fixing delete operation for dependent accounts

Evolveum · Oct 14, 2014 · bf6692e · bf6692e
1 parent d2f17b8
commit bf6692e
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 39 deletions.
diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensUtil.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensUtil.java
@@ -622,7 +622,7 @@ public static <F extends ObjectType> void loadFullAccount(LensContext<F> context
 			accCtx.determineFullShadowFlag(oldShadow.getFetchResult());
 
 		} catch (ObjectNotFoundException ex){
-			if (accCtx.isDelete()){
+			if (accCtx.isDelete() || context.getFocusContext().isDelete()){
 				//this is OK, shadow was deleted, but we will continue in processing with old shadow..and set it as full so prevent from other full loading
 				accCtx.setFullShadow(true);
 			} else 

diff --git a/...pl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/DependencyProcessor.java b/...pl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/DependencyProcessor.java
@@ -407,20 +407,6 @@ public <F extends ObjectType> boolean checkDependencies(LensContext<F> context,
 						|| strictness == ResourceObjectTypeDependencyStrictnessType.RELAXED) {
 					if (wasProvisioned(dependencyAccountContext, context.getExecutionWave())) {
 						// everything OK
-//						if (ResourceTypeUtil.isForceLoadDependentShadow(dependency) && !dependencyAccountContext.isDelete()){
-//							LOGGER.info("FORCE TO LOAD FULL ACCOUNT " + dependencyAccountContext);
-//							try {
-//								LensUtil.loadFullAccount(context, dependencyAccountContext, provisioningService, result);
-//								dependencyAccountContext.setDoReconciliation(true);
-//								if (dependencyAccountContext.getExecutedDeltas() != null && !dependencyAccountContext.getExecutedDeltas().isEmpty()){
-//									context.resetProjectionWave();
-//								}
-//							} catch (ObjectNotFoundException | CommunicationException | SchemaException
-//									| ConfigurationException | SecurityViolationException e) {
-//								// this is not fatal error. we can continue without full account..the incosinstencies will be treaten later, by reconciliation
-//								LOGGER.warn("Could not load dependent shadow, continue with the shadow loaded before.");
-//							}
-//						}
 					} else {
 						// We do not want to throw exception here. That will stop entire projection.
 						// Let's just mark the projection as broken and skip it.

diff --git a/testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestScience.java b/testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestScience.java
@@ -38,11 +38,13 @@
 import com.evolveum.midpoint.test.DummyResourceContoller;
 import com.evolveum.midpoint.test.IntegrationTestTools;
 import com.evolveum.midpoint.test.util.TestUtil;
+import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
+import com.sleepycat.je.rep.impl.RepGroupProtocol.Fail;
 
 /**
  * 
@@ -223,6 +225,13 @@ public void test200delteUserJack() throws Exception {
 		IntegrationTestTools.display("Result: ", result);
 		AssertJUnit.assertTrue("Unexpected failure", result.isSuccess());
 
+		try {
+			repositoryService.getObject(UserType.class, USER_JACK_OID, null, result);
+			AssertJUnit.fail("Unexpected user jack. It must not exist.");
+		} catch (ObjectNotFoundException ex){
+			//this is OK
+		}
+
 
 	}
 

diff --git a/testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestTrafo.java b/testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestTrafo.java
@@ -731,6 +731,7 @@ public void test150JackAssignRoleEmployee() throws Exception {
 
  		PrismProperty<Integer> generatedValue = userJack.findExtensionItem(TRAFO_EXTENSION_UID_QNAME);
  		assertNotNull("Generated id value must not be null", generatedValue);
+ 		assertFalse("Generated value must not be empty", generatedValue.isEmpty());
 
  		// Set by inbound mappings
  		PrismAsserts.assertPropertyValue(userJack, UserType.F_EMAIL_ADDRESS, "Jack.Sparrow@" + TRAFO_MAIL_DOMAIN);
@@ -748,7 +749,7 @@ public void test150JackAssignRoleEmployee() throws Exception {
         dummyAuditService.assertExecutionDeltas(0,3);
         dummyAuditService.asserHasDelta(0,ChangeType.MODIFY, UserType.class); // primary, link (2 deltas)
         dummyAuditService.asserHasDelta(0,ChangeType.ADD, ShadowType.class); // AD account
-        dummyAuditService.assertExecutionDeltas(1,3);
+        dummyAuditService.assertExecutionDeltas(1,2);
         dummyAuditService.asserHasDelta(1,ChangeType.MODIFY, UserType.class); // link
         dummyAuditService.asserHasDelta(1,ChangeType.ADD, ShadowType.class); // Mail account
         dummyAuditService.assertExecutionDeltas(2,2);

diff --git a/testing/story/src/test/resources/trafo/resource-dummy-ad.xml b/testing/story/src/test/resources/trafo/resource-dummy-ad.xml
@@ -313,29 +313,29 @@ if (basic.stringify(employeeType) == 'T' || basic.stringify(employeeType) == 'R'
 						</target>
 					</inbound>
 				</attribute>
-				<attribute>
-					<ref>ri:description</ref>
-					<outbound>
-						<source>
-							<path>$user/title</path>
-						</source>
-						<source>
-							<path>extension/trafo:uid</path>
-							<name>extensionUid</name>
-						</source>
-						<expression>
-							<script>
-								<code>extensionUid</code>
-							</script>
-						</expression>
-					</outbound>
-					<inbound>
-						<strength>weak</strength>
-						<target>
-							<path>$user/title</path>
-						</target>
-					</inbound>
-				</attribute>
+<!-- 				<attribute> -->
+<!-- 					<ref>ri:description</ref> -->
+<!-- 					<outbound> -->
+<!-- 						<source> -->
+<!-- 							<path>$user/title</path> -->
+<!-- 						</source> -->
+<!-- 						<source> -->
+<!-- 							<path>extension/trafo:uid</path> -->
+<!-- 							<name>extensionUid</name> -->
+<!-- 						</source> -->
+<!-- 						<expression> -->
+<!-- 							<script> -->
+<!-- 								<code>extensionUid</code> -->
+<!-- 							</script> -->
+<!-- 						</expression> -->
+<!-- 					</outbound> -->
+<!-- 					<inbound> -->
+<!-- 						<strength>weak</strength> -->
+<!-- 						<target> -->
+<!-- 							<path>$user/title</path> -->
+<!-- 						</target> -->
+<!-- 					</inbound> -->
+<!-- 				</attribute> -->
 				<!-- This attribute must be set to
 other than "false". We will set it to "true" to expire the password
 immediately (after create). Note there is no "initial" attribute, because the

diff --git a/testing/story/src/test/resources/trafo/role-employee.xml b/testing/story/src/test/resources/trafo/role-employee.xml
@@ -26,6 +26,20 @@
     <inducement>
     	<construction>
     		<resourceRef oid="14400000-0000-0000-0000-000000000003" type="c:ResourceType"/>
+    		<attribute>
+					<ref>ri:description</ref>
+					<outbound>
+						<source>
+							<path>extension/trafo:uid</path>
+							<name>extensionUid</name>
+						</source>
+<!-- 						<expression> -->
+<!-- 							<script> -->
+<!-- 								<code>extensionUid</code> -->
+<!-- 							</script> -->
+<!-- 						</expression> -->
+					</outbound>
+				</attribute>
     	</construction>
     </inducement>
 </role>