Merge branch 'master' into feature/role-mining

# Conflicts: # gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebComponentUtil.java # model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/tasks/simple/SimpleActivityHandler.java # model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/tasks/TestMiscTasks.java
Evolveum · Aug 23, 2023 · b36c638 · b36c638
2 parents cae4e4f + fc401b7
commit b36c638
Show file tree

Hide file tree

Showing 704 changed files with 14,671 additions and 9,104 deletions.
diff --git a/config/initial-objects/role/043-role-delegator.xml b/config/initial-objects/role/043-role-delegator.xml
@@ -58,7 +58,7 @@
             <type>ShadowType</type>
         </object>
     </authorization>
-        <authorization>
+    <authorization>
         <name>delegator-read-delagate-assignments</name>
         <description>
             Authorization to read the assignments and assignment-related items from my delegates.

diff --git a/config/initial-objects/service/610-service-identity-recovery.xml b/config/initial-objects/service/610-service-identity-recovery.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2010-2023 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+<service oid="00000000-0000-0000-0000-000000000610"
+      xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
+    <name>Identity recovery</name>
+    <description>Service intended for identity recovery flow. The necessary for this flow authorizations are granted within this service.</description>
+    <authorization>
+        <name>gui-identity-recovery-access</name>
+        <description>
+            Allow access to identity recovery results page.
+        </description>
+        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#identityRecovery</action>
+    </authorization>
+</service>
diff --git a/config/sql/native-new/postgres-new-audit.sql b/config/sql/native-new/postgres-new-audit.sql
@@ -83,6 +83,16 @@ CREATE TYPE AuditEventStageType AS ENUM ('REQUEST', 'EXECUTION', 'RESOURCE');
 CREATE TYPE EffectivePrivilegesModificationType AS ENUM ('ELEVATION', 'FULL_ELEVATION', 'REDUCTION', 'OTHER');
 
 CREATE TYPE ChangeType AS ENUM ('ADD', 'MODIFY', 'DELETE');
+
+
+
+   -- We try to create ShadowKindType (necessary if audit is in separate database, if it is in same
+   -- database as repository, type already exists.
+DO $$ BEGIN
+       CREATE TYPE ShadowKindType AS ENUM ('ACCOUNT', 'ENTITLEMENT', 'GENERIC', 'UNKNOWN');
+   EXCEPTION
+       WHEN duplicate_object THEN null;
+END $$;
 -- endregion
 
 -- region management tables
@@ -163,6 +173,8 @@ CREATE TABLE ma_audit_delta (
     resourceOid UUID,
     resourceNameNorm TEXT,
     resourceNameOrig TEXT,
+    shadowKind ShadowKindType,
+    shadowIntent TEXT,
     status OperationResultStatusType,
 
     PRIMARY KEY (recordId, timestamp, checksum)
@@ -362,4 +374,4 @@ limit 50;
 -- This is important to avoid applying any change more than once.
 -- Also update SqaleUtils.CURRENT_SCHEMA_AUDIT_CHANGE_NUMBER
 -- repo/repo-sqale/src/main/java/com/evolveum/midpoint/repo/sqale/SqaleUtils.java
-call apply_audit_change(5, $$ SELECT 1 $$, true);
+call apply_audit_change(6, $$ SELECT 1 $$, true);
diff --git a/config/sql/native-new/postgres-new-upgrade-audit.sql b/config/sql/native-new/postgres-new-upgrade-audit.sql
@@ -125,6 +125,21 @@ call apply_audit_change(5, $aa$
      ADD COLUMN effectivePrivilegesModification EffectivePrivilegesModificationType;
 $aa$);
 
+
+call apply_audit_change(6, $aa$
+   -- We try to create ShadowKindType (necessary if audit is in separate database, if it is in same
+   -- database as repository, type already exists.
+   DO $$ BEGIN
+       CREATE TYPE ShadowKindType AS ENUM ('ACCOUNT', 'ENTITLEMENT', 'GENERIC', 'UNKNOWN');
+   EXCEPTION
+       WHEN duplicate_object THEN null;
+   END $$;
+
+   ALTER TABLE ma_audit_delta
+     ADD COLUMN shadowKind ShadowKindType,
+     ADD COLUMN shadowIntent TEXT;
+$aa$);
+
 -- WRITE CHANGES ABOVE ^^
 -- IMPORTANT: update apply_audit_change number at the end of postgres-new-audit.sql
 -- to match the number used in the last change here!

diff --git a/config/sql/native-new/postgres-new-upgrade.sql b/config/sql/native-new/postgres-new-upgrade.sql
@@ -367,6 +367,15 @@ CREATE TABLE m_task_affected_objects (
 
 $aa$)
 
+call apply_change(20, $aa$
+CREATE TYPE ExecutionModeType AS ENUM ('FULL', 'PREVIEW', 'SHADOW_MANAGEMENT_PREVIEW', 'DRY_RUN', 'NONE', 'BUCKET_ANALYSIS');
+CREATE TYPE PredefinedConfigurationType AS ENUM ( 'PRODUCTION', 'DEVELOPMENT' );
+
+ALTER TABLE m_task_affected_objects
+  ADD COLUMN executionMode ExecutionModeType,
+  ADD COLUMN predefinedConfigurationToUse PredefinedConfigurationType;
+$aa$)
+
 
 ---
 -- WRITE CHANGES ABOVE ^^

diff --git a/config/sql/native-new/postgres-new.sql b/config/sql/native-new/postgres-new.sql
@@ -130,6 +130,8 @@ CREATE TYPE AvailabilityStatusType AS ENUM ('DOWN', 'UP', 'BROKEN');
 
 CREATE TYPE CorrelationSituationType AS ENUM ('UNCERTAIN', 'EXISTING_OWNER', 'NO_OWNER', 'ERROR');
 
+CREATE TYPE ExecutionModeType AS ENUM ('FULL', 'PREVIEW', 'SHADOW_MANAGEMENT_PREVIEW', 'DRY_RUN', 'NONE', 'BUCKET_ANALYSIS');
+
 CREATE TYPE LockoutStatusType AS ENUM ('NORMAL', 'LOCKED');
 
 CREATE TYPE NodeOperationalStateType AS ENUM ('UP', 'DOWN', 'STARTING');
@@ -142,6 +144,8 @@ CREATE TYPE OperationResultStatusType AS ENUM ('SUCCESS', 'WARNING', 'PARTIAL_ER
 
 CREATE TYPE OrientationType AS ENUM ('PORTRAIT', 'LANDSCAPE');
 
+CREATE TYPE PredefinedConfigurationType AS ENUM ( 'PRODUCTION', 'DEVELOPMENT' );
+
 CREATE TYPE ResourceAdministrativeStateType AS ENUM ('ENABLED', 'DISABLED');
 
 CREATE TYPE ShadowKindType AS ENUM ('ACCOUNT', 'ENTITLEMENT', 'GENERIC', 'UNKNOWN');
@@ -1384,6 +1388,8 @@ CREATE TABLE m_task_affected_objects (
     resourceRefRelationId INTEGER REFERENCES m_uri(id),
     intent TEXT,
     kind ShadowKindType,
+    executionMode ExecutionModeType,
+    predefinedConfigurationToUse PredefinedConfigurationType,
     PRIMARY KEY (ownerOid, cid)
 ) INHERITS(m_container);
 
@@ -2166,4 +2172,4 @@ END $$;
 -- This is important to avoid applying any change more than once.
 -- Also update SqaleUtils.CURRENT_SCHEMA_CHANGE_NUMBER
 -- repo/repo-sqale/src/main/java/com/evolveum/midpoint/repo/sqale/SqaleUtils.java
-call apply_change(19, $$ SELECT 1 $$, true);
+call apply_change(20, $$ SELECT 1 $$, true);
diff --git a/gui/admin-gui/src/frontend/scss/_admin-lte-overrides.scss b/gui/admin-gui/src/frontend/scss/_admin-lte-overrides.scss
@@ -5,6 +5,13 @@
  * and European Union Public License. See LICENSE file for details.
  */
 
+@mixin smooth-transition($duration, $important: "") {
+  $important-flag: if($important == "important", ' !important', '');
+
+  transition: all ease $duration#{$important-flag};
+  -webkit-transition: all ease $duration#{$important-flag};
+}
+
 .user-panel {
   border-bottom: 0 !important;
 }
@@ -17,6 +24,10 @@
   }
 }
 
+.btn, .btn:hover {
+  @include smooth-transition(0.08s, important);
+}
+
 // this is a fix for card widget with tool buttons which is inside of tab panel
 .card.card-outline-tabs .card-tools {
   margin: 0;

diff --git a/gui/admin-gui/src/frontend/scss/_tiles.scss b/gui/admin-gui/src/frontend/scss/_tiles.scss
@@ -9,10 +9,18 @@
  * Contains all styles for all kinds of tile panels
  */
 
+@mixin smooth-transition($duration, $important: "") {
+  $important-flag: if($important == "important", ' !important', '');
+
+  transition: all ease $duration#{$important-flag};
+  -webkit-transition: all ease $duration#{$important-flag};
+}
+
 @mixin tile {
   border: 2px solid $white;
   border-radius: $border-radius;
   background-color: $white;
+  @include smooth-transition(0.1s);
 
   &.selectable {
     @include selectable-tile();
@@ -23,21 +31,24 @@
   cursor: pointer;
 
   &:hover {
-    border: 2px solid $input-border-color;
+    border: 2px solid $primary;
     border-radius: $border-radius;
+    @include smooth-transition(0.1s);
   }
 
   &.active {
     border: 2px solid $primary;
     border-radius: $border-radius;
-    background-color: rgba($primary, 15%);
+    background-color: mix($white, $primary, 85%);
+    @include smooth-transition(0.1s);
   }
 }
 
 @mixin tile-dark-mode {
   border-color: $secondary-alt;
   background-color: lighten($dark, 7.5%) !important;
   color: $white !important;
+  @include smooth-transition(0.1s);
 
   &.selectable {
     @include selectable-tile-dark-mode();
@@ -47,11 +58,13 @@
 @mixin selectable-tile-dark-mode {
   &:hover {
     border-color: $gray-400;
+    @include smooth-transition(0.1s);
   }
 
   &.active {
     border-color: $primary-alt;
     background-color: rgba($primary-alt, 15%);
+    @include smooth-transition(0.1s);
   }
 }
 

diff --git a/gui/admin-gui/src/frontend/scss/bs-stepper-custom.scss b/gui/admin-gui/src/frontend/scss/bs-stepper-custom.scss
@@ -17,6 +17,10 @@
   color: $secondary;
 }
 
+.step.active .bs-stepper-label {
+  color: $lightblue;
+}
+
 .bs-stepper .step-trigger:hover {
   background-color: inherit;
 }
diff --git a/gui/admin-gui/src/frontend/scss/midpoint.scss b/gui/admin-gui/src/frontend/scss/midpoint.scss
@@ -1744,6 +1744,10 @@ span.yui-skin-sam {
   width: 600px !important;
 }
 
+.login-box {
+  width: 400px !important;
+}
+
 .info-box.activity-item-processing > .info-box-content > .progress-description {
   overflow-wrap: break-word;
   word-break: break-word;
@@ -1891,7 +1895,7 @@ th.debug-list-buttons {
 
   .colored-form-#{$color}, .colored-form-#{$color}:hover, .colored-form-#{$color}:active, .colored-form-#{$color}:focus {
       color: $value;
-      background-color: mix(#ffffff00, $value, 85%);
+      background-color: mix(#ffffff, $value, 85%);
       border-color: $value;
 
       option {
@@ -1901,3 +1905,19 @@ th.debug-list-buttons {
     }
 
 }
+
+#toastsContainerTopRight.toasts-top-right {
+  top:3.5rem;
+}
+
+#toastsContainerTopRight .toast {
+  min-width: 400px;
+}
+
+.lh-1 {
+  line-height: 1;
+}
+
+.lh-2 {
+  line-height: 1.5;
+}
diff --git a/...n-gui/src/main/java/com/evolveum/midpoint/gui/api/component/form/ToggleCheckBoxPanel.html b/...n-gui/src/main/java/com/evolveum/midpoint/gui/api/component/form/ToggleCheckBoxPanel.html
@@ -8,10 +8,10 @@
 <!DOCTYPE html>
 <html xmlns:wicket="http://wicket.apache.org">
 <wicket:panel>
-    <div class="m-3 d-flex flex-row gap-3">
+    <div class="d-flex flex-row gap-3">
         <div class="d-flex flex-column">
             <label wicket:id="label"></label>
-            <p wicket:id="description"></p>
+            <p wicket:id="description" class="m-0"></p>
         </div>
         <div class="ml-auto">
             <input type="checkbox" wicket:id="check" data-bootstrap-switch />

diff --git a/...ui/src/main/java/com/evolveum/midpoint/gui/api/component/wizard/BasicWizardStepPanel.html b/...ui/src/main/java/com/evolveum/midpoint/gui/api/component/wizard/BasicWizardStepPanel.html
@@ -9,27 +9,27 @@
 <wicket:panel>
     <div class="d-flex flex-column align-items-center mt-5">
         <h2 class="mb-4 font-weight-bold" wicket:id="text"/>
-        <h5 class="text-center text-secondary mb-5" wicket:id="subText"/>
+        <h5 class="text-center text-secondary mb-5 lh-2" wicket:id="subText"/>
 
         <wicket:child/>
         <div class="d-flex gap-3 justify-content-center mt-5">
             <a class="btn text-primary" wicket:id="back">
-                <i class="fas fa-arrow-left mr-2"></i>
+                <i class="fas fa-arrow-left mr-1"></i>
                 <wicket:message key="WizardHeader.back"/>
             </a>
             <a class="btn btn-default" wicket:id="exit">
-                <i class="fas fa-right-from-bracket mr-2"></i>
+                <i class="fas fa-right-from-bracket mr-1 fa-rotate-180"></i>
                 <wicket:message key="WizardPanel.exit"/>
             </a>
             <a class="btn btn-default" wicket:id="customButtons" />
             <a class="btn btn-success" wicket:id="submit">
-                <i class="fas fa-check mr-2"/>
+                <i class="fas fa-check mr-1"/>
                 <span wicket:id="submitLabel"/>
             </a>
             <a class="btn btn-primary" wicket:id="next">
                 <wicket:message key="WizardHeader.next"/>
                 <span wicket:id="nextLabel"/>
-                <i class="fas fa-arrow-right ml-2"></i>
+                <i class="fas fa-arrow-right ml-1"></i>
             </a>
         </div>
     </div>

diff --git a/...min-gui/src/main/java/com/evolveum/midpoint/gui/api/component/wizard/NavigationPanel.html b/...min-gui/src/main/java/com/evolveum/midpoint/gui/api/component/wizard/NavigationPanel.html
@@ -19,7 +19,7 @@ <h3 class="mb-0" wicket:id="title"/>
         <a wicket:id="nextLink">
             <wicket:message key="NavigationPanel.next"/>
             <span wicket:id="nextLabel"/>
-            <i class="fas fa-arrow-right ml-2"></i>
+            <i class="fas fa-arrow-right ml-1"></i>
         </a>
     </wicket:fragment>
 </wicket:panel>

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageAdminLTE.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageAdminLTE.java
@@ -65,7 +65,7 @@
 import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
 import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
 import com.evolveum.midpoint.gui.impl.error.ErrorPanel;
-import com.evolveum.midpoint.gui.impl.page.login.PageLogin;
+import com.evolveum.midpoint.gui.impl.page.login.module.PageLogin;
 import com.evolveum.midpoint.gui.impl.prism.panel.ItemPanelSettings;
 import com.evolveum.midpoint.model.api.*;
 import com.evolveum.midpoint.model.api.authentication.CompiledGuiProfile;
@@ -102,7 +102,6 @@
 import com.evolveum.midpoint.security.enforcer.api.SecurityEnforcer;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.task.api.TaskManager;
-import com.evolveum.midpoint.util.CheckedProducer;
 import com.evolveum.midpoint.util.Producer;
 import com.evolveum.midpoint.util.exception.*;
 import com.evolveum.midpoint.util.logging.LoggingUtils;
@@ -163,7 +162,7 @@ public abstract class PageAdminLTE extends WebPage implements ModelServiceLocato
     // size.
 
     @SpringBean(name = "modelController")
-    private ScriptingService scriptingService;
+    private BulkActionsService bulkActionsService;
 
     @SpringBean(name = "modelController")
     private ModelService modelService;
@@ -492,8 +491,8 @@ public ObjectResolver getModelObjectResolver() {
         return modelObjectResolver;
     }
 
-    public ScriptingService getScriptingService() {
-        return scriptingService;
+    public BulkActionsService getBulkActionsService() {
+        return bulkActionsService;
     }
 
     public TaskService getTaskService() {

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/GuiDisplayTypeUtil.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/GuiDisplayTypeUtil.java
@@ -7,6 +7,7 @@
 package com.evolveum.midpoint.gui.api.util;
 
 import com.evolveum.midpoint.gui.api.GuiStyleConstants;
+import com.evolveum.midpoint.gui.api.page.PageAdminLTE;
 import com.evolveum.midpoint.gui.api.page.PageBase;
 import com.evolveum.midpoint.model.api.AssignmentObjectRelation;
 import com.evolveum.midpoint.model.api.authentication.CompiledObjectCollectionView;
@@ -73,15 +74,15 @@ public static DisplayType createDisplayType(String iconCssClass, String iconColo
         return displayType;
     }
 
-    public static <O extends ObjectType> DisplayType getArchetypePolicyDisplayType(O object, PageBase pageBase) {
+    public static <O extends ObjectType> DisplayType getArchetypePolicyDisplayType(O object, PageAdminLTE pageBase) {
         if (object == null) {
             return null;
         }
 
         return getArchetypePolicyDisplayType(object.asPrismObject(), pageBase);
     }
 
-    public static <O extends ObjectType> DisplayType getArchetypePolicyDisplayType(PrismObject<O> object, PageBase pageBase) {
+    public static <O extends ObjectType> DisplayType getArchetypePolicyDisplayType(PrismObject<O> object, PageAdminLTE pageBase) {
         if (object != null && StringUtils.isNotEmpty(object.getOid())) {
             ArchetypePolicyType archetypePolicy = WebComponentUtil.getArchetypeSpecification(object, pageBase);
             if (archetypePolicy != null) {