Merge remote-tracking branch 'origin/master'

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/PrismValuePanel.java

@@ -140,6 +140,8 @@ private void initLayout(IModel<String> labelModel, Form form, String valueCssCla
             feedback.setFilter(new ComponentFeedbackMessageFilter(input));
         } else if (input instanceof ValueChoosePanel) {
             feedback.setFilter(new ComponentFeedbackMessageFilter(input));
+        } else if (input instanceof AssociationValueChoicePanel){
+            feedback.setFilter(new ComponentFeedbackMessageFilter(((AssociationValueChoicePanel) input).getTextComponent()));
         }
         valueContainer.add(input);
 

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/users/component/AssociationValueChoicePanel.java

@@ -40,6 +40,7 @@
 import com.evolveum.midpoint.web.page.admin.roles.component.UserOrgReferenceChoosePanel;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
 
+import org.apache.wicket.Component;
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior;
 import org.apache.wicket.ajax.markup.html.AjaxLink;
@@ -114,6 +115,7 @@ protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
         textWrapper.add(text);
 
         FeedbackPanel feedback = new FeedbackPanel(ID_FEEDBACK, new ComponentFeedbackMessageFilter(text));
+        feedback.setFilter(new ComponentFeedbackMessageFilter(text));
         textWrapper.add(feedback);
 
         AjaxLink edit = new AjaxLink(ID_EDIT) {
@@ -353,6 +355,10 @@ protected boolean isObjectUnique(C object) {
         return true;
     }
 
+    public Component getTextComponent(){
+        return get(ID_TEXT_WRAPPER).get(ID_TEXT);
+    }
+
 
     /**
      * A custom code in form of hook that can be run on event of choosing new

samples/resources/csvfile/localhost-csvfile-medium.xml

@@ -0,0 +1,239 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2010-2016 Evolveum
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+
+<!--
+
+This file is an example of Resource definition. It defines a CSV file resource
+using an Identity Connector Framework connector.
+
+-->
+
+<resource 	oid="ef2bc95b-76e0-48e2-86d6-3d4f02d3fafe"
+		xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+		xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" 
+		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+		xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+		xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
+		xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+        	xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
+
+
+    	<!-- Resource name. It will be displayed in GUI.  -->
+	<name>Localhost CSVfile (target)</name>
+
+     	<!-- Reference to the ICF Flatfile connector. It contains a search filter that finds the right connector by connectorType. -->
+	<connectorRef type="ConnectorType">
+		<filter>
+	        <q:equal>
+			<q:path>c:connectorType</q:path>
+	          <q:value>com.evolveum.polygon.csvfile.CSVFileConnector</q:value>
+	        </q:equal>
+	      </filter>
+	</connectorRef>
+
+        <!-- Configuration section contains configuration of the connector,
+             such as hostnames and passwords -->
+	<connectorConfiguration>
+
+            <!-- Configuration specific for the CSVfile connector -->
+		<icfc:configurationProperties
+					xmlns:icfccsvfile="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-csvfile/com.evolveum.polygon.csvfile.CSVFileConnector">
+
+				<icfccsvfile:filePath>/var/tmp/midpoint-target-flatfile.csv</icfccsvfile:filePath>
+				<icfccsvfile:encoding>utf-8</icfccsvfile:encoding>
+				<icfccsvfile:valueQualifier>"</icfccsvfile:valueQualifier>
+				<icfccsvfile:fieldDelimiter>,</icfccsvfile:fieldDelimiter>
+				<icfccsvfile:multivalueDelimiter>;</icfccsvfile:multivalueDelimiter>
+				<icfccsvfile:usingMultivalue>true</icfccsvfile:usingMultivalue>
+				<icfccsvfile:uniqueAttribute>id</icfccsvfile:uniqueAttribute>
+	<!--			<icfccsvfile:nameAttribute>id</icfccsvfile:nameAttribute> -->
+				<icfccsvfile:passwordAttribute>password</icfccsvfile:passwordAttribute>
+			</icfc:configurationProperties>
+
+			<!-- Generic ICF configuration -->
+
+	</connectorConfiguration>
+
+        <!-- Resource Schema Handling definition.
+             This part defines how the schema defined above will be used by
+             midPoint. It defines expressions and limitations for individual
+             schema attributes.
+
+             The expressions that describe both inbound and outbound flow of
+             the attributes are defined in this section.
+
+             This is the part where most of the customization takes place.
+        -->
+		<schemaHandling>
+
+            <!-- Definition of default account type.
+                 This is now the only account type that midPoint can work with. -->
+			<objectType>
+                <!-- Readable name for the account type -->
+				<displayName>Default Account</displayName>
+				<default>true</default>
+                <!-- Reference to the Resource Schema (see above) specifying
+                     object class for this account type -->
+				<objectClass>ri:AccountObjectClass</objectClass>
+				<attribute>
+					<ref>icfs:uid</ref>
+
+                    <!-- Readable name for the attribute. This will be used in GUI -->
+					<displayName>Entry UUID</displayName>
+
+                    <!-- Access limitation for this attribute.
+                         Entry UUID is created by the directory server itelf
+                         and it is immutable. We can only read it. -->
+					<limitations>
+						<access>
+							<read>true</read>
+						</access>
+					</limitations>
+				</attribute>
+				<attribute>
+					<ref>icfs:name</ref>
+
+                    <!-- Readable name for the attribute. This will be used in GUI -->
+					<displayName>Name</displayName>
+
+					<limitations>
+						<minOccurs>0</minOccurs>
+					</limitations>
+					<outbound>
+						<source>
+							<path>$user/name</path>
+						</source>
+					</outbound>
+				</attribute>
+
+				<attribute>
+					<ref>ri:firstname</ref>
+					<displayName>First name</displayName>
+					<description>Definition of Firstname attribute handling.</description>
+					<outbound>
+						<source>
+							<path>$user/givenName</path>
+						</source>
+					</outbound>
+				</attribute>
+				<attribute>
+					<ref>ri:lastname</ref>
+					<displayName>Last name</displayName>
+					<description>Definition of Lastname attribute handling.</description>
+					<outbound>
+						<source>
+							<path>$user/familyName</path>
+						</source>
+					</outbound>
+				</attribute>
+				<attribute>
+					<ref>ri:groups</ref>
+					<displayName>Groups</displayName>
+					<!-- CSV resource connector does not know about multivalue, so pretend this attribute is multivalue. -->
+					<limitations>
+						<minOccurs>0</minOccurs>
+						<maxOccurs>-1</maxOccurs>
+					</limitations>
+				</attribute>
+
+
+				<activation>
+					<administrativeStatus>
+						<outbound/>
+					</administrativeStatus>
+				</activation>
+
+				<credentials>
+					<password>
+						<outbound/>
+					</password>
+				</credentials>
+
+			</objectType>
+		</schemaHandling>
+
+		<!-- Resource capabilities. It defines a simulated enableDisable capability. -->
+		<capabilities xmlns:cap="http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">
+			<configured>
+				<cap:activation>
+					<cap:status>
+						<cap:attribute>ri:disabled</cap:attribute>
+						<cap:enableValue>false</cap:enableValue>
+						<cap:disableValue>true</cap:disableValue>
+					</cap:status>
+				</cap:activation>
+			</configured>
+		</capabilities>
+		<synchronization>
+			<objectSynchronization>
+				<!--
+	                The synchronization for this resource is enabled.
+	                It will be used to correctly run discovery when account already exists.
+	                 -->
+				<enabled>true</enabled>
+
+				<correlation>
+					<q:description>
+	                    Correlation expression is a search query.
+	                    Following search queury will look for users that have "name"
+	                    equal to the "name" attribute of the account. Simply speaking,
+	                    it will look for match in usernames in the IDM and the resource.
+	                    The correlation rule always looks for users, so it will not match
+	                    any other object type.
+					</q:description>
+					<q:equal>
+						<q:path>c:name</q:path>
+						<expression>
+							<path>
+								declare namespace icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3";
+								$account/attributes/icfs:name
+							</path>
+						</expression>
+					</q:equal>
+				</correlation>
+
+				<!-- Confirmation rule may be here, but as the search above will
+	                 always return at most one match, the confirmation rule is not needed. -->
+
+				<!-- Following section describes reactions to a situations.
+	                 The setting here assumes that this resource is authoritative,
+	                 therefore all accounts created on the resource should be
+	                 reflected as new users in IDM.
+	                 See http://wiki.evolveum.com/display/midPoint/Synchronization+Situations
+	             -->
+				<reaction>
+					<situation>linked</situation>
+					<synchronize>true</synchronize>
+				</reaction>
+				<reaction>
+					<situation>deleted</situation>
+					<action ref="http://midpoint.evolveum.com/xml/ns/public/model/action-3#deleteFocus"/>
+				</reaction>
+				<reaction>
+					<situation>unlinked</situation>
+					<action ref="http://midpoint.evolveum.com/xml/ns/public/model/action-3#link"/>
+				</reaction>
+				<reaction>
+					<situation>unmatched</situation>
+					<!-- No reaction here, resource is NOT authoritative -->
+				</reaction>
+			</objectSynchronization>
+		</synchronization>
+</resource>
+

samples/resources/csvfile/midpoint-target-flatfile.csv

@@ -0,0 +1 @@
+"id","firstname","lastname","disabled","password","groups"

samples/resources/csvfile/role-csvfile-groups.xml

@@ -0,0 +1,44 @@
+<!--
+  ~ Copyright (c) 2010-2016 Evolveum
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<role oid="4115e6be-2d85-11e6-bef5-3c970e44b9e2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+		xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
+        xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
+    <name>CSV File - Basic Groups</name>    
+    <description>Role to create normal account on CSV File target resource and to assign basic groups.</description>
+    <inducement>
+    	<construction>
+    		<!-- The c: prefix in type must be there due to a JAXB bug -->
+    		<resourceRef oid="ef2bc95b-76e0-48e2-86d6-3d4f02d3fafe" type="c:ResourceType"/>
+    		<attribute>
+                    <ref>ri:groups</ref>
+                    <outbound>
+			<strength>strong</strength>
+<!-- To apply when reconciling/recomputing -->
+                    	<expression>
+	                        <value>Essential Documents</value>
+	                        <value>Meals</value>
+	                        <value>Travelling</value>
+	                        <value>North Gate Access</value>
+	                        <value>South Gate Access</value>
+	                        <value>Parking B2</value>
+	                </expression>
+	            </outbound>
+            </attribute>    		
+    	</construction>
+    </inducement>    
+</role>

samples/resources/csvfile/role-csvfile.xml

@@ -0,0 +1,28 @@
+<!--
+  ~ Copyright (c) 2010-2016 Evolveum
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+
+<role oid="3931573a-2d85-11e6-8ac1-3c970e44b9e2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+        xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
+    <name>CSV File</name>    
+    <description>Role to create normal account on CSV File target resource.</description>
+    <inducement>
+    	<construction>
+    		<!-- The c: prefix in type must be there due to a JAXB bug -->
+    		<resourceRef oid="ef2bc95b-76e0-48e2-86d6-3d4f02d3fafe" type="c:ResourceType"/>
+    	</construction>
+    </inducement>    
+</role>