MID-8842 ninja - security policy merge operation + test

infra/schema/src/main/java/com/evolveum/midpoint/schema/merger/TypeSpecificMergersConfigurator.java

@@ -63,7 +63,13 @@ static Map<Class<?>, Supplier<ItemMerger>> createStandardTypeSpecificMergersMap(
                         () -> new GenericItemMerger(marker, DefaultNaturalKeyImpl.of(AbstractSynchronizationActionType.F_NAME))),
                 entry(
                         LookupTableRowType.class,
-                        () -> new GenericItemMerger(marker, DefaultNaturalKeyImpl.of(LookupTableRowType.F_KEY)))
+                        () -> new GenericItemMerger(marker, DefaultNaturalKeyImpl.of(LookupTableRowType.F_KEY))),
+                entry(
+                        AbstractAuthenticationModuleType.class,
+                        () -> new GenericItemMerger(marker, DefaultNaturalKeyImpl.of(AbstractAuthenticationModuleType.F_IDENTIFIER))),
+                entry(
+                        AuthenticationSequenceType.class,
+                       () -> new GenericItemMerger(marker, DefaultNaturalKeyImpl.of(AuthenticationSequenceType.F_IDENTIFIER)))
         );
     }
 }

infra/schema/src/main/java/com/evolveum/midpoint/schema/merger/object/ObjectMergeOperation.java

@@ -7,25 +7,27 @@
 
 package com.evolveum.midpoint.schema.merger.object;
 
-import static java.util.Map.entry;
-
-import java.lang.reflect.InvocationTargetException;
-import java.util.Map;
-
-import org.apache.commons.lang3.Validate;
-
 import com.evolveum.midpoint.prism.PrismObject;
 import com.evolveum.midpoint.schema.merger.BaseMergeOperation;
 import com.evolveum.midpoint.util.exception.ConfigurationException;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.exception.SystemException;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.LookupTableType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
+
+import org.apache.commons.lang3.Validate;
+
+import java.lang.reflect.InvocationTargetException;
+import java.util.Map;
+
+import static java.util.Map.entry;
 
 public class ObjectMergeOperation {
 
     public static final Map<Class<? extends ObjectType>, Class<? extends BaseMergeOperation>> MERGE_OPERATIONS = Map.ofEntries(
-            entry(LookupTableType.class, LookupTableMergeOperation.class)
+            entry(LookupTableType.class, LookupTableMergeOperation.class),
+            entry(SecurityPolicyType.class, SecurityPolicyMergeOperation.class)
     );
 
     public static <O extends ObjectType> boolean hasMergeOperationFor(PrismObject<O> target) {

infra/schema/src/test/java/com/evolveum/midpoint/schema/merger/TestMerger.java

@@ -7,36 +7,49 @@
 
 package com.evolveum.midpoint.schema.merger;
 
-import com.evolveum.midpoint.prism.PrismObject;
-import com.evolveum.midpoint.schema.AbstractSchemaTest;
-import com.evolveum.midpoint.schema.merger.object.LookupTableMergeOperation;
+import static com.evolveum.midpoint.prism.util.PrismTestUtil.getPrismContext;
 
-import com.evolveum.midpoint.xml.ns._public.common.common_3.LookupTableType;
+import java.io.File;
+import java.io.IOException;
 
 import org.assertj.core.api.Assertions;
 import org.testng.annotations.Test;
 
-import java.io.File;
-
-import static com.evolveum.midpoint.prism.util.PrismTestUtil.getPrismContext;
+import com.evolveum.midpoint.prism.PrismObject;
+import com.evolveum.midpoint.schema.AbstractSchemaTest;
+import com.evolveum.midpoint.schema.merger.object.ObjectMergeOperation;
+import com.evolveum.midpoint.util.exception.ConfigurationException;
+import com.evolveum.midpoint.util.exception.SchemaException;
+import com.evolveum.midpoint.util.logging.Trace;
+import com.evolveum.midpoint.util.logging.TraceManager;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.LookupTableType;
 
 public class TestMerger extends AbstractSchemaTest {
 
+    private static final Trace LOGGER = TraceManager.getTrace(TestMerger.class);
+
     private static final File TEST_ROOT_DIR = new File("./src/test/resources/merger");
 
     @Test
-    public void testLookupTableMergeOperation() throws Exception {
-        PrismObject<LookupTableType> source = getPrismContext().parseObject(new File(TEST_ROOT_DIR, "lookup-table-source.xml"));
-        PrismObject<LookupTableType> target = getPrismContext().parseObject(new File(TEST_ROOT_DIR, "lookup-table-target.xml"));
-        PrismObject<LookupTableType> result = getPrismContext().parseObject(new File(TEST_ROOT_DIR, "lookup-table-result.xml"));
+    public void test10LookupTableMergeOperation() throws Exception {
+        testMergeOperation("lookup-table");
+    }
+
+    @Test
+    public void test20SecurityPolicyMergeOperation() throws Exception {
+        testMergeOperation("security-policy");
+    }
+
+    private void testMergeOperation(String fileNamePrefix) throws IOException, SchemaException, ConfigurationException {
+        PrismObject<LookupTableType> source = getPrismContext().parseObject(new File(TEST_ROOT_DIR, fileNamePrefix + "-source.xml"));
+        PrismObject<LookupTableType> target = getPrismContext().parseObject(new File(TEST_ROOT_DIR, fileNamePrefix + "-target.xml"));
+        PrismObject<LookupTableType> result = getPrismContext().parseObject(new File(TEST_ROOT_DIR, fileNamePrefix + "-result.xml"));
 
-        LookupTableMergeOperation operation = new LookupTableMergeOperation(target.asObjectable(), source.asObjectable());
-        operation.execute();
+        ObjectMergeOperation.merge(target, source);
 
-        System.out.println("Merged object:\n" + target.debugDump());
-        // TODO
+        LOGGER.trace("Merged object:\n{}", target.debugDump());
 
         Assertions.assertThat(target)
-                        .matches(t -> t.equivalent(result));
+                .matches(t -> t.equivalent(result));
     }
 }

infra/schema/src/test/resources/merger/security-policy-result.xml

@@ -0,0 +1,105 @@
+<securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" oid="00000000-0000-0000-0000-000000000120" version="1">
+    <name>Default Security Policy</name>
+    <metadata>
+        <requestTimestamp>2023-09-07T12:37:31.532+02:00</requestTimestamp>
+        <createTimestamp>2023-09-07T12:37:31.549+02:00</createTimestamp>
+        <createChannel>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#init</createChannel>
+    </metadata>
+    <operationExecution id="1">
+        <recordType>simple</recordType>
+        <timestamp>2023-09-07T12:37:31.576+02:00</timestamp>
+        <operation>
+            <objectDelta>
+                <t:changeType>add</t:changeType>
+                <t:objectType>c:SecurityPolicyType</t:objectType>
+            </objectDelta>
+            <executionResult>
+                <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
+                <status>success</status>
+                <importance>normal</importance>
+                <token>1000000000000000018</token>
+            </executionResult>
+            <objectName>Default Security Policy</objectName>
+        </operation>
+        <status>success</status>
+        <channel>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#init</channel>
+    </operationExecution>
+    <iteration>0</iteration>
+    <iterationToken/>
+    <credentials>
+        <password>
+            <minOccurs>0</minOccurs>
+            <lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
+            <lockoutFailedAttemptsDuration>PT5M</lockoutFailedAttemptsDuration>
+            <lockoutDuration>PT15M</lockoutDuration>
+            <valuePolicyRef oid="00000000-0000-0000-0000-000000000003" relation="org:default" type="c:ValuePolicyType">
+                <!-- Default Password Policy -->
+            </valuePolicyRef>
+        </password>
+    </credentials>
+
+    <authentication>
+        <modules>
+            <loginForm id="1">
+                <identifier>loginForm</identifier>
+            </loginForm>
+            <httpBasic id="12">
+                <identifier>httpBasic</identifier>
+            </httpBasic>
+        </modules>
+        <sequence id="2">
+            <identifier>rest</identifier>
+            <channel>
+                <default>false</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest</channelId>
+                <urlSuffix>rest</urlSuffix>
+            </channel>
+            <module id="7">
+                <identifier>httpBasic</identifier>
+                <order>1</order>
+                <necessity>optional</necessity>
+            </module>
+        </sequence>
+        <sequence id="3">
+            <identifier>admin-gui-default</identifier>
+            <displayName>Default gui sequence</displayName>
+            <channel>
+                <default>true</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#user</channelId>
+                <urlSuffix>gui-default</urlSuffix>
+            </channel>
+            <module id="6">
+                <identifier>loginForm</identifier>
+                <order>1</order>
+                <necessity>sufficient</necessity>
+            </module>
+        </sequence>
+        <sequence id="4">
+            <identifier>rest-default</identifier>
+            <channel>
+                <default>true</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest</channelId>
+                <urlSuffix>rest-default</urlSuffix>
+            </channel>
+            <module id="7">
+                <identifier>httpBasic</identifier>
+                <order>1</order>
+                <necessity>sufficient</necessity>
+            </module>
+        </sequence>
+        <sequence id="5">
+            <identifier>actuator-default</identifier>
+            <channel>
+                <default>true</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#actuator</channelId>
+                <urlSuffix>actuator-default</urlSuffix>
+            </channel>
+            <module id="8">
+                <identifier>httpBasic</identifier>
+                <order>1</order>
+                <necessity>sufficient</necessity>
+            </module>
+        </sequence>
+        <ignoredLocalPath>/actuator/health</ignoredLocalPath>
+    </authentication>
+</securityPolicy>

infra/schema/src/test/resources/merger/security-policy-source.xml

@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2014-2018 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<securityPolicy oid="00000000-0000-0000-0000-000000000120"
+    xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
+    <name>Default Security Policy</name>
+    <authentication>
+        <modules>
+            <loginForm id="1">
+                <identifier>loginForm</identifier>
+            </loginForm>
+            <httpBasic id="2">
+                <identifier>httpBasic</identifier>
+            </httpBasic>
+        </modules>
+        <sequence id="3">
+            <identifier>admin-gui-default</identifier>
+            <displayName>Default gui sequence</displayName>
+            <channel>
+                <default>true</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#user</channelId>
+                <urlSuffix>gui-default</urlSuffix>
+            </channel>
+            <module id="6">
+                <identifier>loginForm</identifier>
+                <order>1</order>
+                <necessity>sufficient</necessity>
+            </module>
+        </sequence>
+        <sequence id="4">
+            <identifier>rest-default</identifier>
+            <channel>
+                <default>true</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest</channelId>
+                <urlSuffix>rest-default</urlSuffix>
+            </channel>
+            <module id="7">
+                <identifier>httpBasic</identifier>
+                <order>1</order>
+                <necessity>sufficient</necessity>
+            </module>
+        </sequence>
+        <sequence id="5">
+            <identifier>actuator-default</identifier>
+            <channel>
+                <default>true</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#actuator</channelId>
+                <urlSuffix>actuator-default</urlSuffix>
+            </channel>
+            <module id="8">
+                <identifier>httpBasic</identifier>
+                <order>1</order>
+                <necessity>sufficient</necessity>
+            </module>
+        </sequence>
+        <ignoredLocalPath>/actuator/health</ignoredLocalPath>
+    </authentication>
+    <credentials>
+        <password>
+            <minOccurs>0</minOccurs>
+            <lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
+            <lockoutFailedAttemptsDuration>PT3M</lockoutFailedAttemptsDuration>
+            <lockoutDuration>PT15M</lockoutDuration>
+            <valuePolicyRef oid="00000000-0000-0000-0000-000000000003"/>
+        </password>
+    </credentials>
+</securityPolicy>

infra/schema/src/test/resources/merger/security-policy-target.xml

@@ -0,0 +1,55 @@
+<securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" oid="00000000-0000-0000-0000-000000000120" version="1">
+    <name>Default Security Policy</name>
+    <metadata>
+        <requestTimestamp>2023-09-07T12:37:31.532+02:00</requestTimestamp>
+        <createTimestamp>2023-09-07T12:37:31.549+02:00</createTimestamp>
+        <createChannel>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#init</createChannel>
+    </metadata>
+    <operationExecution id="1">
+        <recordType>simple</recordType>
+        <timestamp>2023-09-07T12:37:31.576+02:00</timestamp>
+        <operation>
+            <objectDelta>
+                <t:changeType>add</t:changeType>
+                <t:objectType>c:SecurityPolicyType</t:objectType>
+            </objectDelta>
+            <executionResult>
+                <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
+                <status>success</status>
+                <importance>normal</importance>
+                <token>1000000000000000018</token>
+            </executionResult>
+            <objectName>Default Security Policy</objectName>
+        </operation>
+        <status>success</status>
+        <channel>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#init</channel>
+    </operationExecution>
+    <iteration>0</iteration>
+    <iterationToken/>
+    <authentication>
+        <sequence id="2">
+            <identifier>rest</identifier>
+            <channel>
+                <default>false</default>
+                <channelId>http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest</channelId>
+                <urlSuffix>rest</urlSuffix>
+            </channel>
+            <module id="7">
+                <identifier>httpBasic</identifier>
+                <order>1</order>
+                <necessity>optional</necessity>
+            </module>
+        </sequence>
+    </authentication>
+    <credentials>
+        <password>
+            <minOccurs>0</minOccurs>
+            <lockoutMaxFailedAttempts>3</lockoutMaxFailedAttempts>
+            <lockoutFailedAttemptsDuration>PT5M</lockoutFailedAttemptsDuration>
+            <lockoutDuration>PT15M</lockoutDuration>
+            <valuePolicyRef oid="00000000-0000-0000-0000-000000000003" relation="org:default" type="c:ValuePolicyType">
+                <!-- Default Password Policy -->
+            </valuePolicyRef>
+        </password>
+    </credentials>
+</securityPolicy>

infra/schema/testng-unit.xml

@@ -145,6 +145,7 @@
             <class name="com.evolveum.midpoint.schema.simulations.TestSimulationMetricComputations"/>
             <class name="com.evolveum.midpoint.schema.TestConfigErrorReporter"/>
             <class name="com.evolveum.midpoint.schema.validator.processor.TestUpgradeProcessors"/>
+            <class name="com.evolveum.midpoint.schema.merger.TestMerger"/>
         </classes>
     </test>
 </suite>