continue fixing..(provisioning tests)

infra/prism/src/main/java/com/evolveum/midpoint/prism/crypto/AESProtector.java

@@ -187,7 +187,9 @@ private String getEncryptionKeyAlias() {
 	@Override
 	public <T> void decrypt(ProtectedData<T> protectedData) throws EncryptionException, SchemaException {
 		if (!protectedData.isEncrypted()) {
-			throw new IllegalArgumentException("Attempt to decrypt protected data that are not encrypted");
+			return;
+			//TODO: is this exception really needed?? isn't it better just return the same protected data??
+			//throw new IllegalArgumentException("Attempt to decrypt protected data that are not encrypted");
 		}
 
 		EncryptedDataType encryptedDataType = protectedData.getEncryptedDataType();
@@ -271,17 +273,30 @@ public <T> void encrypt(ProtectedData<T> protectedData) throws EncryptionExcepti
 
     @Override
     public String decryptString(ProtectedStringType protectedString) throws EncryptionException {
-        throw new UnsupportedOperationException();      // TODO implement this
+        try {
+        	decrypt(protectedString);
+        	return protectedString.getClearValue();
+        } catch (SchemaException ex){
+        	throw new EncryptionException(ex);
+        }
+
     }
 
     @Override
     public ProtectedStringType encryptString(String text) throws EncryptionException {
-        throw new UnsupportedOperationException();      // TODO implement this
+    	ProtectedStringType protectedString = new ProtectedStringType();
+    	protectedString.setClearValue(text);
+    	encrypt(protectedString);
+    	return protectedString;
+
+//        throw new UnsupportedOperationException();      // TODO implement this
     }
 
     @Override
     public boolean isEncrypted(ProtectedStringType ps) {
-        throw new UnsupportedOperationException();      // TODO implement this
+    	Validate.notNull(ps, "Protected string must not be null.");
+    	return ps.isEncrypted();
+//        throw new UnsupportedOperationException();      // TODO implement this
     }
 
     private byte[] encryptBytes(byte[] clearData, String algorithmUri, Key key) throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException {

infra/prism/src/main/java/com/evolveum/midpoint/prism/parser/XNodeProcessor.java

@@ -546,7 +546,12 @@ public QName transform(QName in) {
         if (protectedType.isEmpty()){
             XNode xClearValue = xmap.get(ProtectedDataType.F_CLEAR_VALUE);
             if (xClearValue == null){
-                return;
+            	//TODO: try to use common namespace (only to be compatible with previous versions)
+            	//FIXME maybe add some warning, info...
+            	xClearValue = xmap.get(new QName(ProtectedDataType.F_CLEAR_VALUE.getLocalPart()));
+            }
+            if (xClearValue == null){
+            	return;
             }
             if (!(xClearValue instanceof PrimitiveXNode)){
                 //this is maybe not good..

infra/prism/src/main/java/com/evolveum/midpoint/prism/util/RawTypeUtil.java

@@ -47,56 +47,41 @@ public static <V extends PrismValue> Item<V> getParsedItem(ItemDefinition itemDe
 			if (itemDefinition == null && containerDef != null){
 				itemDefinition = containerDef.getPrismContext().getXnodeProcessor().locateItemDefinition(containerDef, elementQName, rawValue.getXnode());
 			}
-			V parsed = rawValue.getParsedValue(itemDefinition);
+			V parsed = rawValue.getParsedValue(itemDefinition, elementQName);
 			if (parsed != null){
 				parsedValues.add(parsed);
 			}
 		}
 
+		if (itemDefinition == null){
+			PrismProperty property = new PrismProperty(elementQName);
+            property.addAll(PrismValue.cloneCollection(parsedValues));
+            return property;
+		}
+
+
 			if (itemDefinition instanceof PrismPropertyDefinition<?>) {
 				// property
 				PrismProperty<?> property = ((PrismPropertyDefinition<?>) itemDefinition).instantiate();
 				for (V val : parsedValues){
 					property.add((PrismPropertyValue) val.clone());
 				}
-//				if (parsed != null){
-//					property.setValue((PrismPropertyValue)parsed.clone());
-//				}
 				subItem = (Item<V>) property;
 
 			} else if (itemDefinition instanceof PrismContainerDefinition<?>) {
-//				if (realValue instanceof Containerable) {
 					PrismContainer<?> container = ((PrismContainerDefinition<?>) itemDefinition)
 							.instantiate();
-//					PrismContainerValue subValue = ((Containerable) realValue).asPrismContainerValue();
 					for (V val : parsedValues){
 						container.add((PrismContainerValue) val.clone());
 					}
-//					container.add((PrismContainerValue) parsed.clone());
 					subItem = (Item<V>) container;
-//				} else {
-//					throw new IllegalArgumentException("Unsupported JAXB bean " + realValue.getClass());
-//				}
 			} else if (itemDefinition instanceof PrismReferenceDefinition) {
 				// TODO
-//				if (realValue instanceof Referencable) {
 					PrismReference reference = ((PrismReferenceDefinition) itemDefinition).instantiate();
-//					PrismReferenceValue refValue = ((Referencable) realValue).asReferenceValue();
 					for (V val : parsedValues){
 						reference.merge((PrismReferenceValue) val.clone());
 					}
-//					reference.merge((PrismReferenceValue) parsed.clone());
 					subItem = (Item<V>) reference;
-//				} else if (realValue instanceof Objectable){
-//					// TODO: adding reference with object??
-//					PrismReference reference = ((PrismReferenceDefinition) itemDefinition).instantiate();
-//					PrismReferenceValue refVal = new PrismReferenceValue();
-//					refVal.setObject(((Objectable) realValue).asPrismObject());
-//					reference.merge(refVal);
-//					subItem = (Item<V>) reference;
-//				} else{
-//					throw new IllegalArgumentException("Unsupported JAXB bean" + realValue);
-//				}
 
 			} else {
 				throw new IllegalArgumentException("Unsupported definition type " + itemDefinition.getClass());

infra/prism/src/main/java/com/evolveum/prism/xml/ns/_public/types_2/ProtectedDataType.java

@@ -90,6 +90,7 @@ public abstract class ProtectedDataType<T> implements ProtectedData<T>, Serializ
 	public static final QName F_XML_DSIG_KEY_INFO = new QName(NS_XML_DSIG, "KeyInfo");
 	public static final QName F_XML_DSIG_KEY_NAME = new QName(NS_XML_DSIG, "KeyName");
 
+
 	@XmlTransient
 	private EncryptedDataType encryptedDataType;
 
@@ -178,6 +179,9 @@ private void clearContent() {
     }
 
     private boolean addContent(Object newObject) {
+    	if (newObject instanceof String){
+    		return true;
+    	} else
     	if (newObject instanceof JAXBElement<?>) {
     		JAXBElement<?> jaxbElement = (JAXBElement<?>)newObject;
     		if (QNameUtil.match(F_ENCRYPTED_DATA, jaxbElement.getName())) {
@@ -192,6 +196,9 @@ private boolean addContent(Object newObject) {
     		if (QNameUtil.match(F_XML_ENC_ENCRYPTED_DATA, elementName)) {
     			encryptedDataType = convertXmlEncToEncryptedDate(element);
     			return true;
+    		} else if (QNameUtil.match(F_CLEAR_VALUE, elementName)){
+    			clearValue = (T) element.getTextContent();
+    			return true;
     		} else {
     			throw new IllegalArgumentException("Attempt to add unknown DOM element "+elementName);
     		}
@@ -309,7 +316,7 @@ protected void cloneTo(ProtectedDataType<T> cloned) {
         }
     }
 
-    class ContentList implements List<Object> {
+    class ContentList implements List<Object>, Serializable {
 
 		@Override
 		public int size() {
@@ -343,6 +350,7 @@ public boolean hasNext() {
 				@Override
 				public Object next() {
 					if (index == 0) {
+						index++;
 						return toJaxbElement(encryptedDataType);
 					} else {
 						return null;

infra/prism/src/main/java/com/evolveum/prism/xml/ns/_public/types_2/ProtectedStringType.java

@@ -49,7 +49,11 @@ public class ProtectedStringType extends ProtectedDataType<String> {
 	public static final QName COMPLEX_TYPE = new QName("http://prism.evolveum.com/xml/ns/public/types-2", "ProtectedStringType");
 
 	private static final String CHARSET = "UTF-8";
-
+
+	public ProtectedStringType() {
+		content = new ContentList();
+	}
+
 	@Override
 	public byte[] getClearBytes() {
 		String clearValue = getClearValue();

infra/prism/src/main/java/com/evolveum/prism/xml/ns/_public/types_2/RawType.java

@@ -438,7 +438,7 @@ public Object getRealValue(){
         	return realValue;
         }
 
-	public <V extends PrismValue> V getParsedValue(ItemDefinition itemDefinition) throws SchemaException {
+	public <V extends PrismValue> V getParsedValue(ItemDefinition itemDefinition, QName itemName) throws SchemaException {
 		V value = null;
 
 		if (parsed != null){
@@ -453,8 +453,13 @@ public <V extends PrismValue> V getParsedValue(ItemDefinition itemDefinition) th
 						itemDefinition);
 				value = subItem.getValue(0);
 				xnode = null;
-			} else 
-				throw new SchemaException("no definition..cannot parse xnode " + xnode);
+			} else { 
+				PrismProperty<V> subItem = XNodeProcessor.parsePrismPropertyRaw(xnode, itemName);
+				value = (V) subItem.getValue();
+				xnode = null;
+//				throw new SchemaException("no definition..cannot parse xnode " + xnode);
+			}
+//				
 //			} else {
 //				if (xnode instanceof PrimitiveXNode){
 //					if (((PrimitiveXNode) xnode).isParsed()){

infra/schema/src/main/java/com/evolveum/midpoint/schema/constants/SchemaConstants.java

@@ -101,9 +101,6 @@ public abstract class SchemaConstants {
 	public static final QName C_SYSTEM_CONFIGURATION = new QName(NS_C, "systemConfiguration");
 	public static final QName C_SYSTEM_CONFIGURATION_GLOBAL_ACCOUNT_SYNCHRONIZATION_SETTINGS = new QName(NS_C,
 			"globalAccountSynchronizationSettings");
-	public static final QName T_PROTECTED_STRING_TYPE = new QName(NS_C, "ProtectedStringType");
-	public static final QName T_PROTECTED_STRING = new QName(NS_C, "protectedString");
-	public static final QName T_PROTECTED_BYTE_ARRAY_TYPE = new QName(NS_C, "ProtectedByteArrayType");
 
 	public static final QName C_REPORT = new QName(NS_C, "report");
 	public static final QName C_REPORT_OUTPUT = new QName(NS_C, "reportOutput");
@@ -114,6 +111,9 @@ public abstract class SchemaConstants {
 	public static final QName T_POLY_STRING_TYPE = new QName(SchemaConstantsGenerated.NS_TYPES, "PolyStringType");
     public static final QName T_OBJECT_DELTA = new QName(SchemaConstantsGenerated.NS_TYPES, "objectDelta");
     public static final QName T_OBJECT_DELTA_TYPE = new QName(SchemaConstantsGenerated.NS_TYPES, "ObjectDeltaType");
+//    public static final QName T_PROTECTED_STRING_TYPE = new QName(NS_C, "ProtectedStringType");
+//	public static final QName T_PROTECTED_STRING = new QName(NS_C, "protectedString");
+//	public static final QName T_PROTECTED_BYTE_ARRAY_TYPE = new QName(NS_C, "ProtectedByteArrayType");
 
     public static final QName ORG_MANAGER = new QName(NS_ORG, "manager");
 

infra/schema/src/main/resources/xml/ns/public/common/common-2a.xsd

@@ -6992,6 +6992,7 @@
             <xsd:element name="entry" type="tns:EntryType" minOccurs="0" maxOccurs="unbounded"/>
         </xsd:sequence>
     </xsd:complexType>
+    <xsd:element name="params" type="tns:ParamsType"/>
 
     <xsd:complexType name="EntryType">
         <xsd:sequence>

infra/schema/src/test/java/com/evolveum/midpoint/schema/TestJaxbSanity.java

@@ -202,7 +202,8 @@ public void testUnmarshallAndEqualsUserMixed() throws Exception {
 		ConstructionType ac1 = user1Type.getAssignment().get(0).getConstruction();
 		ConstructionType ac2 = user2Type.getAssignment().get(0).getConstruction();
 		assertTrue("ConstructionType not equals", ac1.equals(ac2));
-
+		System.out.println(user1.debugDump());
+		System.out.println(user2.debugDump());
 		// WHEN, THEN
 		assertTrue("User not equals (PrismObject)", user1.equals(user2));
 		assertTrue("User not equivalent (PrismObject)", user1.equivalent(user2));

infra/schema/src/test/resources/common/user-barbossa.xml

@@ -35,7 +35,7 @@
 		<foo:multi xsi:type="xsd:string">dva</foo:multi>
 		<foo:multi xsi:type="xsd:string">tri</foo:multi>
 		<foo:password xsi:type="t:ProtectedStringType">
-			<clearValue>openS3zam3</clearValue>
+			<t:clearValue>openS3zam3</t:clearValue>
 		</foo:password>
 	</extension>
 
@@ -68,7 +68,7 @@
     <credentials>
         <password>
         	<value>
-	            <clearValue>deadjacktellnotales</clearValue>
+	            <t:clearValue>deadjacktellnotales</t:clearValue>
             </value>
         </password>
     </credentials>

provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ResourceManager.java

@@ -437,8 +437,8 @@ private void completeSchemaAndCapabilities(PrismObject<ResourceType> resource, R
 		CachingMetadataType cachingMetadata = MiscSchemaUtil.generateCachingMetadata();
 		capType.setCachingMetadata(cachingMetadata);
 
-		ObjectDelta<ResourceType> capabilitiesReplaceDelta = ObjectDelta.createModificationReplaceProperty(ResourceType.class, resource.getOid(), 
-				ResourceType.F_CAPABILITIES, prismContext, capType);
+		ObjectDelta<ResourceType> capabilitiesReplaceDelta = ObjectDelta.createModificationReplaceContainer(ResourceType.class, resource.getOid(), 
+				ResourceType.F_CAPABILITIES, prismContext, capType.asPrismContainerValue().clone());
 
 		modifications.addAll((Collection<? extends ItemDelta<?>>) capabilitiesReplaceDelta.getModifications());
 

provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/ConnectorInstanceIcfImpl.java

@@ -31,9 +31,11 @@
 import javax.xml.namespace.QName;
 
 import com.evolveum.midpoint.util.DebugUtil;
-
+import com.evolveum.prism.xml.ns._public.types_2.ProtectedByteArrayType;
 import com.evolveum.prism.xml.ns._public.types_2.ProtectedStringType;
+
 import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.Validate;
 import org.identityconnectors.common.pooling.ObjectPoolConfiguration;
 import org.identityconnectors.common.security.GuardedByteArray;
@@ -126,6 +128,7 @@
 import com.evolveum.midpoint.schema.util.SchemaDebugUtil;
 import com.evolveum.midpoint.util.DOMUtil;
 import com.evolveum.midpoint.util.PrettyPrinter;
+import com.evolveum.midpoint.util.QNameUtil;
 import com.evolveum.midpoint.util.exception.CommunicationException;
 import com.evolveum.midpoint.util.exception.ConfigurationException;
 import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
@@ -402,15 +405,17 @@ private QName icfTypeToXsdType(Class<?> type, boolean isConfidential) {
 			// implementing Potemkin-like security. Use a temporary
 			// "nonsense" type for now, so this will fail in tests and
 			// will be fixed later
-			propXsdType = SchemaConstants.T_PROTECTED_STRING_TYPE;
+//			propXsdType = SchemaConstants.T_PROTECTED_STRING_TYPE;
+			propXsdType = ProtectedStringType.COMPLEX_TYPE;
 		} else if (GuardedByteArray.class.equals(type) || 
 				(Byte.class.equals(type) && isConfidential)) {
 			// GuardedString is a special case. It is a ICF-specific
 			// type
 			// implementing Potemkin-like security. Use a temporary
 			// "nonsense" type for now, so this will fail in tests and
 			// will be fixed later
-			propXsdType = SchemaConstants.T_PROTECTED_BYTE_ARRAY_TYPE;
+//			propXsdType = SchemaConstants.T_PROTECTED_BYTE_ARRAY_TYPE;
+			propXsdType = ProtectedByteArrayType.COMPLEX_TYPE;
 		} else {
 			propXsdType = XsdTypeMapper.toXsdType(type);
 		}
@@ -2160,15 +2165,21 @@ private void convertFromPassword(Set<Attribute> attributes, PropertyDelta<Protec
 			throw new IllegalArgumentException("No password was provided");
 		}
 
-		if (passwordDelta.getElementName().equals(PasswordType.F_VALUE)) {
-			PrismProperty<ProtectedStringType> newPassword = passwordDelta.getPropertyNew();
-			if (newPassword == null || newPassword.isEmpty()){
-				LOGGER.trace("Skipping processing password delta. Password delta does not contain new value.");
+		QName elementName = passwordDelta.getElementName();
+		if (StringUtils.isBlank(elementName.getNamespaceURI())) {
+			if (!QNameUtil.match(elementName, PasswordType.F_VALUE)) {
 				return;
 			}
-			GuardedString guardedPassword = toGuardedString(newPassword.getValue().getValue(), "new password");
-			attributes.add(AttributeBuilder.build(OperationalAttributes.PASSWORD_NAME, guardedPassword));
+		} else if (!passwordDelta.getElementName().equals(PasswordType.F_VALUE)) {
+			return;
+		}
+		PrismProperty<ProtectedStringType> newPassword = passwordDelta.getPropertyNew();
+		if (newPassword == null || newPassword.isEmpty()) {
+			LOGGER.trace("Skipping processing password delta. Password delta does not contain new value.");
+			return;
 		}
+		GuardedString guardedPassword = toGuardedString(newPassword.getValue().getValue(), "new password");
+		attributes.add(AttributeBuilder.build(OperationalAttributes.PASSWORD_NAME, guardedPassword));
 
 	}
 

provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestOpenDJ.java

@@ -628,7 +628,7 @@ public void test140ModifyObject() throws Exception {
 
 		ObjectModificationType objectChange = PrismTestUtil.unmarshalObject(
 				new File("src/test/resources/impl/account-change-description.xml"), ObjectModificationType.class);
-		ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(objectChange, ShadowType.class, PrismTestUtil.getPrismContext());
+		ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(objectChange, object.asPrismObject().getDefinition());
 
 		ItemPath icfNamePath = new ItemPath(
 				ShadowType.F_ATTRIBUTES, ConnectorFactoryIcfImpl.ICFS_NAME);
@@ -723,7 +723,7 @@ public void test150ChangePassword() throws Exception {
 
 		ObjectModificationType objectChange = PrismTestUtil.unmarshalObject(
 				new File("src/test/resources/impl/account-change-password.xml"), ObjectModificationType.class);
-		ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(objectChange, ShadowType.class, PrismTestUtil.getPrismContext());
+		ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(objectChange, accountType.asPrismObject().getDefinition());
 		display("Object change",delta);
 
 		// WHEN
@@ -870,7 +870,7 @@ public void test170DisableAccount() throws Exception{
 
 		ObjectModificationType objectChange = PrismTestUtil.unmarshalObject(
 				new File(REQUEST_DISABLE_ACCOUNT_SIMULATED_FILENAME), ObjectModificationType.class);
-		ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(objectChange, ShadowType.class, PrismTestUtil.getPrismContext());
+		ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(objectChange, object.asPrismObject().getDefinition());
 		display("Object change",delta);
 
 		// WHEN