fix for refreshing of principal compiled gui when was changed assignm…

…ents

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/ObjectDetailsModels.java

@@ -65,6 +65,10 @@ public ObjectDetailsModels(LoadableDetachableModel<PrismObject<O>> prismObjectMo
             protected PrismObjectWrapper<O> load() {
                 PrismObject<O> prismObject = getPrismObject();//prismObjectModel.getObject();
 
+                if (prismObject == null) {
+                    return null;
+                }
+
                 PrismObjectWrapperFactory<O> factory = modelServiceLocator.findObjectWrapperFactory(prismObject.getDefinition());
                 Task task = modelServiceLocator.createSimpleTask("createWrapper");
                 OperationResult result = task.getResult();

model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/FinishAuthenticationFilter.java

@@ -10,6 +10,7 @@
 import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
 import com.evolveum.midpoint.authentication.api.config.MidpointAuthentication;
 import com.evolveum.midpoint.authentication.impl.FocusAuthenticationResultRecorder;
+import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
 import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipalManager;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.security.api.ConnectionEnvironment;
@@ -28,6 +29,7 @@
 import org.jetbrains.annotations.VisibleForTesting;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.web.filter.OncePerRequestFilter;
 
 import java.io.IOException;
@@ -53,6 +55,9 @@ public void setPrincipalManager(GuiProfiledPrincipalManager focusProfileService)
         this.focusProfileService = focusProfileService;
     }
 
+    @Autowired(required = false)
+    private SessionRegistry sessionRegistry;
+
     public FinishAuthenticationFilter() {
     }
 
@@ -85,8 +90,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             return;
         }
 
-        if (!(mpAuthentication.getPrincipal() instanceof MidPointPrincipal)) {
-            LOGGER.trace("Skipping compile principal profile, because couldn't find MidPointPrincipal.");
+        if (!(mpAuthentication.getPrincipal() instanceof GuiProfiledPrincipal)) {
+            LOGGER.trace("Skipping compile principal profile, because couldn't find GuiProfiledPrincipal.");
             filterChain.doFilter(request, response);
             return;
         }
@@ -105,19 +110,13 @@ private void compileGuiProfile(MidpointAuthentication mpAuthentication) {
             return;
         }
 
-        try {
-            mpAuthentication.setPrincipal(
-                    focusProfileService.getPrincipal(
-                            principal.getFocusPrismObject(),
-                            ProfileCompilerOptions.create()
-                                    .collectAuthorization(true)
-                                    .compileGuiAdminConfiguration(supportGuiConfig)
-                                    .locateSecurityPolicy(supportGuiConfig)
-                                    .tryReusingSecurityPolicy(true),
-                            new OperationResult("reload principal")));
-            mpAuthentication.setAlreadyCompiledGui(true);
-        } catch (CommonException e) {
-            LOGGER.debug("Couldn't reload principal after authentication", e);
-        }
+        focusProfileService.refreshCompiledProfile(
+                (GuiProfiledPrincipal) principal,
+                ProfileCompilerOptions.create()
+                        .collectAuthorization(true)
+                        .compileGuiAdminConfiguration(supportGuiConfig)
+                        .locateSecurityPolicy(supportGuiConfig)
+                        .tryReusingSecurityPolicy(true));
+        mpAuthentication.setAlreadyCompiledGui(true);
     }
 }

model/model-api/src/main/java/com/evolveum/midpoint/model/api/authentication/GuiProfiledPrincipalManager.java

@@ -62,4 +62,7 @@ GuiProfiledPrincipal getPrincipal(
 
     @NotNull
     CompiledGuiProfile refreshCompiledProfile(GuiProfiledPrincipal guiProfiledPrincipal);
+
+    @NotNull
+    CompiledGuiProfile refreshCompiledProfile(GuiProfiledPrincipal guiProfiledPrincipal, ProfileCompilerOptions options);
 }

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/GuiProfiledPrincipalManagerImpl.java

@@ -458,6 +458,16 @@ public <O extends ObjectType> void invalidate(Class<O> type, String oid, boolean
 
     @Override
     public @NotNull CompiledGuiProfile refreshCompiledProfile(GuiProfiledPrincipal principal) {
+        return refreshCompiledProfile(
+                principal,
+                ProfileCompilerOptions.create()
+                    .compileGuiAdminConfiguration(true)
+                    .collectAuthorization(true)
+                    .locateSecurityPolicy(true));
+    }
+
+    @Override
+    public @NotNull CompiledGuiProfile refreshCompiledProfile(GuiProfiledPrincipal principal, ProfileCompilerOptions options) {
         OperationResult result = new OperationResult("refreshCompiledProfile");
 
         // Maybe focus was also changed, we should probably reload it
@@ -483,7 +493,7 @@ public <O extends ObjectType> void invalidate(Class<O> type, String oid, boolean
         } catch (ObjectNotFoundException e) {
             throw new SystemException("Focus was deleted");
         } catch (SchemaException e) {
-             throw new SystemException("Encountered schema exception", e);
+            throw new SystemException("Encountered schema exception", e);
         }
         securityContextManager.setTemporaryPrincipalOid(focusOid);
         try {
@@ -496,10 +506,7 @@ public <O extends ObjectType> void invalidate(Class<O> type, String oid, boolean
                     principal,
                     systemConfiguration,
                     null,
-                    ProfileCompilerOptions.create()
-                            .compileGuiAdminConfiguration(true)
-                            .collectAuthorization(true)
-                            .locateSecurityPolicy(true));
+                    options);
             principal.clearEffectivePrivilegesModification(); // we just recomputed them strictly from user's assignments
             return principal.getCompiledGuiProfile();
         } finally {