Merge remote-tracking branch 'origin/master' into feature/spring-boot…

…-3.2
Evolveum · Apr 26, 2024 · 77fdb28 · 77fdb28
2 parents 3a0ff7e + 502d08c
commit 77fdb28
Show file tree

Hide file tree

Showing 36 changed files with 564 additions and 296 deletions.
diff --git a/config/initial-objects/object-collection/250-object-collection-resource-all.xml b/config/initial-objects/object-collection/250-object-collection-resource-all.xml
@@ -7,7 +7,13 @@
   -->
 
 <objectCollection xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
-                  oid="00000000-0000-0000-0001-000000000006">
+        xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+        oid="00000000-0000-0000-0001-000000000006">
     <name>All resources</name>
     <type>ResourceType</type>
+    <filter>
+        <q:text>archetypeRef not matches (oid = "00000000-0000-0000-0000-000000000703")
+            and template != true and abstract != true
+        </q:text>
+    </filter>
 </objectCollection>
diff --git a/config/initial-objects/object-collection/251-object-collection-resource-up.xml b/config/initial-objects/object-collection/251-object-collection-resource-up.xml
@@ -31,7 +31,10 @@
     </assignment>
     <type>ResourceType</type>
     <filter>
-        <q:text>operationalState/lastAvailabilityStatus = "up"</q:text>
+        <q:text>operationalState/lastAvailabilityStatus = "up"
+            and archetypeRef not matches (oid = "00000000-0000-0000-0000-000000000703")
+            and template != true and abstract != true
+        </q:text>
     </filter>
     <domain>
         <collectionRef oid="00000000-0000-0000-0001-000000000006" type="c:ObjectCollectionType"/>

diff --git a/docs/admin-gui/dashboards/configuration/index.adoc b/docs/admin-gui/dashboards/configuration/index.adoc
@@ -14,8 +14,9 @@ doc-type: config
 :page-since: "4.2"
 :page-toc: top
 :page-keywords: [ 'dashboard', 'dashboards', 'configuration' ]
-:search-alias: "advanced report"
-:page-upkeep-status: green
+:search-alias: "dashboard configuration"
+:page-upkeep-status: yellow
+:page-upkeep-note: check TODO's after sampleRef is fully in prod remove links
 
 Documentation about dashboards can be found at multiple places in docs. To avoid confusion, please see
 
@@ -348,7 +349,7 @@ Last variable of the presentation container is `view`, this variable is also pro
 The main reason to configure a view would be the customization of the reported or presented object collection on which we based the dashboard widget.
 The widget object collection can be accessed via the IU *"More info"* button.
 
-
+//TODO check after sampleRef is fully in prod
 .*Example of `presentation`*:
 [%collapsible]
 ====
@@ -394,45 +395,13 @@ You can see basic configuration for objectCollection on xref:/midpoint/reference
 For dashboard, we can use policyRule with policyTreshold to define some policySituation.
 Example of object collection for resource, which have status set to "UP":
 
+//TODO check after sampleRef is fully in prod
 .*Example Object Collection*
 [%collapsible]
 ====
-[source,xml]
-----
-<objectCollection xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
-                                  xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
-                                  xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
-                                  oid="15de186e-1d8c-11e9-a469-8f5d9cfc0259">
-    <name>Resources Up</name>
-    <assignment>
-        <policyRule>
-            <policyConstraints>
-                <collectionStats>
-                    <collection>
-                        <interpretation>explicit</interpretation>
-                    </collection>
-                </collectionStats>
-            </policyConstraints>
-            <policySituation>#resourceHealthDanger</policySituation>
-            <policyThreshold>
-                <highWaterMark>
-                    <percentage>99.9</percentage>
-                </highWaterMark>
-            </policyThreshold>
-        </policyRule>
-    </assignment>
-    <type>ResourceType</type>
-    <filter>
-        <q:equal>
-            <q:path>operationalState/lastAvailabilityStatus</q:path>
-            <q:value>up</q:value>
-        </q:equal>
-    </filter>
-    <domain>
-        <collectionRef oid="00000000-0000-0000-0001-000000000006" type="c:ObjectCollectionType"/>
-    </domain>
-</objectCollection>
-----
+link:https://github.com/Evolveum/midpoint-samples/blob/master/samples/dashboard/object-collection-resource-up.xml[Git]
+
+sampleRef::samples/dashboard/object-collection-resource-up.xml[]
 ====
 
 Variable _domain_ is a set of object that represents "all the objects" used in this collection.
@@ -455,70 +424,24 @@ Now we show very simple example for widget of enabled users, that show only numb
 
 As first, we create an object collection with filter for users with value `enabled` in attribute activation/effectiveStatus.
 
-[%collapsible]
+//TODO check after sampleRef is fully in prod
 .*Example Object Collection*
+[%collapsible]
 ====
-[source,xml]
-----
-<objectCollection oid="00000000-0000-0000-0001-000000147896">
-   <name>All enabled users</name>
-    <type>UserType</type>
-    <filter>
-        <equal>
-            <path>activation/effectiveStatus</path>
-            <value>enabled</value>
-        </equal>
-    </filter>
-</objectCollection>
-----
+link:https://github.com/Evolveum/midpoint-samples/blob/master/samples/dashboard/object-collection-asynchronous-widget.xml[Git]
+
+sampleRef::samples/dashboard/object-collection-asynchronous-widget.xml[]
 ====
 
 And next we create dashboard with one widget for enabled users.
 
-[%collapsible]
+//TODO check after sampleRef is fully in prod
 .*Example Dashboard Configuration*
+[%collapsible]
 ====
-[source,xml]
-----
-<dashboard oid="f89709f9-7313-494f-a600-69ea75d95106">
-    <name>Example one widget for enabled users</name>
-    <display>
-        <label>Enabled users</label>
-    </display>
-    <widget>
-        <identifier>enabled-users</identifier>
-        <display>
-            <label>Enabled users</label>
-            <color>#00a65a</color>
-            <icon>
-                <cssClass>fa fa-user</cssClass>
-            </icon>
-        </display>
-        <data>
-            <sourceType>objectCollection</sourceType>
-            <collection>
-                <collectionRef oid="00000000-0000-0000-0001-000000147896" type="ObjectCollectionType"/>
-            </collection>
-        </data>
-        <presentation>
-            <dataField>
-                <fieldType>value</fieldType>
-                <expression>
-                    <proportional>
-                        <style>value-only</style>
-                    </proportional>
-                </expression>
-            </dataField>
-            <dataField>
-                <fieldType>unit</fieldType>
-                <expression>
-                    <value>enabled</value>
-                </expression>
-            </dataField>
-        </presentation>
-    </widget>
-</dashboard>
-----
+link:https://github.com/Evolveum/midpoint-samples/blob/master/samples/dashboard/dashboard-asynchronous-widget.xml[Git]
+
+sampleRef::samples/dashboard/dashboard-asynchronous-widget.xml[]
 ====
 
 Don't forget to add the new dashboard to admin gui in system configuration.
@@ -540,6 +463,7 @@ For example, we will use the same case as in the previous example for enabled us
 We create the same object collection.
 
 //TODO check after sampleRef is fully in prod
+
 .*Example Object Collection*
 [%collapsible]
 ====
@@ -551,8 +475,9 @@ sampleRef::samples/dashboard/howto/collection-enabled-users.xml[]
 Next, we have to create a dashboard. We also need to add the attribute `displaySourceType` with value `widgetData`.
 
 //TODO check after sampleRef is fully in prod
-[%collapsible]
+
 .*Example Dashboard Configuration*
+[%collapsible]
 ====
 link:https://github.com/Evolveum/midpoint-samples/blob/master/samples/dashboard/dashboard-asynchronous-widget.xml[Git]
 
@@ -562,8 +487,9 @@ sampleRef::samples/dashboard/dashboard-asynchronous-widget.xml[]
 Finally, we create a report for dashboard.
 
 //TODO check after sampleRef is fully in prod
-[%collapsible]
+
 .*Example Report Configuration*
+[%collapsible]
 ====
 link:https://github.com/Evolveum/midpoint-samples/blob/master/samples/dashboard/report-asynchronous-widget.xml[Git]
 

diff --git a/docs/admin-gui/dashboards/index.adoc b/docs/admin-gui/dashboards/index.adoc
@@ -13,7 +13,7 @@ doc-type: intro
 :page-keywords: [ 'dashboards', 'dashboard' ]
 :search-alias: "dashboards"
 :page-since: "4.0"
-:page-upkeep-status: orange
+:page-upkeep-status: green
 :page-upkeep-note: This was a "planned feature" test. I have quickly edited it to be a in present tense. But perhaps more edits are needed.
 
 

diff --git a/docs/misc/reports/examples/index.adoc b/docs/misc/reports/examples/index.adoc
@@ -3,8 +3,7 @@
 :page-display-order: 100
 :page-toc: top
 :search-alias: "report examples"
-:page-upkeep-status: yellow
-:page-upkeep-note: check TODO's after sampleRef is fully in prod remove links
+:page-keywords: [ 'report', 'examples', 'reports', 'samples' ]
 
 == Description
 Common use-cases and user story examples for the midPoint Reporting feature.

diff --git a/docs/misc/reports/index.adoc b/docs/misc/reports/index.adoc
@@ -51,6 +51,14 @@ It is also possible to send generated reports via email xref:/midpoint/reference
 
 For more information on export formats please have a look at xref:/midpoint/reference/misc/reports/report-formats.adoc[this] page.
 
+
+== Dashboards
+
+MidPoint also contains a dynamic way how to present the same data which we can use in reports.
+This is done with customizable dashboards and dashboard widgets.
+Dashboard configuration has its own section in the midPoint documentation.
+For more information on customizable dashboards please have a look at this xref:/midpoint/reference/admin-gui/dashboards/index.adoc[link].
+
 == See Also
 
 - xref:/midpoint/reference/misc/reports/examples/[Report Examples]

diff --git a/docs/roles-policies/classification/index.adoc b/docs/roles-policies/classification/index.adoc
@@ -11,6 +11,10 @@ compliance:
             description: 'Description of an idea for limiting access to internal information using classification scheme'
         '5.16':
             description: 'Management of user clearances'
+        '6.1':
+            description: 'Using clearances to represent personnel screening'
+        '6.3':
+            description: 'Using clearances to represent security training'
 ---
 = Information Classification and Clearances
 :page-toc: top
@@ -214,15 +218,15 @@ The policy rule prohibits assignment of privilege (policyAction=`enforce`) in ca
 The policy rule is specified in second-order inducement, therefore it is applied to all applications that have the `Category II` classification.
 The second-order inducement is the usual mechanism used in configurations based on xref:../metaroles/[meta-roles], such as this one.
 
-Similarly, definition of category III can be extended with requirements for special security clearance.
+Similarly, definition of category III can be extended with requirements for special security screening.
 We define the clearance first:
 
-.special-security-clearance.xml
+.special-security-screening.xml
 [source,xml]
 ----
 <role oid="147a93c6-c8c3-4430-9603-659ffeb5e544">
-    <name>Special security clearance</name>
-    <description>Special clearance awarded by security office, allowing access to sensitive information.</description>
+    <name>Special security screening</name>
+    <description>Special clearance awarded by security office after security screening, allowing access to sensitive information.</description>
     <assignment>
         <!-- Clearance archetype -->
         <targetRef oid="00000000-0000-0000-0000-000000000331" type="ArchetypeType"/>
@@ -256,10 +260,10 @@ We can use the approach described above the place requirement for the special cl
                 <hasNoAssignment>
                     <presentation>
                         <message>
-                            <fallbackMessage>Special security clearance required</fallbackMessage>
+                            <fallbackMessage>Special security screening required</fallbackMessage>
                         </message>
                     </presentation>
-                    <!-- Special security clearance -->
+                    <!-- Special security screening -->
                     <targetRef oid="147a93c6-c8c3-4430-9603-659ffeb5e544" type="RoleType" />
                 </hasNoAssignment>
             </policyConstraints>
@@ -283,7 +287,7 @@ The usual inducement can be used for that:
 <org oid="03a7128d-42c8-4056-9f2e-171658562eeb">
     <name>Chief Audit Office</name>
     <inducement>
-        <!-- Special security clearance -->
+        <!-- Special security screening -->
         <targetRef oid="147a93c6-c8c3-4430-9603-659ffeb5e544" type="RoleType" />
     </inducement>
 </org>

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/schema/PageSchema.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/schema/PageSchema.java
@@ -13,14 +13,17 @@
 import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
 import com.evolveum.midpoint.gui.impl.page.admin.AbstractPageObjectDetails;
 import com.evolveum.midpoint.gui.impl.page.admin.ObjectDetailsModels;
+import com.evolveum.midpoint.gui.impl.page.admin.assignmentholder.PageAssignmentHolderDetails;
 import com.evolveum.midpoint.prism.PrismObject;
 import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import com.evolveum.midpoint.web.component.ObjectSummaryPanel;
 import com.evolveum.midpoint.web.util.OnePageParameterEncoder;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.CaseType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.SchemaType;
 
 import org.apache.wicket.markup.html.panel.Panel;
 import org.apache.wicket.model.IModel;
+import org.apache.wicket.request.mapper.parameter.PageParameters;
 
 @PageDescriptor(
         urls = {
@@ -35,10 +38,18 @@
                         label = "PageUser.auth.user.label",
                         description = "PageUser.auth.user.description")
         })
-public class PageSchema extends AbstractPageObjectDetails<SchemaType, SchemaDetailsModel> {
+public class PageSchema extends PageAssignmentHolderDetails<SchemaType, SchemaDetailsModel> {
 
         private static final long serialVersionUID = 1L;
 
+        public PageSchema(PageParameters pageParameters) {
+        super(pageParameters);
+    }
+
+        public PageSchema(PrismObject<SchemaType> schema) {
+        super(schema);
+    }
+
         public PageSchema() {
             super();
         }

diff --git a/...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/schema/SchemaDetailsModel.java b/...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/schema/SchemaDetailsModel.java
@@ -7,6 +7,7 @@
 
 package com.evolveum.midpoint.gui.impl.page.admin.schema;
 
+import com.evolveum.midpoint.gui.impl.page.admin.assignmentholder.AssignmentHolderDetailsModel;
 import com.evolveum.midpoint.gui.impl.page.admin.schema.dto.PrismSchemaModel;
 
 import com.evolveum.midpoint.gui.impl.prism.wrapper.SchemaPropertyWrapperImpl;
@@ -23,7 +24,7 @@
 
 import org.apache.wicket.model.PropertyModel;
 
-public class SchemaDetailsModel extends ObjectDetailsModels<SchemaType> {
+public class SchemaDetailsModel extends AssignmentHolderDetailsModel<SchemaType> {
 
     private final PrismSchemaModel prismSchemaModel;
     private DefinitionsModel<DefinitionDto> schemaModel;

diff --git a/...ain/java/com/evolveum/midpoint/gui/impl/prism/panel/ResourceAttributeDefinitionPanel.java b/...ain/java/com/evolveum/midpoint/gui/impl/prism/panel/ResourceAttributeDefinitionPanel.java
@@ -9,18 +9,20 @@
 
 import com.evolveum.midpoint.gui.api.prism.wrapper.ResourceAttributeWrapper;
 
-import org.apache.wicket.Component;
+import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.model.IModel;
 
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
 
+import java.io.Serial;
+
 /**
  * @author katkav
  */
 public class ResourceAttributeDefinitionPanel<T> extends PrismPropertyPanel<T> {
 
-    private static final long serialVersionUID = 1L;
+    @Serial private static final long serialVersionUID = 1L;
     private static final Trace LOGGER = TraceManager.getTrace(ResourceAttributeDefinitionPanel.class);
 
     private static final String ID_HEADER = "header";
@@ -36,7 +38,14 @@ public ResourceAttributeDefinitionPanel(String id, IModel<ResourceAttributeWrapp
 
     @Override
     protected ItemHeaderPanel createHeaderPanel() {
-        return new ResourceAttributeDefinitionHeaderPanel<>(ID_HEADER, getResourceAttributeDefinitionModel());
+        return new ResourceAttributeDefinitionHeaderPanel<>(ID_HEADER, getResourceAttributeDefinitionModel()) {
+            @Serial private static final long serialVersionUID = 1L;
+
+            @Override
+            protected void refreshPanel(AjaxRequestTarget target) {
+                target.add(ResourceAttributeDefinitionPanel.this);
+            }
+        };
     }
 
     private IModel<ResourceAttributeWrapper<T>> getResourceAttributeDefinitionModel(){