Removed getObject call when deleting objects as administrator.

Simplified scripting API a bit + provided rough implementation of PageBulkAction using this API.

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/configuration/PageBulkAction.java

@@ -16,32 +16,37 @@
 
 package com.evolveum.midpoint.web.page.admin.configuration;
 
+import com.evolveum.midpoint.model.api.ScriptExecutionException;
+import com.evolveum.midpoint.prism.PrismContext;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
 import com.evolveum.midpoint.web.application.AuthorizationAction;
 import com.evolveum.midpoint.web.application.PageDescriptor;
 import com.evolveum.midpoint.web.component.AceEditor;
 import com.evolveum.midpoint.web.component.AjaxSubmitButton;
 import com.evolveum.midpoint.web.page.admin.configuration.dto.BulkActionDto;
+import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ScriptingExpressionType;
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.markup.html.form.CheckBox;
 import org.apache.wicket.markup.html.form.Form;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.Model;
 import org.apache.wicket.model.PropertyModel;
 
+import javax.xml.bind.JAXBElement;
+
 /**
  * @author lazyman
  */
 @PageDescriptor(url = "/admin/config/bulk", action = {
-//        @AuthorizationAction(actionUri = PageAdminConfiguration.AUTH_CONFIGURATION_ALL,
-//                label = PageAdminConfiguration.AUTH_CONFIGURATION_ALL_LABEL, description = PageAdminConfiguration.AUTH_CONFIGURATION_ALL_DESCRIPTION),
-//        @AuthorizationAction(actionUri = AuthorizationConstants.NS_AUTHORIZATION + "#bulkAction",
-//                label = "PageBulkAction.auth.bulkAction.label", description = "PageBulkAction.auth.bulkAction.description")
-        @AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_NO_ACCESS_URL)
+        @AuthorizationAction(actionUri = PageAdminConfiguration.AUTH_CONFIGURATION_ALL,
+                label = PageAdminConfiguration.AUTH_CONFIGURATION_ALL_LABEL, description = PageAdminConfiguration.AUTH_CONFIGURATION_ALL_DESCRIPTION),
+        @AuthorizationAction(actionUri = AuthorizationConstants.NS_AUTHORIZATION + "#bulkAction",
+                label = "PageBulkAction.auth.bulkAction.label", description = "PageBulkAction.auth.bulkAction.description")
 })
 public class PageBulkAction extends PageAdminConfiguration {
 
@@ -87,12 +92,47 @@ protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
     }
 
     private void startPerformed(AjaxRequestTarget target) {
-        model.getObject();
-
         Task task = createSimpleTask(OPERATION_PERFORM_BULK);
         OperationResult result = new OperationResult(OPERATION_PERFORM_BULK);
 
-        //TODO - continue here - we need to find a way to serialize XML String to JAXBElement<? extends ScriptingExpressionType> expression to continue
-//        getScriptingService().evaluateExpressionInBackground(, task, result);
+        BulkActionDto bulkActionDto = model.getObject();
+
+        ScriptingExpressionType expression = null;
+        try {
+            Object parsed = getPrismContext().parseAnyValue(bulkActionDto.getScript(), PrismContext.LANG_XML);
+            if (parsed == null) {
+                result.recordFatalError("No bulk action object was provided.");
+            }
+            if (parsed instanceof JAXBElement) {
+                parsed = ((JAXBElement) parsed).getValue();
+            }
+            if (parsed instanceof ScriptingExpressionType) {
+                expression = (ScriptingExpressionType) parsed;
+            } else {
+                result.recordFatalError("Provided XML text is not a bulk action object. An instance of {scripting-3}ScriptingExpressionType is expected; you have provided " + parsed.getClass() + " instead.");
+            }
+        } catch (SchemaException|RuntimeException e) {
+            result.recordFatalError("Couldn't parse bulk action object", e);
+        }
+
+        if (expression != null) {
+            if (bulkActionDto.isAsync()) {
+                try {
+                    getScriptingService().evaluateExpressionInBackground(expression, task, result);
+                } catch (SchemaException e) {
+                    result.recordFatalError("Couldn't submit bulk action to execution because of schema exception", e);
+                }
+            } else {
+                try {
+                    getScriptingService().evaluateExpression(expression, task, result);
+                } catch (ScriptExecutionException e) {
+                    result.recordFatalError("Couldn't execute bulk action", e);
+                }
+            }
+        }
+
+        result.computeStatusIfUnknown();
+        showResult(result);
+        target.add(getFeedbackPanel());
     }
 }

infra/prism/src/main/java/com/evolveum/midpoint/prism/PrismContext.java

@@ -391,6 +391,11 @@ public <T> T parseAnyValue(InputStream inputStream, String language) throws Sche
         return xnodeProcessor.parseAnyValue(xnode);
     }
 
+    public <T> T parseAnyValue(String dataString, String language) throws SchemaException {
+        XNode xnode = parseToXNode(dataString, language);
+        return xnodeProcessor.parseAnyValue(xnode);
+    }
+
     //endregion
 
     //region Parsing to XNode

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/ScriptExecutionException.java → model/model-api/src/main/java/com/evolveum/midpoint/model/api/ScriptExecutionException.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.evolveum.midpoint.model.impl.scripting;
+package com.evolveum.midpoint.model.api;
 
 /**
  * Wraps any exceptions that occur during execution of expressions. (ExpressionEvaluationException would be more appropriate, but this name is already used elsewhere.)

model/model-api/src/main/java/com/evolveum/midpoint/model/api/ScriptingService.java

@@ -16,26 +16,14 @@
 
 package com.evolveum.midpoint.model.api;
 
-import com.evolveum.midpoint.prism.PrismObject;
-import com.evolveum.midpoint.prism.parser.QueryConvertor;
 import com.evolveum.midpoint.prism.query.ObjectFilter;
-import com.evolveum.midpoint.schema.GetOperationOptions;
-import com.evolveum.midpoint.schema.SelectorOptions;
-import com.evolveum.midpoint.schema.constants.SchemaConstants;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.task.api.Task;
-import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.exception.SchemaException;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.TaskType;
-import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ActionExpressionType;
-import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ExecuteScriptType;
 import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ScriptingExpressionType;
-import com.evolveum.midpoint.xml.ns._public.model.scripting_3.SearchExpressionType;
 
 import javax.xml.bind.JAXBElement;
 import javax.xml.namespace.QName;
-import java.util.Collection;
-import java.util.List;
 
 /**
  * Interface of the Model subsystem that provides scripting (bulk actions) operations.
@@ -55,18 +43,34 @@ public interface ScriptingService {
      *             and assigns ScriptExecutionTaskHandler to it, to execute the script.
      * @param parentResult
      * @throws SchemaException
+     *
+     * TODO consider removing this method (it was meant as a simplified version of the method below)
      */
     public void evaluateExpressionInBackground(QName objectType, ObjectFilter filter, String actionName, Task task, OperationResult parentResult) throws SchemaException;
 
     /**
      * Asynchronously executes any scripting expression.
      *
      * @param expression Expression to be executed.
-     * @param task Task in context of which the script should execute. The task should be "clean", i.e.
-     *             (1) transient, (2) without any handler. This method puts the task into background,
-     *             and assigns ScriptExecutionTaskHandler to it, to execute the script.
+     * @param task Task in context of which the script should execute.
+     *             The task should be "clean", i.e. (1) transient, (2) without any handler.
+     *             This method puts the task into background, and assigns ScriptExecutionTaskHandler
+     *             to it, to execute the script.
      * @param parentResult
      * @throws SchemaException
      */
-    public void evaluateExpressionInBackground(JAXBElement<? extends ScriptingExpressionType> expression, Task task, OperationResult parentResult) throws SchemaException;
-}
+    public void evaluateExpressionInBackground(ScriptingExpressionType expression, Task task, OperationResult parentResult) throws SchemaException;
+
+    /**
+     * Synchronously executes any scripting expression (with no input data).
+     *
+     * @param expression Scripting expression to execute.
+     * @param task Task in context of which the script should execute (in foreground!)
+     * @param result Operation result
+     * @throws ScriptExecutionException
+     *
+     * TODO return ExecutionContext (requires moving the context to model api)
+     */
+
+    public void evaluateExpression(ScriptingExpressionType expression, Task task, OperationResult result) throws ScriptExecutionException;
+}

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelWebService.java

@@ -15,17 +15,13 @@
  */
 package com.evolveum.midpoint.model.impl;
 
-import com.evolveum.midpoint.audit.api.AuditEventRecord;
-import com.evolveum.midpoint.audit.api.AuditEventStage;
-import com.evolveum.midpoint.audit.api.AuditEventType;
-import com.evolveum.midpoint.audit.api.AuditService;
 import com.evolveum.midpoint.model.api.ModelExecuteOptions;
 import com.evolveum.midpoint.model.api.ModelPort;
 import com.evolveum.midpoint.model.common.util.AbstractModelWebService;
 import com.evolveum.midpoint.model.impl.controller.ModelController;
 import com.evolveum.midpoint.model.impl.scripting.Data;
 import com.evolveum.midpoint.model.impl.scripting.ExecutionContext;
-import com.evolveum.midpoint.model.impl.scripting.ScriptExecutionException;
+import com.evolveum.midpoint.model.api.ScriptExecutionException;
 import com.evolveum.midpoint.model.impl.scripting.ScriptingExpressionEvaluator;
 import com.evolveum.midpoint.prism.Item;
 import com.evolveum.midpoint.prism.PrismContext;
@@ -41,18 +37,14 @@
 import com.evolveum.midpoint.schema.constants.ObjectTypes;
 import com.evolveum.midpoint.schema.constants.SchemaConstants;
 import com.evolveum.midpoint.schema.result.OperationResult;
-import com.evolveum.midpoint.schema.result.OperationResultStatus;
 import com.evolveum.midpoint.schema.util.MiscSchemaUtil;
-import com.evolveum.midpoint.security.api.MidPointPrincipal;
 import com.evolveum.midpoint.task.api.Task;
-import com.evolveum.midpoint.task.api.TaskManager;
 import com.evolveum.midpoint.util.exception.CommunicationException;
 import com.evolveum.midpoint.util.exception.ConfigurationException;
 import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
 import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.exception.SecurityViolationException;
-import com.evolveum.midpoint.util.exception.SystemException;
 import com.evolveum.midpoint.util.logging.LoggingUtils;
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
@@ -81,14 +73,12 @@
 import com.evolveum.midpoint.xml.ns._public.model.model_3.ExecuteScriptsType;
 import com.evolveum.midpoint.xml.ns._public.model.model_3.ModelPortType;
 import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ItemListType;
+import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ScriptingExpressionType;
 import com.evolveum.prism.xml.ns._public.query_3.QueryType;
-import com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
 import com.evolveum.prism.xml.ns._public.types_3.RawType;
 
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
 
 import javax.xml.bind.JAXBElement;
@@ -275,15 +265,15 @@ private List<JAXBElement<?>> parseScripts(ExecuteScriptsType parameters) throws
         return scriptsToExecute;
     }
 
-    private ExecuteScriptsResponseType doExecuteScripts(List<JAXBElement<?>> scriptsToExecute, ExecuteScriptsOptionsType options, Task task, OperationResult result) throws ScriptExecutionException, JAXBException, SchemaException {
+    private ExecuteScriptsResponseType doExecuteScripts(List<JAXBElement<?>> scriptsToExecute, ExecuteScriptsOptionsType options, Task task, OperationResult result) {
         ExecuteScriptsResponseType response = new ExecuteScriptsResponseType();
         ScriptOutputsType outputs = new ScriptOutputsType();
         response.setOutputs(outputs);
 
         try {
             for (JAXBElement<?> script : scriptsToExecute) {
 
-                ExecutionContext outputContext = scriptingExpressionEvaluator.evaluateExpression(script, task, result);
+                ExecutionContext outputContext = scriptingExpressionEvaluator.evaluateExpression((ScriptingExpressionType) script.getValue(), task, result);
 
                 SingleScriptOutputType output = new SingleScriptOutputType();
                 outputs.getOutput().add(output);
@@ -298,7 +288,7 @@ private ExecuteScriptsResponseType doExecuteScripts(List<JAXBElement<?>> scripts
                 }
             }
             result.computeStatusIfUnknown();
-        } catch (Exception e) {         // FIXME little bit brutal treatment
+        } catch (ScriptExecutionException|JAXBException|SchemaException|RuntimeException e) {
             result.recordFatalError(e.getMessage(), e);
             LoggingUtils.logException(LOGGER, "Exception while executing script", e);
         }

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java

@@ -28,6 +28,7 @@
 import javax.xml.bind.JAXBElement;
 import javax.xml.namespace.QName;
 
+import com.evolveum.midpoint.model.api.ScriptExecutionException;
 import com.evolveum.midpoint.model.api.ScriptingService;
 import com.evolveum.midpoint.model.api.TaskService;
 import com.evolveum.midpoint.model.api.WorkflowService;
@@ -484,8 +485,11 @@ public void run() {
                             String oid = cacheRepositoryService.addObject(delta.getObjectToAdd(), repoOptions, result1);
                             delta.setOid(oid);
                         } else if (delta.isDelete()) {
-                            PrismObject<? extends ObjectType> existingObject = cacheRepositoryService.getObject(delta.getObjectTypeClass(), delta.getOid(), null, result1);
-                            securityEnforcer.authorize(ModelAuthorizationAction.DELETE.getUrl(), null, existingObject, null, null, null, result1);
+                            if (!securityEnforcer.isAuthorized(AuthorizationConstants.AUTZ_ALL_URL, null, null, null, null, null)) {
+                                // getting the object is avoided in case of administrator's request in order to allow deleting malformed (unreadable) objects
+                                PrismObject<? extends ObjectType> existingObject = cacheRepositoryService.getObject(delta.getObjectTypeClass(), delta.getOid(), null, result1);
+                                securityEnforcer.authorize(ModelAuthorizationAction.DELETE.getUrl(), null, existingObject, null, null, null, result1);
+                            }
                             if (ObjectTypes.isClassManagedByProvisioning(delta.getObjectTypeClass())) {
                                 Utils.clearRequestee(task);
                                 provisioning.deleteObject(delta.getObjectTypeClass(), delta.getOid(),
@@ -1857,9 +1861,15 @@ public void evaluateExpressionInBackground(QName objectType, ObjectFilter filter
     }
 
     @Override
-    public void evaluateExpressionInBackground(JAXBElement<? extends ScriptingExpressionType> expression, Task task, OperationResult parentResult) throws SchemaException {
+    public void evaluateExpressionInBackground(ScriptingExpressionType expression, Task task, OperationResult parentResult) throws SchemaException {
         scriptingExpressionEvaluator.evaluateExpressionInBackground(expression, task, parentResult);
     }
+
+    @Override
+    public void evaluateExpression(ScriptingExpressionType expression, Task task, OperationResult result) throws ScriptExecutionException {
+        scriptingExpressionEvaluator.evaluateExpression(expression, task, result);
+    }
+
     //endregion
 
 }

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/ActionExecutor.java

@@ -16,6 +16,7 @@
 
 package com.evolveum.midpoint.model.impl.scripting;
 
+import com.evolveum.midpoint.model.api.ScriptExecutionException;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ActionExpressionType;
 

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/Data.java

@@ -16,6 +16,7 @@
 
 package com.evolveum.midpoint.model.impl.scripting;
 
+import com.evolveum.midpoint.model.api.ScriptExecutionException;
 import com.evolveum.midpoint.prism.Item;
 import com.evolveum.midpoint.prism.PrismContext;
 import com.evolveum.midpoint.prism.PrismObject;

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/ScriptExecutionTaskHandler.java

@@ -16,6 +16,7 @@
 
 package com.evolveum.midpoint.model.impl.scripting;
 
+import com.evolveum.midpoint.model.api.ScriptExecutionException;
 import com.evolveum.midpoint.prism.PrismProperty;
 import com.evolveum.midpoint.schema.constants.SchemaConstants;
 import com.evolveum.midpoint.schema.result.OperationResult;