Search in sources :

Example 1 with ActivationValidityCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType in project midpoint by Evolveum.

the class ActivationProcessor method processActivationUserFuture.

public <F extends FocusType> void processActivationUserFuture(LensContext<F> context, LensProjectionContext accCtx, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException {
    String accCtxDesc = accCtx.toHumanReadableString();
    SynchronizationPolicyDecision decision = accCtx.getSynchronizationPolicyDecision();
    SynchronizationIntent synchronizationIntent = accCtx.getSynchronizationIntent();
    if (accCtx.isThombstone() || decision == SynchronizationPolicyDecision.BROKEN || decision == SynchronizationPolicyDecision.IGNORE || decision == SynchronizationPolicyDecision.UNLINK || decision == SynchronizationPolicyDecision.DELETE) {
        return;
    }
    accCtx.recompute();
    evaluateExistenceMapping(context, accCtx, now, false, task, result);
    PrismObject<F> focusNew = context.getFocusContext().getObjectNew();
    if (focusNew == null) {
        // This must be a user delete or something similar. No point in proceeding
        LOGGER.trace("focusNew is null, skipping activation processing of {}", accCtxDesc);
        return;
    }
    ResourceObjectTypeDefinitionType resourceAccountDefType = accCtx.getResourceObjectTypeDefinitionType();
    if (resourceAccountDefType == null) {
        return;
    }
    ResourceActivationDefinitionType activationType = resourceAccountDefType.getActivation();
    if (activationType == null) {
        return;
    }
    ActivationCapabilityType capActivation = ResourceTypeUtil.getEffectiveCapability(accCtx.getResource(), ActivationCapabilityType.class);
    if (capActivation == null) {
        return;
    }
    ActivationStatusCapabilityType capStatus = CapabilityUtil.getEffectiveActivationStatus(capActivation);
    ActivationValidityCapabilityType capValidFrom = CapabilityUtil.getEffectiveActivationValidFrom(capActivation);
    ActivationValidityCapabilityType capValidTo = CapabilityUtil.getEffectiveActivationValidTo(capActivation);
    if (capStatus != null) {
        evaluateActivationMapping(context, accCtx, activationType.getAdministrativeStatus(), SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, capActivation, now, false, ActivationType.F_ADMINISTRATIVE_STATUS.getLocalPart(), task, result);
    }
    if (capValidFrom != null) {
        evaluateActivationMapping(context, accCtx, activationType.getAdministrativeStatus(), SchemaConstants.PATH_ACTIVATION_VALID_FROM, SchemaConstants.PATH_ACTIVATION_VALID_FROM, null, now, false, ActivationType.F_VALID_FROM.getLocalPart(), task, result);
    }
    if (capValidTo != null) {
        evaluateActivationMapping(context, accCtx, activationType.getAdministrativeStatus(), SchemaConstants.PATH_ACTIVATION_VALID_TO, SchemaConstants.PATH_ACTIVATION_VALID_TO, null, now, false, ActivationType.F_VALID_FROM.getLocalPart(), task, result);
    }
}
Also used : ResourceActivationDefinitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceActivationDefinitionType) ResourceObjectTypeDefinitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectTypeDefinitionType) ActivationValidityCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType) SynchronizationIntent(com.evolveum.midpoint.model.impl.lens.SynchronizationIntent) ActivationCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType) SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision) ActivationStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)

Example 2 with ActivationValidityCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType in project midpoint by Evolveum.

the class ActivationProcessor method processActivationUserCurrent.

public <F extends FocusType> void processActivationUserCurrent(LensContext<F> context, LensProjectionContext projCtx, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException {
    String projCtxDesc = projCtx.toHumanReadableString();
    SynchronizationPolicyDecision decision = projCtx.getSynchronizationPolicyDecision();
    SynchronizationIntent synchronizationIntent = projCtx.getSynchronizationIntent();
    if (decision == SynchronizationPolicyDecision.BROKEN) {
        LOGGER.trace("Broken projection {}, skipping further activation processing", projCtxDesc);
        return;
    }
    if (decision != null) {
        throw new IllegalStateException("Decision " + decision + " already present for projection " + projCtxDesc);
    }
    if (synchronizationIntent == SynchronizationIntent.UNLINK) {
        projCtx.setSynchronizationPolicyDecision(SynchronizationPolicyDecision.UNLINK);
        LOGGER.trace("Evaluated decision for {} to {} because of unlink synchronization intent, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.UNLINK);
        return;
    }
    if (projCtx.isThombstone()) {
        if (shouldKeepThombstone(projCtx)) {
            // Let's keep thombstones linked until they expire. So we do not have shadows without owners.
            // This is also needed for async delete operations.
            projCtx.setSynchronizationPolicyDecision(SynchronizationPolicyDecision.KEEP);
            LOGGER.trace("Evaluated decision for {} to {} because it is thombstone, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.KEEP);
        } else {
            projCtx.setSynchronizationPolicyDecision(SynchronizationPolicyDecision.UNLINK);
            LOGGER.trace("Evaluated decision for {} to {} because it is thombstone, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.UNLINK);
        }
        return;
    }
    if (synchronizationIntent == SynchronizationIntent.DELETE || projCtx.isDelete()) {
        // TODO: is this OK?
        projCtx.setSynchronizationPolicyDecision(SynchronizationPolicyDecision.DELETE);
        LOGGER.trace("Evaluated decision for {} to {}, skipping further activation processing", projCtxDesc, SynchronizationPolicyDecision.DELETE);
        return;
    }
    boolean shadowShouldExist = evaluateExistenceMapping(context, projCtx, now, true, task, result);
    LOGGER.trace("Evaluated intended existence of projection {} to {}", projCtxDesc, shadowShouldExist);
    // Let's reconcile the existence intent (shadowShouldExist) and the synchronization intent in the context
    LensProjectionContext lowerOrderContext = LensUtil.findLowerOrderContext(context, projCtx);
    if (synchronizationIntent == null || synchronizationIntent == SynchronizationIntent.SYNCHRONIZE) {
        if (shadowShouldExist) {
            projCtx.setActive(true);
            if (projCtx.isExists()) {
                if (lowerOrderContext != null && lowerOrderContext.isDelete()) {
                    // HACK HACK HACK
                    decision = SynchronizationPolicyDecision.DELETE;
                } else {
                    decision = SynchronizationPolicyDecision.KEEP;
                }
            } else {
                if (lowerOrderContext != null) {
                    if (lowerOrderContext.isDelete()) {
                        // HACK HACK HACK
                        decision = SynchronizationPolicyDecision.DELETE;
                    } else {
                        // If there is a lower-order context then that one will be ADD
                        // and this one is KEEP. When the execution comes to this context
                        // then the projection already exists
                        decision = SynchronizationPolicyDecision.KEEP;
                    }
                } else {
                    decision = SynchronizationPolicyDecision.ADD;
                }
            }
        } else {
            // Delete
            if (projCtx.isExists()) {
                decision = SynchronizationPolicyDecision.DELETE;
            } else {
                // we should delete the entire context, but then we will lost track of what
                // happened. So just ignore it.
                decision = SynchronizationPolicyDecision.IGNORE;
                // if there are any triggers then move them to focus. We may still need them.
                LensUtil.moveTriggers(projCtx, context.getFocusContext());
            }
        }
    } else if (synchronizationIntent == SynchronizationIntent.ADD) {
        if (shadowShouldExist) {
            projCtx.setActive(true);
            if (projCtx.isExists()) {
                // Attempt to add something that is already there, but should be OK
                decision = SynchronizationPolicyDecision.KEEP;
            } else {
                decision = SynchronizationPolicyDecision.ADD;
            }
        } else {
            throw new PolicyViolationException("Request to add projection " + projCtxDesc + " but the activation policy decided that it should not exist");
        }
    } else if (synchronizationIntent == SynchronizationIntent.KEEP) {
        if (shadowShouldExist) {
            projCtx.setActive(true);
            if (projCtx.isExists()) {
                decision = SynchronizationPolicyDecision.KEEP;
            } else {
                decision = SynchronizationPolicyDecision.ADD;
            }
        } else {
            throw new PolicyViolationException("Request to keep projection " + projCtxDesc + " but the activation policy decided that it should not exist");
        }
    } else {
        throw new IllegalStateException("Unknown sync intent " + synchronizationIntent);
    }
    LOGGER.trace("Evaluated decision for projection {} to {}", projCtxDesc, decision);
    projCtx.setSynchronizationPolicyDecision(decision);
    PrismObject<F> focusNew = context.getFocusContext().getObjectNew();
    if (focusNew == null) {
        // This must be a user delete or something similar. No point in proceeding
        LOGGER.trace("focusNew is null, skipping activation processing of {}", projCtxDesc);
        return;
    }
    if (decision == SynchronizationPolicyDecision.UNLINK || decision == SynchronizationPolicyDecision.DELETE) {
        LOGGER.trace("Decision is {}, skipping activation properties processing for {}", decision, projCtxDesc);
        return;
    }
    ResourceObjectTypeDefinitionType resourceAccountDefType = projCtx.getResourceObjectTypeDefinitionType();
    if (resourceAccountDefType == null) {
        LOGGER.trace("No refined object definition, therefore also no activation outbound definition, skipping activation processing for account " + projCtxDesc);
        return;
    }
    ResourceActivationDefinitionType activationType = resourceAccountDefType.getActivation();
    if (activationType == null) {
        LOGGER.trace("No activation definition in projection {}, skipping activation properties processing", projCtxDesc);
        return;
    }
    ActivationCapabilityType capActivation = ResourceTypeUtil.getEffectiveCapability(projCtx.getResource(), ActivationCapabilityType.class);
    if (capActivation == null) {
        LOGGER.trace("Skipping activation status and validity processing because {} has no activation capability", projCtx.getResource());
        return;
    }
    ActivationStatusCapabilityType capStatus = CapabilityUtil.getEffectiveActivationStatus(capActivation);
    ActivationValidityCapabilityType capValidFrom = CapabilityUtil.getEffectiveActivationValidFrom(capActivation);
    ActivationValidityCapabilityType capValidTo = CapabilityUtil.getEffectiveActivationValidTo(capActivation);
    ActivationLockoutStatusCapabilityType capLockoutStatus = CapabilityUtil.getEffectiveActivationLockoutStatus(capActivation);
    if (capStatus != null) {
        evaluateActivationMapping(context, projCtx, activationType.getAdministrativeStatus(), SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, capActivation, now, true, ActivationType.F_ADMINISTRATIVE_STATUS.getLocalPart(), task, result);
    } else {
        LOGGER.trace("Skipping activation administrative status processing because {} does not have activation administrative status capability", projCtx.getResource());
    }
    ResourceBidirectionalMappingType validFromMappingType = activationType.getValidFrom();
    if (validFromMappingType == null || validFromMappingType.getOutbound() == null) {
        LOGGER.trace("Skipping activation validFrom processing because {} does not have appropriate outbound mapping", projCtx.getResource());
    } else if (capValidFrom == null && !ExpressionUtil.hasExplicitTarget(validFromMappingType.getOutbound())) {
        LOGGER.trace("Skipping activation validFrom processing because {} does not have activation validFrom capability nor outbound mapping with explicit target", projCtx.getResource());
    } else {
        evaluateActivationMapping(context, projCtx, activationType.getValidFrom(), SchemaConstants.PATH_ACTIVATION_VALID_FROM, SchemaConstants.PATH_ACTIVATION_VALID_FROM, null, now, true, ActivationType.F_VALID_FROM.getLocalPart(), task, result);
    }
    ResourceBidirectionalMappingType validToMappingType = activationType.getValidTo();
    if (validToMappingType == null || validToMappingType.getOutbound() == null) {
        LOGGER.trace("Skipping activation validTo processing because {} does not have appropriate outbound mapping", projCtx.getResource());
    } else if (capValidTo == null && !ExpressionUtil.hasExplicitTarget(validToMappingType.getOutbound())) {
        LOGGER.trace("Skipping activation validTo processing because {} does not have activation validTo capability nor outbound mapping with explicit target", projCtx.getResource());
    } else {
        evaluateActivationMapping(context, projCtx, activationType.getValidTo(), SchemaConstants.PATH_ACTIVATION_VALID_TO, SchemaConstants.PATH_ACTIVATION_VALID_TO, null, now, true, ActivationType.F_VALID_TO.getLocalPart(), task, result);
    }
    if (capLockoutStatus != null) {
        evaluateActivationMapping(context, projCtx, activationType.getLockoutStatus(), SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, capActivation, now, true, ActivationType.F_LOCKOUT_STATUS.getLocalPart(), task, result);
    } else {
        LOGGER.trace("Skipping activation lockout status processing because {} does not have activation lockout status capability", projCtx.getResource());
    }
}
Also used : ActivationLockoutStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType) ActivationCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType) LensProjectionContext(com.evolveum.midpoint.model.impl.lens.LensProjectionContext) SynchronizationPolicyDecision(com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision) ResourceActivationDefinitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceActivationDefinitionType) ResourceObjectTypeDefinitionType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectTypeDefinitionType) ActivationValidityCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType) SynchronizationIntent(com.evolveum.midpoint.model.impl.lens.SynchronizationIntent) ResourceBidirectionalMappingType(com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceBidirectionalMappingType) PolicyViolationException(com.evolveum.midpoint.util.exception.PolicyViolationException) ActivationStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)

Example 3 with ActivationValidityCapabilityType

use of com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType in project midpoint by Evolveum.

the class ConnectorInstanceConnIdImpl method parseResourceSchema.

private void parseResourceSchema(org.identityconnectors.framework.common.objects.Schema icfSchema, List<QName> generateObjectClasses) {
    AttributeInfo passwordAttributeInfo = null;
    AttributeInfo enableAttributeInfo = null;
    AttributeInfo enableDateAttributeInfo = null;
    AttributeInfo disableDateAttributeInfo = null;
    AttributeInfo lockoutAttributeInfo = null;
    AttributeInfo auxiliaryObjectClasseAttributeInfo = null;
    // New instance of midPoint schema object
    setResourceSchema(new ResourceSchemaImpl(getSchemaNamespace(), prismContext));
    if (legacySchema == null) {
        legacySchema = detectLegacySchema(icfSchema);
    }
    LOGGER.trace("Converting resource schema (legacy mode: {})", legacySchema);
    Set<ObjectClassInfo> objectClassInfoSet = icfSchema.getObjectClassInfo();
    // Let's convert every objectclass in the ICF schema ...		
    for (ObjectClassInfo objectClassInfo : objectClassInfoSet) {
        // "Flat" ICF object class names needs to be mapped to QNames
        QName objectClassXsdName = connIdNameMapper.objectClassToQname(new ObjectClass(objectClassInfo.getType()), getSchemaNamespace(), legacySchema);
        if (!shouldBeGenerated(generateObjectClasses, objectClassXsdName)) {
            LOGGER.trace("Skipping object class {} ({})", objectClassInfo.getType(), objectClassXsdName);
            continue;
        }
        LOGGER.trace("Convering object class {} ({})", objectClassInfo.getType(), objectClassXsdName);
        // ResourceObjectDefinition is a midPpoint way how to represent an
        // object class.
        // The important thing here is the last "type" parameter
        // (objectClassXsdName). The rest is more-or-less cosmetics.
        ObjectClassComplexTypeDefinition ocDef = ((ResourceSchemaImpl) resourceSchema).createObjectClassDefinition(objectClassXsdName);
        // objectclass. So mark it appropriately.
        if (ObjectClass.ACCOUNT_NAME.equals(objectClassInfo.getType())) {
            ((ObjectClassComplexTypeDefinitionImpl) ocDef).setKind(ShadowKindType.ACCOUNT);
            ((ObjectClassComplexTypeDefinitionImpl) ocDef).setDefaultInAKind(true);
        }
        ResourceAttributeDefinition<String> uidDefinition = null;
        ResourceAttributeDefinition<String> nameDefinition = null;
        boolean hasUidDefinition = false;
        int displayOrder = ConnectorFactoryConnIdImpl.ATTR_DISPLAY_ORDER_START;
        // Let's iterate over all attributes in this object class ...
        Set<AttributeInfo> attributeInfoSet = objectClassInfo.getAttributeInfo();
        for (AttributeInfo attributeInfo : attributeInfoSet) {
            String icfName = attributeInfo.getName();
            if (OperationalAttributes.PASSWORD_NAME.equals(icfName)) {
                // This attribute will not go into the schema
                // instead a "password" capability is used
                passwordAttributeInfo = attributeInfo;
                // Skip this attribute, capability is sufficient
                continue;
            }
            if (OperationalAttributes.ENABLE_NAME.equals(icfName)) {
                enableAttributeInfo = attributeInfo;
                // Skip this attribute, capability is sufficient
                continue;
            }
            if (OperationalAttributes.ENABLE_DATE_NAME.equals(icfName)) {
                enableDateAttributeInfo = attributeInfo;
                // Skip this attribute, capability is sufficient
                continue;
            }
            if (OperationalAttributes.DISABLE_DATE_NAME.equals(icfName)) {
                disableDateAttributeInfo = attributeInfo;
                // Skip this attribute, capability is sufficient
                continue;
            }
            if (OperationalAttributes.LOCK_OUT_NAME.equals(icfName)) {
                lockoutAttributeInfo = attributeInfo;
                // Skip this attribute, capability is sufficient
                continue;
            }
            if (PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME.equals(icfName)) {
                auxiliaryObjectClasseAttributeInfo = attributeInfo;
                // Skip this attribute, capability is sufficient
                continue;
            }
            String processedAttributeName = icfName;
            if ((Name.NAME.equals(icfName) || Uid.NAME.equals(icfName)) && attributeInfo.getNativeName() != null) {
                processedAttributeName = attributeInfo.getNativeName();
            }
            QName attrXsdName = connIdNameMapper.convertAttributeNameToQName(processedAttributeName, ocDef);
            QName attrXsdType = ConnIdUtil.icfTypeToXsdType(attributeInfo.getType(), false);
            if (LOGGER.isTraceEnabled()) {
                LOGGER.trace("Attr conversion ICF: {}({}) -> XSD: {}({})", icfName, attributeInfo.getType().getSimpleName(), PrettyPrinter.prettyPrint(attrXsdName), PrettyPrinter.prettyPrint(attrXsdType));
            }
            // Create ResourceObjectAttributeDefinition, which is midPoint
            // way how to express attribute schema.
            ResourceAttributeDefinitionImpl attrDef = new ResourceAttributeDefinitionImpl(attrXsdName, attrXsdType, prismContext);
            attrDef.setMatchingRuleQName(icfAttributeInfoToMatchingRule(attributeInfo));
            if (Name.NAME.equals(icfName)) {
                nameDefinition = attrDef;
                if (uidDefinition != null && attrXsdName.equals(uidDefinition.getName())) {
                    attrDef.setDisplayOrder(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_ORDER);
                    uidDefinition = attrDef;
                    hasUidDefinition = true;
                } else {
                    if (attributeInfo.getNativeName() == null) {
                        // Set a better display name for __NAME__. The "name" is s very
                        // overloaded term, so let's try to make things
                        // a bit clearer
                        attrDef.setDisplayName(ConnectorFactoryConnIdImpl.ICFS_NAME_DISPLAY_NAME);
                    }
                    attrDef.setDisplayOrder(ConnectorFactoryConnIdImpl.ICFS_NAME_DISPLAY_ORDER);
                }
            } else if (Uid.NAME.equals(icfName)) {
                // UID can be the same as other attribute
                ResourceAttributeDefinition existingDefinition = ocDef.findAttributeDefinition(attrXsdName);
                if (existingDefinition != null) {
                    hasUidDefinition = true;
                    ((ResourceAttributeDefinitionImpl) existingDefinition).setDisplayOrder(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_ORDER);
                    uidDefinition = existingDefinition;
                    continue;
                } else {
                    uidDefinition = attrDef;
                    if (attributeInfo.getNativeName() == null) {
                        attrDef.setDisplayName(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_NAME);
                    }
                    attrDef.setDisplayOrder(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_ORDER);
                }
            } else {
                // Check conflict with UID definition
                if (uidDefinition != null && attrXsdName.equals(uidDefinition.getName())) {
                    attrDef.setDisplayOrder(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_ORDER);
                    uidDefinition = attrDef;
                    hasUidDefinition = true;
                } else {
                    attrDef.setDisplayOrder(displayOrder);
                    displayOrder += ConnectorFactoryConnIdImpl.ATTR_DISPLAY_ORDER_INCREMENT;
                }
            }
            attrDef.setNativeAttributeName(attributeInfo.getNativeName());
            attrDef.setFrameworkAttributeName(icfName);
            // Now we are going to process flags such as optional and
            // multi-valued
            Set<Flags> flagsSet = attributeInfo.getFlags();
            // System.out.println(flagsSet);
            attrDef.setMinOccurs(0);
            attrDef.setMaxOccurs(1);
            boolean canCreate = true;
            boolean canUpdate = true;
            boolean canRead = true;
            for (Flags flags : flagsSet) {
                if (flags == Flags.REQUIRED) {
                    attrDef.setMinOccurs(1);
                }
                if (flags == Flags.MULTIVALUED) {
                    attrDef.setMaxOccurs(-1);
                }
                if (flags == Flags.NOT_CREATABLE) {
                    canCreate = false;
                }
                if (flags == Flags.NOT_READABLE) {
                    canRead = false;
                }
                if (flags == Flags.NOT_UPDATEABLE) {
                    canUpdate = false;
                }
                if (flags == Flags.NOT_RETURNED_BY_DEFAULT) {
                    attrDef.setReturnedByDefault(false);
                }
            }
            attrDef.setCanAdd(canCreate);
            attrDef.setCanModify(canUpdate);
            attrDef.setCanRead(canRead);
            if (!Uid.NAME.equals(icfName)) {
                ((ObjectClassComplexTypeDefinitionImpl) ocDef).add(attrDef);
            }
        }
        if (uidDefinition == null) {
            // Every object has UID in ICF, therefore add a default definition if no other was specified
            uidDefinition = new ResourceAttributeDefinitionImpl<>(SchemaConstants.ICFS_UID, DOMUtil.XSD_STRING, prismContext);
            // DO NOT make it mandatory. It must not be present on create hence it cannot be mandatory.
            ((ResourceAttributeDefinitionImpl) uidDefinition).setMinOccurs(0);
            ((ResourceAttributeDefinitionImpl) uidDefinition).setMaxOccurs(1);
            // Make it read-only
            ((ResourceAttributeDefinitionImpl) uidDefinition).setReadOnly();
            // Set a default display name
            ((ResourceAttributeDefinitionImpl) uidDefinition).setDisplayName(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_NAME);
            ((ResourceAttributeDefinitionImpl) uidDefinition).setDisplayOrder(ConnectorFactoryConnIdImpl.ICFS_UID_DISPLAY_ORDER);
        // Uid is a primary identifier of every object (this is the ICF way)
        }
        if (!hasUidDefinition) {
            ((ObjectClassComplexTypeDefinitionImpl) ocDef).add(uidDefinition);
        }
        ((ObjectClassComplexTypeDefinitionImpl) ocDef).addPrimaryIdentifier(uidDefinition);
        if (uidDefinition != nameDefinition) {
            ((ObjectClassComplexTypeDefinitionImpl) ocDef).addSecondaryIdentifier(nameDefinition);
        }
        // Add schema annotations
        ((ObjectClassComplexTypeDefinitionImpl) ocDef).setNativeObjectClass(objectClassInfo.getType());
        ((ObjectClassComplexTypeDefinitionImpl) ocDef).setDisplayNameAttribute(nameDefinition.getName());
        ((ObjectClassComplexTypeDefinitionImpl) ocDef).setNamingAttribute(nameDefinition.getName());
        ((ObjectClassComplexTypeDefinitionImpl) ocDef).setAuxiliary(objectClassInfo.isAuxiliary());
    }
    // This is the default for all resources.
    // (Currently there is no way how to obtain it from the connector.)
    // It can be disabled manually.
    AddRemoveAttributeValuesCapabilityType addRemove = new AddRemoveAttributeValuesCapabilityType();
    capabilities.add(CAPABILITY_OBJECT_FACTORY.createAddRemoveAttributeValues(addRemove));
    ActivationCapabilityType capAct = null;
    if (enableAttributeInfo != null) {
        if (capAct == null) {
            capAct = new ActivationCapabilityType();
        }
        ActivationStatusCapabilityType capActStatus = new ActivationStatusCapabilityType();
        capAct.setStatus(capActStatus);
        if (!enableAttributeInfo.isReturnedByDefault()) {
            capActStatus.setReturnedByDefault(false);
        }
    }
    if (enableDateAttributeInfo != null) {
        if (capAct == null) {
            capAct = new ActivationCapabilityType();
        }
        ActivationValidityCapabilityType capValidFrom = new ActivationValidityCapabilityType();
        capAct.setValidFrom(capValidFrom);
        if (!enableDateAttributeInfo.isReturnedByDefault()) {
            capValidFrom.setReturnedByDefault(false);
        }
    }
    if (disableDateAttributeInfo != null) {
        if (capAct == null) {
            capAct = new ActivationCapabilityType();
        }
        ActivationValidityCapabilityType capValidTo = new ActivationValidityCapabilityType();
        capAct.setValidTo(capValidTo);
        if (!disableDateAttributeInfo.isReturnedByDefault()) {
            capValidTo.setReturnedByDefault(false);
        }
    }
    if (lockoutAttributeInfo != null) {
        if (capAct == null) {
            capAct = new ActivationCapabilityType();
        }
        ActivationLockoutStatusCapabilityType capActStatus = new ActivationLockoutStatusCapabilityType();
        capAct.setLockoutStatus(capActStatus);
        if (!lockoutAttributeInfo.isReturnedByDefault()) {
            capActStatus.setReturnedByDefault(false);
        }
    }
    if (capAct != null) {
        capabilities.add(CAPABILITY_OBJECT_FACTORY.createActivation(capAct));
    }
    if (passwordAttributeInfo != null) {
        CredentialsCapabilityType capCred = new CredentialsCapabilityType();
        PasswordCapabilityType capPass = new PasswordCapabilityType();
        if (!passwordAttributeInfo.isReturnedByDefault()) {
            capPass.setReturnedByDefault(false);
        }
        if (passwordAttributeInfo.isReadable()) {
            capPass.setReadable(true);
        }
        capCred.setPassword(capPass);
        capabilities.add(CAPABILITY_OBJECT_FACTORY.createCredentials(capCred));
    }
    if (auxiliaryObjectClasseAttributeInfo != null) {
        AuxiliaryObjectClassesCapabilityType capAux = new AuxiliaryObjectClassesCapabilityType();
        capabilities.add(CAPABILITY_OBJECT_FACTORY.createAuxiliaryObjectClasses(capAux));
    }
    boolean canPageSize = false;
    boolean canPageOffset = false;
    boolean canSort = false;
    for (OperationOptionInfo searchOption : icfSchema.getSupportedOptionsByOperation(SearchApiOp.class)) {
        switch(searchOption.getName()) {
            case OperationOptions.OP_PAGE_SIZE:
                canPageSize = true;
                break;
            case OperationOptions.OP_PAGED_RESULTS_OFFSET:
                canPageOffset = true;
                break;
            case OperationOptions.OP_SORT_KEYS:
                canSort = true;
                break;
            case OperationOptions.OP_RETURN_DEFAULT_ATTRIBUTES:
                supportsReturnDefaultAttributes = true;
                break;
        }
    }
    if (canPageSize || canPageOffset || canSort) {
        PagedSearchCapabilityType capPage = new PagedSearchCapabilityType();
        capabilities.add(CAPABILITY_OBJECT_FACTORY.createPagedSearch(capPage));
    }
}
Also used : PasswordCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.PasswordCapabilityType) ActivationCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType) GuardedString(org.identityconnectors.common.security.GuardedString) AuxiliaryObjectClassesCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.AuxiliaryObjectClassesCapabilityType) PagedSearchCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.PagedSearchCapabilityType) OperationOptionInfo(org.identityconnectors.framework.common.objects.OperationOptionInfo) ActivationValidityCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType) CredentialsCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType) AddRemoveAttributeValuesCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.AddRemoveAttributeValuesCapabilityType) ActivationStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType) ActivationLockoutStatusCapabilityType(com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType) ObjectClassInfo(org.identityconnectors.framework.common.objects.ObjectClassInfo) ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass) QName(javax.xml.namespace.QName) Flags(org.identityconnectors.framework.common.objects.AttributeInfo.Flags) AttributeInfo(org.identityconnectors.framework.common.objects.AttributeInfo)

Aggregations

ActivationCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType)3 ActivationStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType)3 ActivationValidityCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType)3 SynchronizationPolicyDecision (com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision)2 SynchronizationIntent (com.evolveum.midpoint.model.impl.lens.SynchronizationIntent)2 ResourceActivationDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceActivationDefinitionType)2 ResourceObjectTypeDefinitionType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceObjectTypeDefinitionType)2 ActivationLockoutStatusCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType)2 LensProjectionContext (com.evolveum.midpoint.model.impl.lens.LensProjectionContext)1 PolicyViolationException (com.evolveum.midpoint.util.exception.PolicyViolationException)1 ResourceBidirectionalMappingType (com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceBidirectionalMappingType)1 AddRemoveAttributeValuesCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.AddRemoveAttributeValuesCapabilityType)1 AuxiliaryObjectClassesCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.AuxiliaryObjectClassesCapabilityType)1 CredentialsCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType)1 PagedSearchCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.PagedSearchCapabilityType)1 PasswordCapabilityType (com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.PasswordCapabilityType)1 QName (javax.xml.namespace.QName)1 GuardedString (org.identityconnectors.common.security.GuardedString)1 AttributeInfo (org.identityconnectors.framework.common.objects.AttributeInfo)1 Flags (org.identityconnectors.framework.common.objects.AttributeInfo.Flags)1