Examples with XMLGregorianCalendar javax.xml.datatype.XMLGregorianCalendar used on opensource projects

Example 16 with XMLGregorianCalendar

use of javax.xml.datatype.XMLGregorianCalendar in project midpoint by Evolveum.

the class FocusProcessor method recordEffectiveStatusDelta.

private <F extends ObjectType> void recordEffectiveStatusDelta(LensFocusContext<F> focusContext, ActivationStatusType effectiveStatusNew, XMLGregorianCalendar now) throws SchemaException {
    PrismContainerDefinition<ActivationType> activationDefinition = getActivationDefinition();
    // We always want explicit delta for effective status even if there is no real change
    // we want to propagate enable/disable events to all the resources, even if we are enabling
    // already enabled user (some resources may be disabled)
    // This may produce duplicate delta, but that does not matter too much. The duplicate delta
    // will be filtered out later.
    PrismPropertyDefinition<ActivationStatusType> effectiveStatusDef = activationDefinition.findPropertyDefinition(ActivationType.F_EFFECTIVE_STATUS);
    PropertyDelta<ActivationStatusType> effectiveStatusDelta = effectiveStatusDef.createEmptyDelta(new ItemPath(UserType.F_ACTIVATION, ActivationType.F_EFFECTIVE_STATUS));
    effectiveStatusDelta.setValueToReplace(new PrismPropertyValue<ActivationStatusType>(effectiveStatusNew, OriginType.USER_POLICY, null));
    if (!focusContext.alreadyHasDelta(effectiveStatusDelta)) {
        focusContext.swallowToProjectionWaveSecondaryDelta(effectiveStatusDelta);
    }
    // It is not enough to check alreadyHasDelta(). The change may happen in previous waves
    // and the secondary delta may no longer be here. When it comes to disableTimestamp we even
    // cannot rely on natural filtering of already executed deltas as the timestamp here may
    // be off by several milliseconds. So explicitly check for the change here. 
    PrismObject<F> objectCurrent = focusContext.getObjectCurrent();
    if (objectCurrent != null) {
        PrismProperty<ActivationStatusType> effectiveStatusPropCurrent = objectCurrent.findProperty(SchemaConstants.PATH_ACTIVATION_EFFECTIVE_STATUS);
        if (effectiveStatusPropCurrent != null && effectiveStatusNew.equals(effectiveStatusPropCurrent.getRealValue())) {
            LOGGER.trace("Skipping setting disableTimestamp because there was no change");
            return;
        }
    }
    PropertyDelta<XMLGregorianCalendar> timestampDelta = LensUtil.createActivationTimestampDelta(effectiveStatusNew, now, activationDefinition, OriginType.USER_POLICY);
    if (!focusContext.alreadyHasDelta(timestampDelta)) {
        focusContext.swallowToProjectionWaveSecondaryDelta(timestampDelta);
    }
}

Example 17 with XMLGregorianCalendar

use of javax.xml.datatype.XMLGregorianCalendar in project midpoint by Evolveum.

the class PrismInternalTestUtil method assertUserJackContent.

public static void assertUserJackContent(PrismObject<UserType> user, boolean expectRawInConstructions) throws SchemaException {
    assertEquals("Wrong oid", USER_JACK_OID, user.getOid());
    assertEquals("Wrong version", "42", user.getVersion());
    PrismAsserts.assertObjectDefinition(user.getDefinition(), USER_QNAME, USER_TYPE_QNAME, UserType.class);
    PrismAsserts.assertParentConsistency(user);
    assertPropertyValue(user, "fullName", "cpt. Jack Sparrow");
    assertPropertyDefinition(user, "fullName", DOMUtil.XSD_STRING, 1, 1);
    assertPropertyValue(user, "givenName", "Jack");
    assertPropertyDefinition(user, "givenName", DOMUtil.XSD_STRING, 0, 1);
    assertPropertyValue(user, "familyName", "Sparrow");
    assertPropertyDefinition(user, "familyName", DOMUtil.XSD_STRING, 0, 1);
    assertPropertyValue(user, "name", new PolyString("jack", "jack"));
    assertPropertyDefinition(user, "name", PolyStringType.COMPLEX_TYPE, 0, 1);
    assertPropertyValue(user, "special", "got it!");
    assertPropertyDefinition(user, "special", DOMUtil.XSD_STRING, 0, 1);
    assertPropertyValue(user, "polyName", new PolyString("Džek Sperou", "dzek sperou"));
    assertPropertyDefinition(user, "polyName", PolyStringType.COMPLEX_TYPE, 0, 1);
    ItemPath enabledPath = USER_ENABLED_PATH;
    PrismProperty<Boolean> enabledProperty1 = user.findProperty(enabledPath);
    assertNotNull("No enabled property", enabledProperty1);
    PrismAsserts.assertDefinition(enabledProperty1.getDefinition(), USER_ENABLED_QNAME, DOMUtil.XSD_BOOLEAN, 0, 1);
    assertNotNull("Property " + enabledPath + " not found", enabledProperty1);
    PrismAsserts.assertPropertyValue(enabledProperty1, true);
    PrismProperty<XMLGregorianCalendar> validFromProperty = user.findProperty(USER_VALID_FROM_PATH);
    assertNotNull("Property " + USER_VALID_FROM_PATH + " not found", validFromProperty);
    PrismAsserts.assertPropertyValue(validFromProperty, USER_JACK_VALID_FROM);
    QName actName = new QName(NS_FOO, "activation");
    // Use path
    ItemPath actPath = new ItemPath(actName);
    PrismContainer<ActivationType> actContainer1 = user.findContainer(actPath);
    assertContainerDefinition(actContainer1, "activation", ACTIVATION_TYPE_QNAME, 0, 1);
    assertNotNull("Property " + actPath + " not found", actContainer1);
    assertEquals("Wrong activation name", actName, actContainer1.getElementName());
    // Use name
    PrismContainer<ActivationType> actContainer2 = user.findContainer(actName);
    assertNotNull("Property " + actName + " not found", actContainer2);
    assertEquals("Wrong activation name", actName, actContainer2.getElementName());
    // Compare
    assertEquals("Eh?", actContainer1, actContainer2);
    PrismProperty<Boolean> enabledProperty2 = actContainer1.findProperty(new QName(NS_FOO, "enabled"));
    assertNotNull("Property enabled not found", enabledProperty2);
    PrismAsserts.assertPropertyValue(enabledProperty2, true);
    assertEquals("Eh?", enabledProperty1, enabledProperty2);
    QName assName = new QName(NS_FOO, "assignment");
    QName descriptionName = new QName(NS_FOO, "description");
    QName accountConstructionName = new QName(NS_FOO, "accountConstruction");
    PrismContainer<AssignmentType> assContainer = user.findContainer(assName);
    assertEquals("Wrong assignement values", 2, assContainer.getValues().size());
    PrismProperty<String> a2DescProperty = assContainer.getValue(USER_ASSIGNMENT_2_ID).findProperty(descriptionName);
    assertEquals("Wrong assigment 2 description", "Assignment 2", a2DescProperty.getValue().getValue());
    ItemPath a1Path = new ItemPath(new NameItemPathSegment(assName), new IdItemPathSegment(USER_ASSIGNMENT_1_ID), new NameItemPathSegment(descriptionName));
    PrismProperty a1Property = user.findProperty(a1Path);
    assertNotNull("Property " + a1Path + " not found", a1Property);
    PrismAsserts.assertPropertyValue(a1Property, "Assignment 1");
    ItemPath a2Path = new ItemPath(new NameItemPathSegment(assName), new IdItemPathSegment(USER_ASSIGNMENT_2_ID), new NameItemPathSegment(accountConstructionName));
    PrismProperty a2Property = user.findProperty(a2Path);
    assertNotNull("Property " + a2Path + " not found", a2Property);
    AccountConstructionType accountConstructionType = (AccountConstructionType) a2Property.getRealValue();
    assertEquals("Wrong number of values in accountConstruction", 2, accountConstructionType.getValue().size());
    RawType value1 = accountConstructionType.getValue().get(0).clone();
    if (expectRawInConstructions) {
        assertNotNull("Value #1 has no XNode present", value1.getXnode());
        PrismPropertyDefinition value1def = new PrismPropertyDefinitionImpl(// element name
        new QName(NS_FOO, "dummy"), // type name
        DOMUtil.XSD_STRING, user.getPrismContext());
        PrismPropertyValue<String> prismValue1 = value1.getParsedValue(value1def, value1def.getName());
        assertEquals("Wrong value #1", "ABC", prismValue1.getValue());
    } else {
        assertNull("Value #1 has XNode present", value1.getXnode());
        assertEquals("Wrong value #1", "ABC", value1.getParsedRealValue(String.class));
    }
    RawType value2 = accountConstructionType.getValue().get(1).clone();
    assertNotNull("Value #2 has no XNode present", value2.getXnode());
    PrismValue prismValue2 = value2.getParsedValue(user.getDefinition(), user.getDefinition().getName());
    PrismContainerValue<UserType> prismUserValue2 = (PrismContainerValue<UserType>) prismValue2;
    assertEquals("Wrong value #2", "Nobody", prismUserValue2.findProperty(new QName(NS_FOO, "fullName")).getRealValue());
    PrismReference accountRef = user.findReference(USER_ACCOUNTREF_QNAME);
    assertNotNull("Reference " + USER_ACCOUNTREF_QNAME + " not found", accountRef);
    assertEquals("Wrong number of accountRef values", 3, accountRef.getValues().size());
    PrismAsserts.assertReferenceValue(accountRef, "c0c010c0-d34d-b33f-f00d-aaaaaaaa1111");
    PrismAsserts.assertReferenceValue(accountRef, "c0c010c0-d34d-b33f-f00d-aaaaaaaa1112");
    PrismAsserts.assertReferenceValue(accountRef, "c0c010c0-d34d-b33f-f00d-aaaaaaaa1113");
    PrismReferenceValue accountRefVal2 = accountRef.findValueByOid("c0c010c0-d34d-b33f-f00d-aaaaaaaa1112");
    assertEquals("Wrong oid for accountRef", "c0c010c0-d34d-b33f-f00d-aaaaaaaa1112", accountRefVal2.getOid());
    assertEquals("Wrong accountRef description", "This is a reference with a filter", accountRefVal2.getDescription());
    assertNotNull("No filter in accountRef", accountRefVal2.getFilter());
}

Example 18 with XMLGregorianCalendar

use of javax.xml.datatype.XMLGregorianCalendar in project midpoint by Evolveum.

the class XmlTypeConverter method addDuration.

public static XMLGregorianCalendar addDuration(XMLGregorianCalendar now, String duration) {
    XMLGregorianCalendar later = createXMLGregorianCalendar(toMillis(now));
    later.add(createDuration(duration));
    return later;
}

Example 19 with XMLGregorianCalendar

use of javax.xml.datatype.XMLGregorianCalendar in project midpoint by Evolveum.

the class ProjectionCredentialsProcessor method processProjectionPasswordMapping.

private <F extends FocusType> void processProjectionPasswordMapping(LensContext<F> context, final LensProjectionContext projCtx, final ValuePolicyType passwordPolicy, XMLGregorianCalendar now, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException {
    LensFocusContext<F> focusContext = context.getFocusContext();
    PrismObject<F> userNew = focusContext.getObjectNew();
    if (userNew == null) {
        // This must be a user delete or something similar. No point in proceeding
        LOGGER.trace("userNew is null, skipping credentials processing");
        return;
    }
    PrismObjectDefinition<ShadowType> accountDefinition = prismContext.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(ShadowType.class);
    PrismPropertyDefinition<ProtectedStringType> projPasswordPropertyDefinition = accountDefinition.findPropertyDefinition(SchemaConstants.PATH_PASSWORD_VALUE);
    ResourceShadowDiscriminator rsd = projCtx.getResourceShadowDiscriminator();
    RefinedObjectClassDefinition refinedProjDef = projCtx.getStructuralObjectClassDefinition();
    if (refinedProjDef == null) {
        LOGGER.trace("No RefinedObjectClassDefinition, therefore also no password outbound definition, skipping credentials processing for projection {}", rsd);
        return;
    }
    List<MappingType> outboundMappingTypes = refinedProjDef.getPasswordOutbound();
    if (outboundMappingTypes == null || outboundMappingTypes.isEmpty()) {
        LOGGER.trace("No outbound password mapping for {}, skipping credentials processing", rsd);
        return;
    }
    // HACK
    if (!projCtx.isDoReconciliation() && !projCtx.isAdd() && !isActivated(outboundMappingTypes, focusContext.getDelta())) {
        LOGGER.trace("Outbound password mappings not activated for type {}, skipping credentials processing", rsd);
        return;
    }
    final ObjectDelta<ShadowType> projDelta = projCtx.getDelta();
    final PropertyDelta<ProtectedStringType> projPasswordDelta;
    if (projDelta != null && projDelta.getChangeType() == MODIFY) {
        projPasswordDelta = projDelta.findPropertyDelta(SchemaConstants.PATH_PASSWORD_VALUE);
    } else {
        projPasswordDelta = null;
    }
    checkExistingDeltaSanity(projCtx, projPasswordDelta);
    boolean evaluateWeak = getEvaluateWeak(projCtx);
    final ItemDeltaItem<PrismPropertyValue<PasswordType>, PrismPropertyDefinition<ProtectedStringType>> userPasswordIdi = focusContext.getObjectDeltaObject().findIdi(SchemaConstants.PATH_PASSWORD_VALUE);
    StringPolicyResolver stringPolicyResolver = new StringPolicyResolver() {

        @Override
        public void setOutputPath(ItemPath outputPath) {
        }

        @Override
        public void setOutputDefinition(ItemDefinition outputDefinition) {
        }

        @Override
        public StringPolicyType resolve() {
            if (passwordPolicy == null) {
                return null;
            }
            return passwordPolicy.getStringPolicy();
        }
    };
    MappingInitializer<PrismPropertyValue<ProtectedStringType>, PrismPropertyDefinition<ProtectedStringType>> initializer = (builder) -> {
        builder.defaultTargetDefinition(projPasswordPropertyDefinition);
        builder.defaultSource(new Source<>(userPasswordIdi, ExpressionConstants.VAR_INPUT));
        builder.stringPolicyResolver(stringPolicyResolver);
        return builder;
    };
    MappingOutputProcessor<PrismPropertyValue<ProtectedStringType>> processor = (mappingOutputPath, outputStruct) -> {
        PrismValueDeltaSetTriple<PrismPropertyValue<ProtectedStringType>> outputTriple = outputStruct.getOutputTriple();
        if (outputTriple == null) {
            LOGGER.trace("Credentials 'password' expression resulted in null output triple, skipping credentials processing for {}", rsd);
            return false;
        }
        boolean projectionIsNew = projDelta != null && (projDelta.getChangeType() == ChangeType.ADD || projCtx.getSynchronizationPolicyDecision() == SynchronizationPolicyDecision.ADD);
        Collection<PrismPropertyValue<ProtectedStringType>> newValues = outputTriple.getPlusSet();
        if (projectionIsNew) {
            newValues = outputTriple.getNonNegativeValues();
        } else {
            newValues = outputTriple.getPlusSet();
        }
        if (!canGetCleartext(newValues)) {
            ObjectDelta<ShadowType> projectionPrimaryDelta = projCtx.getPrimaryDelta();
            if (projectionPrimaryDelta != null) {
                PropertyDelta<ProtectedStringType> passwordPrimaryDelta = projectionPrimaryDelta.findPropertyDelta(SchemaConstants.PATH_PASSWORD_VALUE);
                if (passwordPrimaryDelta != null) {
                    // We have only hashed value coming from the mapping. There are not very useful
                    // for provisioning. But we have primary projection delta - and that is very likely
                    // to be better.
                    // Skip all password mappings in this case. Primary delta trumps everything. 
                    // No weak, normal or even strong mapping can change that.
                    // We need to disregard even strong mapping in this case. If we would heed the strong
                    // mapping then account initialization won't be possible.
                    LOGGER.trace("We have primary password delta in projection, skipping credentials processing");
                    return false;
                }
            }
        }
        return true;
    };
    mappingEvaluator.evaluateOutboundMapping(context, projCtx, outboundMappingTypes, SchemaConstants.PATH_PASSWORD_VALUE, SchemaConstants.PATH_PASSWORD_VALUE, initializer, processor, now, true, evaluateWeak, "password mapping", task, result);
}

Example 20 with XMLGregorianCalendar

use of javax.xml.datatype.XMLGregorianCalendar in project midpoint by Evolveum.

the class FocusValidityScannerTaskHandler method createQuery.

@Override
protected ObjectQuery createQuery(AbstractScannerResultHandler<UserType> handler, TaskRunResult runResult, Task coordinatorTask, OperationResult opResult) throws SchemaException {
    initProcessedOids(coordinatorTask);
    ObjectQuery query = new ObjectQuery();
    ObjectFilter filter;
    PrismObjectDefinition<UserType> focusObjectDef = prismContext.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(UserType.class);
    XMLGregorianCalendar lastScanTimestamp = handler.getLastScanTimestamp();
    XMLGregorianCalendar thisScanTimestamp = handler.getThisScanTimestamp();
    if (lastScanTimestamp == null) {
        filter = QueryBuilder.queryFor(FocusType.class, prismContext).item(F_ACTIVATION, F_VALID_FROM).le(thisScanTimestamp).or().item(F_ACTIVATION, F_VALID_TO).le(thisScanTimestamp).or().exists(F_ASSIGNMENT).block().item(AssignmentType.F_ACTIVATION, F_VALID_FROM).le(thisScanTimestamp).or().item(AssignmentType.F_ACTIVATION, F_VALID_TO).le(thisScanTimestamp).endBlock().buildFilter();
    } else {
        filter = QueryBuilder.queryFor(FocusType.class, prismContext).item(F_ACTIVATION, F_VALID_FROM).gt(lastScanTimestamp).and().item(F_ACTIVATION, F_VALID_FROM).le(thisScanTimestamp).or().item(F_ACTIVATION, F_VALID_TO).gt(lastScanTimestamp).and().item(F_ACTIVATION, F_VALID_TO).le(thisScanTimestamp).or().exists(F_ASSIGNMENT).block().item(AssignmentType.F_ACTIVATION, F_VALID_FROM).gt(lastScanTimestamp).and().item(AssignmentType.F_ACTIVATION, F_VALID_FROM).le(thisScanTimestamp).or().item(AssignmentType.F_ACTIVATION, F_VALID_TO).gt(lastScanTimestamp).and().item(AssignmentType.F_ACTIVATION, F_VALID_TO).le(thisScanTimestamp).endBlock().buildFilter();
    }
    query.setFilter(filter);
    return query;
}