDefinitions();
ResourceType resource = ctx.getResource();
boolean apply = false;
AttributesToReturn attributesToReturn = new AttributesToReturn();
// Attributes
boolean hasMinimal = checkForMinimalFetchStrategy(ctx);
attributesToReturn.setReturnDefaultAttributes(!hasMinimal);
Collection<ResourceAttributeDefinition<?>> explicit = getExplicitlyFetchedAttributes(ctx, !hasMinimal);
if (!explicit.isEmpty()) {
attributesToReturn.setAttributesToReturn(explicit);
apply = true;
}
// Password
CredentialsCapabilityType credentialsCapability = ResourceTypeUtil.getEffectiveCapability(resource, CredentialsCapabilityType.class);
if (credentialsCapability != null) {
if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_PASSWORD_VALUE)) {
attributesToReturn.setReturnPasswordExplicit(true);
apply = true;
} else {
if (!CapabilityUtil.isPasswordReturnedByDefault(credentialsCapability)) {
// The resource is capable of returning password but it does not do it by default.
AttributeFetchStrategyType passwordFetchStrategy = resourceObjectDefinition.getPasswordFetchStrategy();
if (passwordFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
attributesToReturn.setReturnPasswordExplicit(true);
apply = true;
}
}
}
}
// Activation
ActivationCapabilityType activationCapability = ResourceTypeUtil.getEffectiveCapability(resource, ActivationCapabilityType.class);
if (activationCapability != null) {
if (CapabilityUtil.isCapabilityEnabled(activationCapability.getStatus())) {
if (!CapabilityUtil.isActivationStatusReturnedByDefault(activationCapability)) {
// The resource is capable of returning enable flag but it does not do it by default.
if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS)) {
attributesToReturn.setReturnAdministrativeStatusExplicit(true);
apply = true;
} else {
AttributeFetchStrategyType administrativeStatusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_ADMINISTRATIVE_STATUS);
if (administrativeStatusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
attributesToReturn.setReturnAdministrativeStatusExplicit(true);
apply = true;
}
}
}
}
if (CapabilityUtil.isCapabilityEnabled(activationCapability.getValidFrom())) {
if (!CapabilityUtil.isActivationValidFromReturnedByDefault(activationCapability)) {
if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_VALID_FROM)) {
attributesToReturn.setReturnValidFromExplicit(true);
apply = true;
} else {
AttributeFetchStrategyType administrativeStatusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_VALID_FROM);
if (administrativeStatusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
attributesToReturn.setReturnValidFromExplicit(true);
apply = true;
}
}
}
}
if (CapabilityUtil.isCapabilityEnabled(activationCapability.getValidTo())) {
if (!CapabilityUtil.isActivationValidToReturnedByDefault(activationCapability)) {
if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_VALID_TO)) {
attributesToReturn.setReturnValidToExplicit(true);
apply = true;
} else {
AttributeFetchStrategyType administrativeStatusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_VALID_TO);
if (administrativeStatusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
attributesToReturn.setReturnValidToExplicit(true);
apply = true;
}
}
}
}
if (CapabilityUtil.isCapabilityEnabled(activationCapability.getLockoutStatus())) {
if (!CapabilityUtil.isActivationLockoutStatusReturnedByDefault(activationCapability)) {
// The resource is capable of returning lockout flag but it does not do it by default.
if (ctx.isFetchingNotDisabled(SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS)) {
attributesToReturn.setReturnAdministrativeStatusExplicit(true);
apply = true;
} else {
AttributeFetchStrategyType statusFetchStrategy = resourceObjectDefinition.getActivationFetchStrategy(ActivationType.F_LOCKOUT_STATUS);
if (statusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) {
attributesToReturn.setReturnLockoutStatusExplicit(true);
apply = true;
}
}
}
}
}
if (apply) {
return attributesToReturn;
} else {
return null;
}
}
Aggregations