Merge remote-tracking branch 'refs/remotes/origin/master'

Evolveum · Mar 13, 2023 · 5f08e75 · 5f08e75
2 parents 689c2a7 + d35bf8d
commit 5f08e75
Show file tree

Hide file tree

Showing 151 changed files with 3,960 additions and 2,153 deletions.
diff --git a/config/sql/native-new/postgres-new-upgrade.sql b/config/sql/native-new/postgres-new-upgrade.sql
@@ -180,6 +180,7 @@ call apply_change(12, $aa$
             else
                ALTER TYPE ObjectType ADD VALUE IF NOT EXISTS 'MARK' AFTER 'LOOKUP_TABLE';
                ALTER TYPE ReferenceType ADD VALUE IF NOT EXISTS 'PROCESSED_OBJECT_EVENT_MARK' AFTER 'PERSONA';
+               ALTER TYPE ReferenceType ADD VALUE IF NOT EXISTS 'OBJECT_EFFECTIVE_MARK' AFTER 'OBJECT_CREATE_APPROVER';
             end if;
             ALTER TYPE ObjectType ADD VALUE IF NOT EXISTS 'SIMULATION_RESULT' AFTER 'SHADOW';
             ALTER TYPE ContainerType ADD VALUE IF NOT EXISTS 'SIMULATION_RESULT_PROCESSED_OBJECT' AFTER 'OPERATION_EXECUTION';
@@ -317,6 +318,20 @@ CREATE TABLE m_processed_object_event_mark (
 
 CREATE TABLE m_processed_object_event_mark_default PARTITION OF m_processed_object_event_mark DEFAULT;
 
+
+-- stores ObjectType/effectiveMarkRef
+CREATE TABLE m_ref_object_effective_mark (
+    ownerOid UUID NOT NULL REFERENCES m_object_oid(oid) ON DELETE CASCADE,
+    referenceType ReferenceType GENERATED ALWAYS AS ('OBJECT_EFFECTIVE_MARK') STORED
+        CHECK (referenceType = 'OBJECT_EFFECTIVE_MARK'),
+
+    PRIMARY KEY (ownerOid, relationId, targetOid)
+)
+    INHERITS (m_reference);
+
+CREATE INDEX m_ref_object_effective_markTargetOidRelationId_idx
+    ON m_ref_object_effective_mark (targetOid, relationId);
+
 $aa$, true); -- TODO remove `true` before M2 or before RC1! (Also, the first 3 table drops)
 
 

diff --git a/config/sql/native-new/postgres-new.sql b/config/sql/native-new/postgres-new.sql
@@ -96,6 +96,7 @@ CREATE TYPE ReferenceType AS ENUM (
     'DELEGATED',
     'INCLUDE',
     'OBJECT_CREATE_APPROVER',
+    'OBJECT_EFFECTIVE_MARK',
     'OBJECT_MODIFY_APPROVER',
     'OBJECT_PARENT_ORG',
     'PERSONA',
@@ -403,6 +404,21 @@ CREATE TABLE m_ref_object_create_approver (
 CREATE INDEX m_ref_object_create_approverTargetOidRelationId_idx
     ON m_ref_object_create_approver (targetOid, relationId);
 
+
+-- stores ObjectType/effectiveMarkRef
+CREATE TABLE m_ref_object_effective_mark (
+    ownerOid UUID NOT NULL REFERENCES m_object_oid(oid) ON DELETE CASCADE,
+    referenceType ReferenceType GENERATED ALWAYS AS ('OBJECT_EFFECTIVE_MARK') STORED
+        CHECK (referenceType = 'OBJECT_EFFECTIVE_MARK'),
+
+    PRIMARY KEY (ownerOid, relationId, targetOid)
+)
+    INHERITS (m_reference);
+
+CREATE INDEX m_ref_object_effective_markTargetOidRelationId_idx
+    ON m_ref_object_effective_mark (targetOid, relationId);
+
+
 -- stores ObjectType/metadata/modifyApproverRef
 CREATE TABLE m_ref_object_modify_approver (
     ownerOid UUID NOT NULL REFERENCES m_object_oid(oid) ON DELETE CASCADE,

diff --git a/dist/javadoc/pom.xml b/dist/javadoc/pom.xml
@@ -116,4 +116,20 @@
             </plugin>
         </plugins>
     </build>
+
+    <profiles>
+        <!--
+        Fixes MID-8486 invalid "undefined" link in Javadoc search on JDK 11.
+        See also discussion under this answer: https://stackoverflow.com/a/52603413
+        -->
+        <profile>
+            <id>active-on-jdk-11</id>
+            <activation>
+                <jdk>11</jdk>
+            </activation>
+            <properties>
+                <javadoc.options>--no-module-directories</javadoc.options>
+            </properties>
+        </profile>
+    </profiles>
 </project>
diff --git a/dist/src/main/bin/midpoint.sh b/dist/src/main/bin/midpoint.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-# Portions Copyright (C) 2017-2022 Evolveum and contributors
+# Portions Copyright (C) 2017-2023 Evolveum and contributors
 #
 # This work is dual-licensed under the Apache License 2.0
 # and European Union Public License. See LICENSE file for details.
@@ -166,6 +166,7 @@ if [ "${1}" = "init-native" ]; then
   fi
   exit 0
 fi
+# end of init-native
 
 mkdir -p "${MIDPOINT_HOME}/log"
 

diff --git a/dist/src/main/bin/ninja.sh b/dist/src/main/bin/ninja.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-# Copyright (C) 2017-2020 Evolveum and contributors
+# Copyright (C) 2017-2023 Evolveum and contributors
 #
 # This work is dual-licensed under the Apache License 2.0
 # and European Union Public License. See LICENSE file for details.
@@ -21,6 +21,176 @@ fi
 : "${UMASK:="0027"}"
 umask ${UMASK}
 
+# Support for JAVA_OPTS + SET/UNSET environment variables, for better Docker support
+# To prevent error for setenv.sh processing (set -u).
+JAVA_OPTS="${JAVA_OPTS:- }"
+
+JAVA_def_Xms="1g"
+JAVA_def_Xmx="2g"
+ENV_MAP_PREFIX="MP_SET_"
+ENV_UNMAP_PREFIX="MP_UNSET_"
+
+# Apply bin/setenv.sh if it exists. This setenv.sh does not depend on MIDPOINT_HOME.
+# The script can either append or overwrite JAVA_OPTS, e.g. to set -Dmidpoint.nodeId.
+if [[ -r "${SCRIPT_DIR}/setenv.sh" ]]; then
+  echo "Applying setenv.sh from ${SCRIPT_DIR} directory."
+  # shellcheck disable=SC1091
+  . "${SCRIPT_DIR}/setenv.sh"
+fi
+
+# Apply $MIDPOINT_HOME/setenv.sh if it exists. This is flexible and related to chosen MIDPOINT_HOME.
+if [[ -r "${MIDPOINT_HOME}/setenv.sh" ]]; then
+  echo "Applying setenv.sh from ${MIDPOINT_HOME} directory."
+  # shellcheck disable=SC1091
+  . "${MIDPOINT_HOME}/setenv.sh"
+fi
+
+#############################
+# Originally Docker related #
+#############################
+
+################
+# entry point for source of the files to copy into midpoint home directory before the application start
+################
+
+if [ "${MP_ENTRY_POINT:-}" != "" ]; then # /opt/midpoint-dirs-docker-entrypoint
+  if [ -e "${MP_ENTRY_POINT}" ]; then
+    echo "Processing ${MP_ENTRY_POINT} directory..."
+    for i in $(find "${MP_ENTRY_POINT}" -mindepth 1 -maxdepth 1 -type d); do
+      l_name="$(basename "${i}")"
+      [ ! -e "${MIDPOINT_HOME}/${l_name}" ] && mkdir -p "${MIDPOINT_HOME}/${l_name}"
+      for s in $(find "${i}" -mindepth 1 -maxdepth 1 -type f -follow -exec basename \{\} \;); do
+        if [ ! -e "${MIDPOINT_HOME}/${l_name}/${s}" -a ! -e "${MIDPOINT_HOME}/${l_name}/${s}.done" ]; then
+          echo "COPY ${i}/${s} => ${MIDPOINT_HOME}/${l_name}/${s}"
+          cp "${i}/${s}" "${MIDPOINT_HOME}/${l_name}/${s}"
+        else
+          echo "SKIP: ${i}/${s}"
+        fi
+      done
+    done
+    echo "- - - - - - - - - - - - - - - - - - - - -"
+    unset l_name
+  fi
+fi
+
+################
+
+[ "${MP_MEM_MAX:-}" != "" ] && JAVA_OPTS="$(echo ${JAVA_OPTS:-} | sed "s/-Xmx[^[:space:]]*//") -Xmx${MP_MEM_MAX}"
+[ "${MP_MEM_INIT:-}" != "" ] && JAVA_OPTS="$(echo ${JAVA_OPTS:-} | sed "s/-Xms[^[:space:]]*//") -Xms${MP_MEM_INIT}"
+
+###### Backward compatibility for ENV variables ####
+
+if [ "${MP_NO_ENV_COMPAT:-}" != "1" ]; then
+  [ "${REPO_PORT:-}" != "" ] && db_port=${REPO_PORT}
+  if [ "${REPO_DATABASE_TYPE:-}" != "" ]; then
+    export ${ENV_MAP_PREFIX}midpoint_repository_database="${REPO_DATABASE_TYPE}"
+    [ "${db_port:-}" == "default" ] && db_port=""
+    case ${REPO_DATABASE_TYPE} in
+    h2)
+      [ "${db_port:-}" == "" ] && db_port=5437
+      db_prefix="jdbc:h2:tcp://"
+      db_path="/${REPO_DATABASE:-midpoint}"
+      ;;
+    oracle)
+      [ "${db_port:-}" == "" ] && db_port=1521
+      db_prefix="jdbc:oracle:thin:@"
+      db_path="/xe"
+      ;;
+    postgresql)
+      [ "${db_port:-}" == "" ] && db_port=5432
+      db_prefix="jdbc:postgresql://"
+      db_path="/${REPO_DATABASE:-midpoint}"
+      ;;
+    sqlserver)
+      [ "${db_port:-}" == "" ] && db_port=1433
+      db_prefix="jdbc:sqlserver://"
+      db_path=";databse=${REPO_DATABASE:-midpoint}"
+      ;;
+    *)
+      if [ "${db_port:-}" == "" -a "${REPO_URL:-}" == "" ]; then
+        echo "~~~~~ please supply JDBC port for your repository ~~~~~"
+        exit 1
+      fi
+      ;;
+    esac
+    [ "${REPO_URL:-}" = "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_jdbcUrl="${db_prefix}${REPO_HOST:-localhost}:${db_port}${db_path}"
+  fi
+
+  [ "${REPO_URL:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_jdbcUrl="${REPO_URL}"
+  [ "${REPO_USER:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_jdbcUsername="${REPO_USER}"
+  [ "${REPO_PASSWORD_FILE:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_jdbcPassword_FILE="${REPO_PASSWORD_FILE}"
+  [ "${REPO_MISSING_SCHEMA_ACTION:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_missingSchemaAction="${REPO_MISSING_SCHEMA_ACTION}"
+  [ "${REPO_UPGRADEABLE_SCHEMA_ACTION:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_upgradeableSchemaAction="${REPO_UPGRADEABLE_SCHEMA_ACTION}"
+  [ "${REPO_SCHEMA_VARIANT:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_schemaVariant="${REPO_SCHEMA_VARIANT}"
+  [ "${REPO_SCHEMA_VERSION_IF_MISSING:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_repository_schemaVersionIfMissing="${REPO_SCHEMA_VERSION_IF_MISSING}"
+
+  [ "${MP_KEYSTORE_PASSWORD_FILE:-}" != "" ] && export ${ENV_MAP_PREFIX}midpoint_keystore_keyStorePassword_FILE="${MP_KEYSTORE_PASSWORD_FILE}"
+fi
+
+#############################
+
+###### ENV Variables mapping ######
+
+JAVA_OPTS=" ${JAVA_OPTS:-}"
+
+while read line; do
+  _to_process="${line:${#ENV_MAP_PREFIX}}"
+  _key="$(echo -n "${_to_process}" | cut -d = -f 1 | sed "s/_/./g")"
+  _val="$(echo -n "${_to_process}" | cut -d = -f 2-)"
+
+  ### exception for *_FILE key name ###
+  [ "${_key: -5}" = ".FILE" ] && _key="${_key::$((${#_key} - 5))}_FILE"
+  ###
+
+  echo "Processing variable (MAP) ... ${_key} .:. ${_val}"
+
+  if [ "${_key:0:1}" = "." ]; then
+    JAVA_OPTS="${JAVA_OPTS:-} -D${_key:1}=\"${_val}\""
+  else
+    JAVA_OPTS="$(echo -n "${JAVA_OPTS:-}" | sed "s/ -D${_key}=\"[^\"]*\"//g;s/ -D${_key}=[^[:space:]]*//g") -D${_key}=\"${_val}\""
+  fi
+done < <(env | grep "^${ENV_MAP_PREFIX}")
+
+while read line; do
+  _to_process="${line:${#ENV_UNMAP_PREFIX}}"
+  _key="$(echo -n "${_to_process}" | cut -d = -f 1 | sed "s/_/./g")"
+  _val="$(echo -n "${_to_process}" | cut -d = -f 2-)"
+
+  ### exception for *_FILE key name ###
+  [ "${_key: -5}" = ".FILE" ] && _key="${_key::$((${#_key} - 5))}_FILE"
+  ###
+
+  echo "Processing variable (UNMAP) ... ${_key} .:. ${_val}"
+
+  JAVA_OPTS="$(echo -n "${JAVA_OPTS:-}" | sed "s/ -D${_key}=\"[^\"]*\"//g;s/ -D${_key}=[^[:space:]]*//g")"
+done < <(env | grep "^${ENV_UNMAP_PREFIX}")
+
+###################################
+
+# Check for the default JAVA_OPTS values. In case the specific key is already set the value is kept untouched.
+# To prevent Xms to be set pass the --Xms to JAVA_OPTS (double dash).
+# To prevent Xmx to be set pass the --Xmx to JAVA_OPTS (double dash).
+
+if $(echo "${JAVA_OPTS:-}" | grep -v -q "\-Xmx[0-9]"); then
+  if $(echo "${JAVA_OPTS:-}" | grep -q "\-\-Xmx"); then
+    JAVA_OPTS="$(echo "${JAVA_OPTS:-}" | sed "s/\-\-Xmx//")"
+  else
+    JAVA_OPTS="-Xmx${JAVA_def_Xmx} ${JAVA_OPTS:-}"
+  fi
+fi
+if $(echo "${JAVA_OPTS:-}" | grep -v -q "\-Xms[0-9]"); then
+  if $(echo "${JAVA_OPTS:-}" | grep -q "\-\-Xms"); then
+    JAVA_OPTS="$(echo "${JAVA_OPTS:-}" | sed "s/\-\-Xms//")"
+  else
+    JAVA_OPTS="-Xms${JAVA_def_Xms} ${JAVA_OPTS:-}"
+  fi
+fi
+
+if $(echo "${JAVA_OPTS:-}" | grep -v -q "\-Dmidpoint.home="); then JAVA_OPTS="${JAVA_OPTS:-} -Dmidpoint.home=\"${MIDPOINT_HOME}\""; fi
+
+# clean up white spaces in case of key/value removal from the original JAVA_OPTS parameter set
+JAVA_OPTS="$(echo "${JAVA_OPTS:-}" | tr -s [[:space:]] " " | sed "s/^[[:space:]]//;s/[[:space:]]$//")"
+
 # can't use -v here because of bash 3.2 support
 if [[ -z "${JAVA_HOME:-}" ]]; then
   _RUNJAVA=java
@@ -41,7 +211,7 @@ done
 # would be empty and considered a class name by the "java -jar" command.
 if [ -n "${JDBC_DRIVER:-}" ]; then
   echo "Using JDBC driver path: ${JDBC_DRIVER}"
-  exec "${_RUNJAVA}" "-Dloader.path=${JDBC_DRIVER}" -jar "${BASE_DIR}/lib/ninja.jar" -m "${MIDPOINT_HOME}" "$@"
+  eval "${_RUNJAVA}" ${JAVA_OPTS} "-Dloader.path=${JDBC_DRIVER}" -jar "${BASE_DIR}/lib/ninja.jar" -m "${MIDPOINT_HOME}" "$@"
 else
-  exec "${_RUNJAVA}" -jar "${BASE_DIR}/lib/ninja.jar" -m "${MIDPOINT_HOME}" "$@"
+  eval "${_RUNJAVA}" ${JAVA_OPTS} -jar "${BASE_DIR}/lib/ninja.jar" -m "${MIDPOINT_HOME}" "$@"
 fi
diff --git a/gui/admin-gui/src/frontend/scss/midpoint.scss b/gui/admin-gui/src/frontend/scss/midpoint.scss
@@ -556,7 +556,7 @@ li.dropdown.user.user-menu {
 }
 
 .summary-tag-box {
-  max-width: 220px;
+  max-width: 250px;
 }
 
 .summary-tag-box-wide {
@@ -565,19 +565,11 @@ li.dropdown.user.user-menu {
 }
 
 .summary-tag {
-	display: block;
-	padding-left: 10px;
-	padding-right: 10px;
-	margin: 3px;
-	border: 1px solid #e0e0e0;
-	border-radius: 3px;
-	background-color: #fbfbfb;
-	margin-right: 0px;
+
 }
 
 .summary-tag-icon {
 	width: 20px;
-	margin-right: 2px;
 }
 
 // form input for binary data upload (used e.g. for photo)

diff --git a/...gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordHintPanel.java b/...gui/src/main/java/com/evolveum/midpoint/gui/api/component/password/PasswordHintPanel.java
@@ -111,8 +111,10 @@ public void validate(IValidatable<String> validatable) {
         }
 
         private boolean hintEqualsOrSimilarToPassword(@NotNull String password, @NotNull String hint) {
-            return password.equals(hint) || password.contains(hint.trim().replaceAll(" ", ""))
-                    || hint.contains(password);
+            String passwordWithoutSpacesValue = password.trim().replaceAll(" ", "");
+            String hintWithoutSpacesValue = hint.trim().replaceAll(" ", "");
+            return passwordWithoutSpacesValue.contains(hintWithoutSpacesValue)
+                    || hintWithoutSpacesValue.contains(passwordWithoutSpacesValue);
         }
     }
 

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebComponentUtil.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebComponentUtil.java
@@ -1191,8 +1191,6 @@ public static <O extends ObjectType> String getName(ObjectReferenceType ref, Pag
         String name = getName(ref);
         if (StringUtils.isEmpty(name) || name.equals(ref.getOid())) {
             String oid = ref.getOid();
-            Collection<SelectorOptions<GetOperationOptions>> options = SelectorOptions
-                    .createCollection(GetOperationOptions.createNoFetch());
             Class<O> type = (Class<O>) ObjectType.class;
             PrismObject<O> object = WebModelServiceUtils.loadObject(type, oid, pageBase,
                     pageBase.createSimpleTask(operation), new OperationResult(operation));

diff --git a/...va/com/evolveum/midpoint/gui/impl/component/data/provider/RepoAssignmentListProvider.java b/...va/com/evolveum/midpoint/gui/impl/component/data/provider/RepoAssignmentListProvider.java
@@ -159,7 +159,7 @@ private void initChangeLists() {
     @Override
     protected int internalSize() {
         initChangeLists();
-        return newData.size() + super.internalSize();
+        return oid != null ? newData.size() + super.internalSize() : newData.size();
     }
 
     @Override

diff --git a/...eum/midpoint/gui/impl/page/admin/abstractrole/component/FocusApplicablePoliciesPanel.java b/...eum/midpoint/gui/impl/page/admin/abstractrole/component/FocusApplicablePoliciesPanel.java
@@ -7,9 +7,9 @@
  */
 package com.evolveum.midpoint.gui.impl.page.admin.abstractrole.component;
 
+import org.apache.wicket.markup.html.WebMarkupContainer;
+
 import com.evolveum.midpoint.gui.api.GuiStyleConstants;
-import com.evolveum.midpoint.gui.api.model.LoadableModel;
-import com.evolveum.midpoint.gui.api.prism.wrapper.PrismObjectWrapper;
 import com.evolveum.midpoint.gui.impl.page.admin.AbstractObjectMainPanel;
 import com.evolveum.midpoint.gui.impl.page.admin.assignmentholder.FocusDetailsModels;
 import com.evolveum.midpoint.web.application.PanelDisplay;
@@ -21,15 +21,13 @@
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ContainerPanelConfigurationType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
 
-import org.apache.wicket.markup.html.WebMarkupContainer;
-
 /**
  * Created by honchar.
  */
 @PanelType(name = "applicablePolicies")
 @PanelInstance(identifier = "applicablePolicies",
         applicableForType = AbstractRoleType.class,
-        display = @PanelDisplay(label = "pageAdminFocus.applicablePolicies", icon = GuiStyleConstants.CLASS_APPLICABLE_POLICY_ICON , order = 60))
+        display = @PanelDisplay(label = "pageAdminFocus.applicablePolicies", icon = GuiStyleConstants.CLASS_APPLICABLE_POLICY_ICON, order = 60))
 public class FocusApplicablePoliciesPanel<AR extends AbstractRoleType> extends AbstractObjectMainPanel<AR, FocusDetailsModels<AR>> {
     private static final long serialVersionUID = 1L;
 
@@ -45,7 +43,7 @@ protected void initLayout() {
         applicablePoliciesContainer.setOutputMarkupId(true);
         add(applicablePoliciesContainer);
 
-        ApplicablePolicyConfigPanel applicablePolicyPanel = new ApplicablePolicyConfigPanel<AR>(ID_APPLICABLE_POLICIES_PANEL,
+        ApplicablePolicyConfigPanel<AR> applicablePolicyPanel = new ApplicablePolicyConfigPanel<>(ID_APPLICABLE_POLICIES_PANEL,
                 PrismContainerWrapperModel.fromContainerWrapper(getObjectWrapperModel(), FocusType.F_ASSIGNMENT),
                 getObjectWrapperModel());