Merge branch 'master' of https://github.com/Evolveum/midpoint

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/AsyncUpdatePanel.java

@@ -129,5 +129,5 @@ public boolean isVisible() {
      * @param callableParameterModel Model providing access to parameters needed by the callable
      * @return A callable instance that encapsulates the logic needed to obtain the panel data
      */
-    protected abstract Callable<T> createCallable(Authentication auth, IModel<V> callableParameterModel);
+    protected abstract SecurityContextAwareCallable<T> createCallable(Authentication auth, IModel<V> callableParameterModel);
 }

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/SecurityContextAwareCallable.java

@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2010-2014 Evolveum
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.evolveum.midpoint.web.component;
+
+import com.evolveum.midpoint.security.api.SecurityEnforcer;
+import org.apache.commons.lang.Validate;
+import org.springframework.security.core.Authentication;
+
+import java.util.concurrent.Callable;
+
+/**
+ * @author lazyman
+ */
+public abstract class SecurityContextAwareCallable<V> implements Callable<V> {
+
+    private SecurityEnforcer enforcer;
+    private Authentication authentication;
+
+    protected SecurityContextAwareCallable(SecurityEnforcer enforcer, Authentication authentication) {
+        Validate.notNull(enforcer, "Security enforcer must not be null.");
+
+        this.enforcer = enforcer;
+        this.authentication = authentication;
+    }
+
+    @Override
+    public final V call() throws Exception {
+        enforcer.setupPreAuthenticatedSecurityContext(authentication);
+
+        try {
+            return callWithContextPrepared();
+        } finally {
+            enforcer.setupPreAuthenticatedSecurityContext((Authentication) null);
+            //todo cleanup security context
+        }
+    }
+
+    public abstract V callWithContextPrepared() throws Exception;
+}

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/home/PageDashboard.java

@@ -26,6 +26,7 @@
 import com.evolveum.midpoint.util.logging.TraceManager;
 import com.evolveum.midpoint.web.application.AuthorizationAction;
 import com.evolveum.midpoint.web.application.PageDescriptor;
+import com.evolveum.midpoint.web.component.SecurityContextAwareCallable;
 import com.evolveum.midpoint.web.component.assignment.AssignmentEditorDtoType;
 import com.evolveum.midpoint.web.component.util.CallableResult;
 import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
@@ -209,12 +210,14 @@ private void initSystemInfo() {
                         "fa fa-fw fa-tachometer", DashboardColor.GREEN) {
 
                     @Override
-                    protected Callable<CallableResult<SystemInfoDto>> createCallable(final Authentication auth,
-                                                                                     IModel callableParameterModel) {
-                        return new Callable<CallableResult<SystemInfoDto>>() {
+                    protected SecurityContextAwareCallable<CallableResult<SystemInfoDto>> createCallable(
+                            Authentication auth, IModel callableParameterModel) {
+
+                        return new SecurityContextAwareCallable<CallableResult<SystemInfoDto>>(
+                                getSecurityEnforcer(), auth) {
 
                             @Override
-                            public CallableResult<SystemInfoDto> call() throws Exception {
+                            public CallableResult<SystemInfoDto> callWithContextPrepared() throws Exception {
                                 CallableResult callableResult = new CallableResult();
 
                                 //TODO - fill correct data in users and tasks graphs[shood]
@@ -246,12 +249,14 @@ private void initMyWorkItems() {
                         "fa fa-fw fa-tasks", DashboardColor.RED) {
 
                     @Override
-                    protected Callable<CallableResult<List<WorkItemDto>>> createCallable(final Authentication auth,
-                                                                                         IModel callableParameterModel) {
-                        return new Callable<CallableResult<List<WorkItemDto>>>() {
+                    protected SecurityContextAwareCallable<CallableResult<List<WorkItemDto>>> createCallable(
+                            Authentication auth, IModel callableParameterModel) {
+
+                        return new SecurityContextAwareCallable<CallableResult<List<WorkItemDto>>>(
+                                getSecurityEnforcer(), auth) {
 
                             @Override
-                            public CallableResult<List<WorkItemDto>> call() throws Exception {
+                            public CallableResult<List<WorkItemDto>> callWithContextPrepared() throws Exception {
                                 return loadWorkItems();
                             }
                         };
@@ -278,15 +283,15 @@ private void initMyAccounts() {
                         "fa fa-fw fa-external-link", DashboardColor.BLUE) {
 
                     @Override
-                    protected Callable<CallableResult<List<SimpleAccountDto>>> createCallable(final Authentication auth,
-                            IModel<Object> callableParameterModel) {
+                    protected SecurityContextAwareCallable<CallableResult<List<SimpleAccountDto>>> createCallable(
+                            Authentication auth, IModel<Object> callableParameterModel) {
 
-                        return new Callable<CallableResult<List<SimpleAccountDto>>>() {
+                        return new SecurityContextAwareCallable<CallableResult<List<SimpleAccountDto>>>(
+                                getSecurityEnforcer(), auth) {
 
                             @Override
-                            public AccountCallableResult<List<SimpleAccountDto>> call() throws Exception {
-//                                getSecurityEnforcer().setupPreAuthenticatedSecurityContext();
-
+                            public AccountCallableResult<List<SimpleAccountDto>> callWithContextPrepared()
+                                    throws Exception {
                                 return loadAccounts();
                             }
                         };
@@ -331,14 +336,14 @@ private void initAssignments() {
                         "fa fa-fw fa-star", DashboardColor.YELLOW) {
 
                     @Override
-                    protected Callable<CallableResult<List<AssignmentItemDto>>> createCallable(final Authentication auth,
-                                                                                               IModel callableParameterModel) {
-                        return new Callable<CallableResult<List<AssignmentItemDto>>>() {
+                    protected SecurityContextAwareCallable<CallableResult<List<AssignmentItemDto>>> createCallable(
+                            Authentication auth, IModel callableParameterModel) {
 
-                            @Override
-                            public CallableResult<List<AssignmentItemDto>> call() throws Exception {
-                                getSecurityEnforcer().setupPreAuthenticatedSecurityContext(auth);
+                        return new SecurityContextAwareCallable<CallableResult<List<AssignmentItemDto>>>(
+                                getSecurityEnforcer(), auth) {
 
+                            @Override
+                            public CallableResult<List<AssignmentItemDto>> callWithContextPrepared() throws Exception {
                                 return loadAssignments();
                             }
                         };

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/server/PageTaskEdit.html

@@ -186,6 +186,7 @@ <h2><wicket:message key="pageTaskEdit.opResult"/></h2>
 
             <a class="btn btn-danger" wicket:id="suspend" />
             <a class="btn btn-success" wicket:id="resume" />
+            <a class="btn btn-success" wicket:id="runNow" />
         </div>
     </form>
 </wicket:extend>

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/server/PageTaskEdit.java

@@ -117,6 +117,7 @@ public class PageTaskEdit extends PageAdminTasks {
 	private static final String OPERATION_SAVE_TASK = DOT_CLASS + "saveTask";
     private static final String OPERATION_SUSPEND_TASKS = DOT_CLASS + "suspendTask";
     private static final String OPERATION_RESUME_TASK = DOT_CLASS + "resumeTask";
+    private static final String OPERATION_RUN_NOW_TASK = DOT_CLASS + "runNowTask";
 
     private static final String ID_MAIN_FORM = "mainForm";
     private static final String ID_IDENTIFIER = "identifier";
@@ -136,6 +137,7 @@ public class PageTaskEdit extends PageAdminTasks {
     private static final String ID_OPERATION_RESULT_PANEL = "operationResultPanel";
     private static final String ID_SUSPEND = "suspend";
     private static final String ID_RESUME = "resume";
+    private static final String ID_RUN_NOW = "runNow";
     private static final String ID_DRY_RUN = "dryRun";
 
     private IModel<TaskDto> model;
@@ -169,11 +171,30 @@ private boolean isRunnableOrRunning() {
         return TaskDtoExecutionStatus.RUNNABLE.equals(exec) || TaskDtoExecutionStatus.RUNNING.equals(exec);
     }
 
+    private boolean isRunnable() {
+        TaskDtoExecutionStatus exec = model.getObject().getExecution();
+        return TaskDtoExecutionStatus.RUNNABLE.equals(exec);
+    }
+
     private boolean isRunning() {
         TaskDtoExecutionStatus exec = model.getObject().getExecution();
         return TaskDtoExecutionStatus.RUNNING.equals(exec);
     }
 
+    private boolean isClosed() {
+        TaskDtoExecutionStatus exec = model.getObject().getExecution();
+        return TaskDtoExecutionStatus.CLOSED.equals(exec);
+    }
+
+    private boolean isRecurring() {
+        return model.getObject().getRecurring();
+    }
+
+    private boolean isSuspended() {
+        TaskDtoExecutionStatus exec = model.getObject().getExecution();
+        return TaskDtoExecutionStatus.SUSPENDED.equals(exec);
+    }
+
     private TaskDto loadTask() {
 		OperationResult result = new OperationResult(OPERATION_LOAD_TASK);
         Task operationTask = getTaskManager().createTaskInstance(OPERATION_LOAD_TASK);
@@ -695,7 +716,7 @@ public void onClick(AjaxRequestTarget target) {
 
             @Override
             public boolean isVisible() {
-                return isRunnableOrRunning();
+                return !edit && isRunnableOrRunning();
             }
         });
         mainForm.add(suspend);
@@ -711,11 +732,27 @@ public void onClick(AjaxRequestTarget target) {
 
             @Override
             public boolean isVisible() {
-                return !isRunning();
+                return !edit && (isSuspended() || (isClosed() && isRecurring()));
             }
         });
         mainForm.add(resume);
-	}
+
+        AjaxButton runNow = new AjaxButton(ID_RUN_NOW, createStringResource("pageTaskEdit.button.runNow")) {
+
+            @Override
+            public void onClick(AjaxRequestTarget target) {
+                runNowPerformed(target);
+            }
+        };
+        runNow.add(new VisibleEnableBehaviour() {
+
+            @Override
+            public boolean isVisible() {
+                return !edit && (isRunnable() || (isClosed() && !isRecurring()));
+            }
+        });
+        mainForm.add(runNow);
+    }
 
 	private List<IColumn<OperationResult, String>> initResultColumns() {
 		List<IColumn<OperationResult, String>> columns = new ArrayList<IColumn<OperationResult, String>>();
@@ -864,7 +901,25 @@ private void resumePerformed(AjaxRequestTarget target) {
         setResponsePage(PageTasks.class);
     }
 
-	private static class EmptyOnBlurAjaxFormUpdatingBehaviour extends AjaxFormComponentUpdatingBehavior {
+    private void runNowPerformed(AjaxRequestTarget target) {
+        String oid = model.getObject().getOid();
+        OperationResult result = new OperationResult(OPERATION_RUN_NOW_TASK);
+        try {
+            getTaskService().scheduleTasksNow(Arrays.asList(oid), result);
+            result.computeStatus();
+
+            if (result.isSuccess()) {
+                result.recordStatus(OperationResultStatus.SUCCESS, "The task has been successfully scheduled to run.");
+            }
+        } catch (RuntimeException e) {
+            result.recordFatalError("Couldn't schedule the task due to an unexpected exception", e);
+        }
+
+        showResultInSession(result);
+        setResponsePage(PageTasks.class);
+    }
+
+    private static class EmptyOnBlurAjaxFormUpdatingBehaviour extends AjaxFormComponentUpdatingBehavior {
 
 		public EmptyOnBlurAjaxFormUpdatingBehaviour() {
 			super("onBlur");

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/server/PageTaskEdit.properties

@@ -19,6 +19,7 @@ pageTaskEdit.button.back=Back
 pageTaskEdit.button.save=Save
 pageTaskEdit.button.edit=Edit
 pageTaskEdit.button.resume=Resume
+pageTaskEdit.button.runNow=Run now
 pageTaskEdit.button.suspend=Suspend
 
 pageTaskEdit.basic=Basic

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/server/dto/ScheduleValidator.java

@@ -93,9 +93,10 @@ public void validate(Form<?> form) {
                     error(interval, "pageTask.scheduleValidation.bothIntervalAndCron");
                 }
 
-                if (interval.getModelObject() == null && StringUtils.isEmpty(cron.getModelObject())) {
-                    error(interval, "pageTask.scheduleValidation.neitherIntervalNorCron");
-                }
+                // there can be recurring tasks that are started only on demand, so we allow specifying no timing information
+//                if (interval.getModelObject() == null && StringUtils.isEmpty(cron.getModelObject())) {
+//                    error(interval, "pageTask.scheduleValidation.neitherIntervalNorCron");
+//                }
 
                 if (!StringUtils.isEmpty(cron.getModelObject())) {
                     ParseException pe = taskManager.validateCronExpression(cron.getModelObject());

gui/admin-gui/src/main/resources/initial-objects/040-role-enduser.xml

@@ -22,4 +22,31 @@
         <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#dashboard</action>
         <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#myPasswords</action>
     </authorization>
+    <authorization>
+        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
+        <object>
+            <special>self</special>
+        </object>
+    </authorization>
+    <authorization>
+        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
+        <object>
+            <type>ShadowType</type>
+            <owner>
+                <special>self</special>
+            </owner>
+        </object>
+    </authorization>
+    <authorization>
+        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
+        <object>
+            <type>OrgType</type>
+        </object>
+        <object>
+            <type>ResourceType</type>
+        </object>
+        <object>
+            <type>RoleType</type>
+        </object>
+    </authorization>
 </role>

infra/prism/src/main/java/com/evolveum/midpoint/prism/parser/XNodeProcessor.java

@@ -786,7 +786,7 @@ private SearchFilterType parseFilter(XNode xnode) throws SchemaException {
         }
         // TODO: is this warning needed?
         if (xnode.isEmpty()){
-            System.out.println("Emplty filter. Skipping parsing.");
+            System.out.println("Empty filter. Skipping parsing.");
             return null;
         }
         return SearchFilterType.createFromXNode(xnode);

infra/prism/src/main/java/com/evolveum/midpoint/prism/util/ValueSerializationUtil.java

@@ -176,7 +176,7 @@ public static String serializeItemValue(QName itemName, ItemDefinition def, Pris
 		XNodeSerializer serializer = prismContext.getXnodeProcessor().createSerializer();
 		XNode node = serializer.serializeItemValue(value, def);
 		String s = prismContext.getParserDom().serializeToString(node, itemName);
-		System.out.println("serialized ITEM VALUE: " + s);
+		//System.out.println("serialized ITEM VALUE: " + s);
 		return s;
 	}
 
@@ -186,7 +186,7 @@ public static String serializeFilter(SearchFilterType query, PrismContext prismC
 	}
 
 	public static <T> T deserializeValue(String value, Class clazz, QName itemName, ItemDefinition itemDef, PrismContext prismContext, String language) throws SchemaException{
-		System.out.println("item value deserialization");
+		//System.out.println("item value deserialization");
 
 		XNode xnode = prismContext.getParserDom().parse(value);
 
@@ -236,7 +236,7 @@ public static <T> T deserializeValue(String value, Class clazz, QName itemName,
 	}
 
 	public static Collection<? extends PrismValue> deserializeItemValues(String value, Item item, String language) throws SchemaException{
-		System.out.println("item value deserialization");
+		//System.out.println("item value deserialization");
 		PrismContext prismContext = item.getPrismContext();
 		XNode xnode = prismContext.getParserDom().parse(value);
 		if (xnode instanceof RootXNode){

model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathScriptEvaluator.java

@@ -141,7 +141,7 @@ private Object evaluate(QName returnType, String code, ExpressionVariables varia
             throws ExpressionEvaluationException, ObjectNotFoundException, ExpressionSyntaxException {
 
         XPathExpressionCodeHolder codeHolder = new XPathExpressionCodeHolder(code);
-        System.out.println("code " + code);
+        //System.out.println("code " + code);
         XPath xpath = factory.newXPath();
         XPathVariableResolver variableResolver = new LazyXPathVariableResolver(variables, objectResolver, 
         		contextDescription, prismContext, result);