Merge branch 'support-4.0' of https://github.com/Evolveum/midpoint in…

…to support-4.0
Evolveum · Apr 1, 2020 · 2d74a56 · 2d74a56
2 parents 28c0fc3 + 2584816
commit 2d74a56
Show file tree

Hide file tree

Showing 22 changed files with 280 additions and 67 deletions.
diff --git a/...gui/src/main/java/com/evolveum/midpoint/web/component/assignment/AssignmentEditorDto.java b/...gui/src/main/java/com/evolveum/midpoint/web/component/assignment/AssignmentEditorDto.java
@@ -192,6 +192,7 @@ public static AssignmentEditorDto createDtoFromObject(ObjectType object, UserDto
         if (relation != null){
             targetRef.setRelation(relation);
         }
+        targetRef.asReferenceValue().setObject(object.asPrismObject());
 
         AssignmentType assignment = new AssignmentType();
         assignment.setTargetRef(targetRef);

diff --git a/.../src/main/java/com/evolveum/midpoint/web/component/data/RepositoryObjectDataProvider.java b/.../src/main/java/com/evolveum/midpoint/web/component/data/RepositoryObjectDataProvider.java
@@ -18,6 +18,7 @@
 import com.evolveum.midpoint.schema.RetrieveOption;
 import com.evolveum.midpoint.schema.SelectorOptions;
 import com.evolveum.midpoint.schema.result.OperationResult;
+import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.logging.LoggingUtils;
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
@@ -149,6 +150,9 @@ private ResourceDescription loadDescription(String oid, OperationResult result)
             }
 
             subResult.recordSuccess();
+        } catch (ObjectNotFoundException e) {
+            LoggingUtils.logException(LOGGER, "Resource with oid {} not found", e, oid);
+            result.recordPartialError(getPage().createStringResource("ObjectDataProvider.message.loadResourceForAccount.notFound", oid).getString());
         } catch (Exception ex) {
             LoggingUtils.logUnexpectedException(LOGGER, "Couldn't load resource for account", ex);
             result.recordFatalError(getPage().createStringResource("ObjectDataProvider.message.loadResourceForAccount.fatalError").getString(), ex);
@@ -220,4 +224,5 @@ public String getType() {
             return type;
         }
     }
+
 }
diff --git a/...src/main/java/com/evolveum/midpoint/web/component/data/column/InlineMenuButtonColumn.java b/...src/main/java/com/evolveum/midpoint/web/component/data/column/InlineMenuButtonColumn.java
@@ -97,14 +97,17 @@ private Component getPanel(String componentId, IModel<T> rowModel,
         List<ButtonInlineMenuItem> buttonMenuItems = new ArrayList<>();
         menuItems.forEach(menuItem -> {
             if (menuItem instanceof ButtonInlineMenuItem){
-                if (isHeaderPanel && !menuItem.isHeaderMenuItem()){
+                if (isHeaderPanel && !menuItem.isHeaderMenuItem()) {
+                    return;
+                }
+                if (menuItem.getVisibilityChecker() != null && !menuItem.getVisibilityChecker().isVisible(rowModel, isHeaderPanel)) {
                     return;
                 }
                 buttonMenuItems.add((ButtonInlineMenuItem) menuItem);
             }
         });
 
-        return new MenuMultiButtonPanel<T>(componentId, rowModel, numberOfButtons, Model.ofList(filteredMenuItems)) {
+        return new MenuMultiButtonPanel<T>(componentId, rowModel, buttonMenuItems.size(), Model.ofList(filteredMenuItems)) {
 
             private static final long serialVersionUID = 1L;
 

diff --git a/...olveum/midpoint/web/page/admin/certification/handlers/DirectAssignmentCertGuiHandler.java b/...olveum/midpoint/web/page/admin/certification/handlers/DirectAssignmentCertGuiHandler.java
@@ -13,13 +13,17 @@
 import com.evolveum.midpoint.prism.Containerable;
 import com.evolveum.midpoint.prism.Item;
 import com.evolveum.midpoint.prism.PrismContainer;
+import com.evolveum.midpoint.prism.PrismObject;
 import com.evolveum.midpoint.schema.constants.ObjectTypes;
 import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.QNameUtil;
+import com.evolveum.midpoint.util.logging.Trace;
+import com.evolveum.midpoint.util.logging.TraceManager;
 import com.evolveum.midpoint.web.page.admin.certification.dto.CertCaseOrWorkItemDto;
 import com.evolveum.midpoint.web.util.ObjectTypeGuiDescriptor;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationAssignmentCaseType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationCaseType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
+
+import com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
 
 import org.apache.commons.lang3.StringUtils;
 import org.apache.wicket.model.IModel;
@@ -33,6 +37,8 @@
  * @author mederly
  */
 public class DirectAssignmentCertGuiHandler implements CertGuiHandler {
+    private static final Trace LOGGER = TraceManager.getTrace(DirectAssignmentCertGuiHandler.class);
+
     @Override
     public String getCaseInfoButtonTitle(IModel<? extends CertCaseOrWorkItemDto> rowModel, PageBase page) {
 
@@ -57,6 +63,24 @@ public String getCaseInfoButtonTitle(IModel<? extends CertCaseOrWorkItemDto> row
         String objectType = getLocalizedTypeName(acase.getObjectRef().getType(), page);
         String objectName = dto.getObjectName();
 
+        // If object is UserType, display user's fullName in addition to the name
+        if (QNameUtil.match(acase.getObjectRef().getType(), UserType.COMPLEX_TYPE)) {
+            try {
+                PrismObject<UserType> object = page.getModelService().getObject(UserType.class, acase.getObjectRef().getOid(), null, page.getPageTask(), page.getPageTask().getResult());
+
+                if (object != null) {
+                    UserType userObj = object.asObjectable();
+                    PolyStringType fullName = userObj.getFullName();
+                    if (fullName != null && !StringUtils.isEmpty(fullName.getOrig())) {
+                        objectName = fullName.getOrig() + " (" + objectName + ")";
+                    }
+                }
+            } catch (Exception e) {
+                //probably autz exception, mute it and return object name
+                LOGGER.debug("Error retrieving full object in getCaseInfoButtonTitle: {}", e.getMessage());
+            }
+        }
+
         infoList.add(page.createStringResource("PageCert.message.assignment",
                 assignmentOrInducement,
                 emptyToDash(targetType), emptyToDash(targetName),

diff --git a/...in-gui/src/main/java/com/evolveum/midpoint/web/page/admin/reports/PageCreatedReports.java b/...in-gui/src/main/java/com/evolveum/midpoint/web/page/admin/reports/PageCreatedReports.java
@@ -20,7 +20,9 @@
 
 import javax.xml.namespace.QName;
 
+import com.evolveum.midpoint.model.api.ModelAuthorizationAction;
 import com.evolveum.midpoint.prism.path.ItemPath;
+import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
 import com.evolveum.midpoint.web.component.menu.cog.InlineMenuItemAction;
 import com.evolveum.midpoint.web.page.admin.PageAdminObjectList;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
@@ -356,6 +358,14 @@ public String getButtonIconCssClass() {
             }
         });
 
+        boolean canReadTraces;
+        try {
+            canReadTraces = isAuthorized(ModelAuthorizationAction.READ_TRACE.getUrl());
+        } catch (Throwable t) {
+            LoggingUtils.logUnexpectedException(LOGGER, "Couldn't authorize reading traces", t);
+            canReadTraces = false;
+        }
+
         ButtonInlineMenuItem item = new ButtonInlineMenuItem(createStringResource("DownloadButtonPanel.download")) {
             private static final long serialVersionUID = 1L;
 
@@ -384,11 +394,20 @@ public boolean isHeaderMenuItem(){
                 return false;
             }
         };
+        if (!canReadTraces) {
+            item.setVisibilityChecker((rowModel, isHeader) -> !isTrace(rowModel));
+        }
         menuItems.add(item);
 
         return menuItems;
     }
 
+    private boolean isTrace(IModel<?> rowModel) {
+        //noinspection unchecked
+        SelectableBean<ReportOutputType> row = (SelectableBean<ReportOutputType>) rowModel.getObject();
+        return ObjectTypeUtil.hasArchetype(row.getValue(), SystemObjectsType.ARCHETYPE_TRACE.value());
+    }
+
     private IModel<String> createDeleteConfirmString() {
         return new IModel<String>() {
 

diff --git a/.../java/com/evolveum/midpoint/web/page/admin/users/component/ExecuteChangeOptionsPanel.java b/.../java/com/evolveum/midpoint/web/page/admin/users/component/ExecuteChangeOptionsPanel.java
@@ -11,6 +11,10 @@
 import com.evolveum.midpoint.gui.api.component.form.CheckBoxPanel;
 import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
 import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
+import com.evolveum.midpoint.model.api.ModelAuthorizationAction;
+import com.evolveum.midpoint.util.logging.LoggingUtils;
+import com.evolveum.midpoint.util.logging.Trace;
+import com.evolveum.midpoint.util.logging.TraceManager;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.TracingProfileType;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.wicket.markup.html.WebMarkupContainer;
@@ -27,6 +31,8 @@
 public class ExecuteChangeOptionsPanel extends BasePanel<ExecuteChangeOptionsDto> {
     private static final long serialVersionUID = 1L;
 
+    private static final Trace LOGGER = TraceManager.getTrace(ExecuteChangeOptionsPanel.class);
+
     private static final String ID_FORCE = "force";
     private static final String ID_FORCE_CONTAINER = "forceContainer";
     private static final String ID_RECONCILE = "reconcile";
@@ -108,8 +114,16 @@ private void initLayout() {
                 KEEP_DISPLAYING_RESULTS_HELP,
                 showKeepDisplayingResults);
 
+        boolean canRecordTrace;
+        try {
+            canRecordTrace = getPageBase().isAuthorized(ModelAuthorizationAction.RECORD_TRACE.getUrl());
+        } catch (Throwable t) {
+            LoggingUtils.logUnexpectedException(LOGGER, "Couldn't check trace recording authorization", t);
+            canRecordTrace = false;
+        }
+
         WebMarkupContainer tracingContainer = new WebMarkupContainer(ID_TRACING_CONTAINER);
-        tracingContainer.setVisible(WebModelServiceUtils.isEnableExperimentalFeature(getPageBase()));
+        tracingContainer.setVisible(canRecordTrace && WebModelServiceUtils.isEnableExperimentalFeature(getPageBase()));
         add(tracingContainer);
 
         DropDownChoice tracing = new DropDownChoice<>(ID_TRACING, PropertyModel.of(getModel(), ExecuteChangeOptionsDto.F_TRACING),

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PageAccountActivation.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PageAccountActivation.java
@@ -274,7 +274,7 @@ private void propagatePassword(AjaxRequestTarget target,
             ObjectDelta<ShadowType> shadowDelta = getPrismContext().deltaFactory().object()
                     .createModificationReplaceProperty(ShadowType.class, shadow.getOid(), SchemaConstants.PATH_PASSWORD_VALUE,
                             passwordValue);
-            shadowDelta.addModificationDeleteProperty(ShadowType.F_LIFECYCLE_STATE, SchemaConstants.LIFECYCLE_PROPOSED);
+            shadowDelta.addModificationReplaceProperty(ShadowType.F_LIFECYCLE_STATE, SchemaConstants.LIFECYCLE_ACTIVE);
             passwordDeltas.add(shadowDelta);
         }
 

diff --git a/gui/admin-gui/src/main/resources/banner.txt b/gui/admin-gui/src/main/resources/banner.txt
@@ -6,8 +6,8 @@
   | | | | | | | (_| | |  | (_) | | | | | |_
   |_| |_| |_|_|\____|_|  \____/|_|_| |_|\__|  by Evolveum and partners
 
-  Licensed under the Apache License, Version 2.0 see: http://www.apache.org/licenses/LICENSE-2.0
+  Dual-licensed under Apache License 2.0 and European Union Public License.
   Version: ${project.version}
   Sources: ${project.scm.connection}, branch: ${git.branch}, build: ${git.describe}
   Bug reporting system: ${project.issueManagement.url}
-  Product information: http://wiki.evolveum.com/display/midPoint
+  Product information: https://midpoint.evolveum.com
diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/ResourceShadowDiscriminator.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/ResourceShadowDiscriminator.java
@@ -287,6 +287,10 @@ public String toString() {
 
     @Override
     public String toHumanReadableDescription() {
+        return toHumanReadableDescription(true);
+    }
+
+    public String toHumanReadableDescription(boolean writeOid) {
         StringBuilder sb = new StringBuilder("RSD(");
         sb.append(kind==null?"null":kind.value());
         sb.append(" (").append(intent);
@@ -297,8 +301,10 @@ public String toHumanReadableDescription() {
         if (objectClass != null) {
             sb.append(": ").append(PrettyPrinter.prettyPrint(objectClass));
         }
-        sb.append(" @");
-        sb.append(resourceOid);
+        if (writeOid) {
+            sb.append(" @");
+            sb.append(resourceOid);
+        }
         if (order != 0) {
             sb.append(" order=");
             sb.append(order);

diff --git a/model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java b/model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
@@ -10,6 +10,7 @@
 
 import com.evolveum.midpoint.util.DisplayableValue;
 import com.evolveum.midpoint.util.QNameUtil;
+import com.evolveum.midpoint.util.annotation.Experimental;
 
 public enum ModelAuthorizationAction implements DisplayableValue<String> {
 
@@ -83,7 +84,13 @@ public enum ModelAuthorizationAction implements DisplayableValue<String> {
     PARTIAL_EXECUTION("partialExecution", "Partial execution", "PARTIAL_EXECUTION_HELP"),
     GET_EXTENSION_SCHEMA("getExtensionSchema", "Get extension schema", "GET_EXTENSION_SCHEMA_HELP"),
 
-    RUN_REPORT("runReport", "Run report", "RUN_REPORT_HELP");
+    RUN_REPORT("runReport", "Run report", "RUN_REPORT_HELP"),
+
+    @Experimental
+    RECORD_TRACE("recordTrace", "Record trace", "RECORD_TRACE_HELP"),
+
+    @Experimental
+    READ_TRACE("readTrace", "Read trace", "READ_TRACE_HELP");
 
     public static final String[] AUTZ_ACTIONS_URLS_SEARCH = new String[] { READ.getUrl(),  SEARCH.getUrl() };
     public static final String[] AUTZ_ACTIONS_URLS_GET = new String[] { READ.getUrl(),  GET.getUrl() };

diff --git a/...rc/main/java/com/evolveum/midpoint/model/common/expression/functions/CustomFunctions.java b/...rc/main/java/com/evolveum/midpoint/model/common/expression/functions/CustomFunctions.java
@@ -53,25 +53,12 @@ public class CustomFunctions {
     private FunctionLibraryType library;
     private ExpressionProfile expressionProfile;
     private PrismContext prismContext;
-    /**
-     * Operation result existing at the initialization time. It is used only if we cannot obtain current operation
-     * result in any other way.
-      */
-    private OperationResult initializationTimeResult;
-    /**
-     * Operation result existing at the initialization time. It is used only if we cannot obtain current operation
-     * result in any other way.
-     */
-    private Task initializationTimeTask;
 
-    public CustomFunctions(FunctionLibraryType library, ExpressionFactory expressionFactory, ExpressionProfile expressionProfile,
-            OperationResult result, Task task) {
+    public CustomFunctions(FunctionLibraryType library, ExpressionFactory expressionFactory, ExpressionProfile expressionProfile) {
         this.library = library;
         this.expressionFactory = expressionFactory;
         this.expressionProfile = expressionProfile;
         this.prismContext = expressionFactory.getPrismContext();
-        this.initializationTimeResult = result;
-        this.initializationTimeTask = task;
     }
 
     /**
@@ -88,22 +75,20 @@ public <V extends PrismValue, D extends ItemDefinition> Object execute(String fu
             if (ctx.getTask() != null) {
                 task = ctx.getTask();
             } else {
-                LOGGER.warn("No task in ScriptExpressionEvaluationContext for the current thread found. Using "
-                        + "initialization-time task: {}", initializationTimeTask);
-                task = initializationTimeTask;
+                // We shouldn't use task of unknown provenience.
+                throw new IllegalStateException("No task in ScriptExpressionEvaluationContext for the current thread found");
             }
             if (ctx.getResult() != null) {
                 result = ctx.getResult();
             } else {
-                LOGGER.warn("No operation result in ScriptExpressionEvaluationContext for the current thread found. Using "
-                        + "initialization-time op. result");
-                result = initializationTimeResult;
+                // Better throwing an exception than introducing memory leak if initialization-time result is used.
+                // This situation should never occur anyway.
+                throw new IllegalStateException("No operation result in ScriptExpressionEvaluationContext for the current thread found");
             }
         } else {
-            LOGGER.warn("No ScriptExpressionEvaluationContext for current thread found. Using initialization-time task "
-                    + "and operation result: {}", initializationTimeTask);
-            task = initializationTimeTask;
-            result = initializationTimeResult;
+            // Better throwing an exception than introducing memory leak if initialization-time result is used.
+            // This situation should never occur anyway.
+            throw new IllegalStateException("No ScriptExpressionEvaluationContext for current thread found");
         }
 
         List<ExpressionType> functions = library.getFunction().stream().filter(expression -> functionName.equals(expression.getName())).collect(Collectors.toList());

diff --git a/.../src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpression.java b/.../src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpression.java
@@ -181,8 +181,8 @@ public <V extends PrismValue> List<V> evaluate(ScriptExpressionEvaluationContext
             context.setTrace(null);
         }
         context.setResult(result);      // a bit of hack: this is to provide some tracing of script evaluation
+        ScriptExpressionEvaluationContext oldContext = context.setupThreadLocal();
         try {
-            context.setupThreadLocal();
 
             List<V> expressionResult = evaluator.evaluate(context);
             if (context.getTrace() != null) {
@@ -197,7 +197,7 @@ public <V extends PrismValue> List<V> evaluate(ScriptExpressionEvaluationContext
             result.recordFatalError(ex.getMessage(), ex);
             throw ex;
         } finally {
-            context.cleanupThreadLocal();
+            context.cleanupThreadLocal(oldContext);
             result.computeStatusIfUnknown();
             context.setResult(parentResult);        // a bit of hack
         }

diff --git a/...m/evolveum/midpoint/model/common/expression/script/ScriptExpressionEvaluationContext.java b/...m/evolveum/midpoint/model/common/expression/script/ScriptExpressionEvaluationContext.java
@@ -160,16 +160,14 @@ public void setResult(OperationResult result) {
         this.result = result;
     }
 
-    public static ThreadLocal<ScriptExpressionEvaluationContext> getThreadlocalcontext() {
-        return THREAD_LOCAL_CONTEXT;
-    }
-
-    public void setupThreadLocal() {
+    ScriptExpressionEvaluationContext setupThreadLocal() {
+        ScriptExpressionEvaluationContext oldContext = THREAD_LOCAL_CONTEXT.get();
         THREAD_LOCAL_CONTEXT.set(this);
+        return oldContext;
     }
 
-    public void cleanupThreadLocal() {
-        THREAD_LOCAL_CONTEXT.set(null);
+    void cleanupThreadLocal(ScriptExpressionEvaluationContext oldContext) {
+        THREAD_LOCAL_CONTEXT.set(oldContext);
     }
 
     public static ScriptExpressionEvaluationContext getThreadLocal() {

diff --git a/...in/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionFactory.java b/...in/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionFactory.java
@@ -119,7 +119,7 @@ public ScriptExpression createScriptExpression(ScriptExpressionEvaluatorType exp
             ExpressionProfile expressionProfile, ExpressionFactory expressionFactory, String shortDesc, Task task, OperationResult result)
                     throws ExpressionSyntaxException, SecurityViolationException {
 
-        initializeCustomFunctionsLibraryCache(expressionFactory, task, result);
+        initializeCustomFunctionsLibraryCache(expressionFactory, result);
         //cache cleanup method
 
         String language = getLanguage(expressionType);
@@ -168,7 +168,7 @@ private ScriptExpressionProfile processScriptExpressionProfile(ExpressionProfile
     }
 
     // if performance becomes an issue, replace 'synchronized' with something more elaborate
-    private synchronized void initializeCustomFunctionsLibraryCache(ExpressionFactory expressionFactory, Task task,
+    private synchronized void initializeCustomFunctionsLibraryCache(ExpressionFactory expressionFactory,
             OperationResult result) throws ExpressionSyntaxException {
         if (customFunctionLibraryCache != null) {
             return;
@@ -187,7 +187,7 @@ private synchronized void initializeCustomFunctionsLibraryCache(ExpressionFactor
             FunctionLibrary customLibrary = new FunctionLibrary();
             customLibrary.setVariableName(object.getName().getOrig());
             customLibrary.setGenericFunctions(
-                    new CustomFunctions(object.asObjectable(), expressionFactory, expressionProfile, result, task));
+                    new CustomFunctions(object.asObjectable(), expressionFactory, expressionProfile));
             customLibrary.setNamespace(MidPointConstants.NS_FUNC_CUSTOM);
             customFunctionLibraryCache.put(object.getName().getOrig(), customLibrary);
             return true;