Merge branch 'master' of https://github.com/Evolveum/midpoint

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/util/ExactMatchMountedMapper.java

@@ -16,17 +16,22 @@
 
 package com.evolveum.midpoint.web.util;
 
+import com.evolveum.midpoint.util.logging.Trace;
+import com.evolveum.midpoint.util.logging.TraceManager;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.wicket.core.request.mapper.MountedMapper;
 import org.apache.wicket.request.Url;
 import org.apache.wicket.request.component.IRequestablePage;
 import org.apache.wicket.request.mapper.parameter.IPageParametersEncoder;
+import org.apache.wicket.request.mapper.parameter.PageParametersEncoder;
 
 /**
  * Created by lazyman on 09/03/2017.
  */
 public class ExactMatchMountedMapper extends MountedMapper {
 
+    private static final Trace LOG = TraceManager.getTrace(ExactMatchMountedMapper.class);
+
     public ExactMatchMountedMapper(String mountPath,
                                    Class<? extends IRequestablePage> pageClass,
                                    IPageParametersEncoder pageParametersEncoder) {
@@ -46,7 +51,15 @@ protected boolean urlStartsWithMountedSegments(Url url) {
             return false;
         }
 
+        if (!(pageParametersEncoder instanceof PageParametersEncoder)) {
+            LOG.trace("Matching using standard mounted mapper for '{}'", url);
+            return super.urlStartsWithMountedSegments(url);
+        }
+
         String mountUrl = StringUtils.join(mountSegments, "/");
-        return url.getPath().equals(mountUrl);
+        boolean matched = url.getPath().equals(mountUrl);
+
+        LOG.trace("Matched: {} for '{}' with mount url '{}'", matched, url, mountUrl);
+        return matched;
     }
 }

infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd

@@ -8509,7 +8509,7 @@
         <xsd:annotation>
             <xsd:documentation>
                 Selects some assignments from all the assignments in the object.
-                E.g. may be used to select only some assignments/inducments for a role.
+                E.g. may be used to select only some assignments/inducements for a role.
             </xsd:documentation>
             <xsd:appinfo>
                 <a:container/>
@@ -11050,10 +11050,71 @@
 					</xsd:appinfo>
 			    </xsd:annotation>
 			</xsd:element>
-			<!-- TODO: role assignment mode: multiple, single, parametric-multiple -->
+			<xsd:element name="defaultAssignmentMultiplicity" type="tns:AssignmentMultiplicityType" minOccurs="0" default="single">
+				<xsd:annotation>
+					<xsd:documentation>
+						Default multiplicity or role assignment. This value defines whether the same
+						abstract role may be assigned only once or multiple times to the same focus.
+						This is the system-wide default value.
+						It will be possible to override this value for each individual role using the
+						policy rules in the future midPoint versions.
+					</xsd:documentation>
+					<xsd:appinfo>
+						<a:since>3.6</a:since>
+					</xsd:appinfo>
+				</xsd:annotation>
+			</xsd:element>
         </xsd:sequence>
     </xsd:complexType>
 
+    <xsd:simpleType name="AssignmentMultiplicityType">
+        <xsd:annotation>
+            <xsd:documentation>
+                Multiplicity or role assignment. This value defines whether the same
+				abstract role may be assigned only once or multiple times to the same focus.
+            </xsd:documentation>
+            <xsd:appinfo>
+                <jaxb:typesafeEnumClass/>
+                <a:since>3.6</a:since>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:restriction base="xsd:string">
+            <xsd:enumeration value="single">
+                <xsd:annotation>
+                	<xsd:documentation>
+                		The role may be assigned to each focus only once.
+                	</xsd:documentation>
+                    <xsd:appinfo>
+                        <jaxb:typesafeEnumMember name="SINGLE"/>
+                    </xsd:appinfo>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="parametricMultiple">
+                <xsd:annotation>
+                	<xsd:documentation>
+                		The role may be assigned to each focus multiple times,
+                		but easch assignment must have different assignment
+                		parameters.
+                	</xsd:documentation>
+                    <xsd:appinfo>
+                        <jaxb:typesafeEnumMember name="PARAMETRIC_MULTIPLE"/>
+                    </xsd:appinfo>
+                </xsd:annotation>
+            </xsd:enumeration>
+            <xsd:enumeration value="multiple">
+                <xsd:annotation>
+                	<xsd:documentation>
+                		The role may be assigned to each focus multiple times.
+                		There is no limitation as to the number of assignments.
+                	</xsd:documentation>
+                    <xsd:appinfo>
+                        <jaxb:typesafeEnumMember name="MULTIPLE"/>
+                    </xsd:appinfo>
+                </xsd:annotation>
+            </xsd:enumeration>
+       </xsd:restriction>
+    </xsd:simpleType>
+
     <xsd:complexType name="PolicyRuleType">
         <xsd:annotation>
             <xsd:documentation>

infra/schema/src/main/resources/xml/ns/public/model/scripting/scripting-3.xsd

@@ -85,6 +85,29 @@
     <!--</xsd:complexType>-->
     <!--<xsd:element name="expression" type="tns:ScriptingExpressionType" />-->
 
+    <xsd:complexType name="ScriptingExpressionEvaluationOptionsType">
+        <xsd:annotation>
+            <xsd:documentation>
+                Options related to evaluation of scripting expression.
+                EXPERIMENTAL
+                In the future, these may become part of any scripting expression, allowing parts of a complex expression
+                to be evaluated differently from its other parts.
+            </xsd:documentation>
+            <xsd:appinfo>
+            </xsd:appinfo>
+        </xsd:annotation>
+        <xsd:sequence>
+            <xsd:element name="continueOnAnyError" type="xsd:boolean" minOccurs="0">
+                <xsd:annotation>
+                    <xsd:documentation>
+                        Causes evaluation to continue even in the presence of any errors.
+                        TODO make this more elaborate w.r.t. kind of error(s) encountered.
+                    </xsd:documentation>
+                </xsd:annotation>
+            </xsd:element>
+        </xsd:sequence>
+    </xsd:complexType>
+
     <xsd:element name="scriptingExpression" type="tns:ScriptingExpressionType"  />        <!-- constants have to be treated separately -->
     <xsd:element name="expression" type="tns:ScriptingExpressionType" substitutionGroup="tns:scriptingExpression">
 		<xsd:annotation>
@@ -388,6 +411,7 @@
         <xsd:sequence>
             <xsd:element ref="tns:scriptingExpression"/>
             <xsd:element name="input" type="tns:ItemListType" minOccurs="0"/>
+            <xsd:element name="options" type="tns:ScriptingExpressionEvaluationOptionsType" minOccurs="0"/>
         </xsd:sequence>
     </xsd:complexType>
 

model/model-api/src/main/java/com/evolveum/midpoint/model/api/ScriptingService.java

@@ -21,6 +21,7 @@
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.exception.SecurityViolationException;
+import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ExecuteScriptType;
 import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ScriptingExpressionType;
 
 import javax.xml.namespace.QName;
@@ -46,7 +47,9 @@ public interface ScriptingService {
      *
      * TODO consider removing this method (it was meant as a simplified version of the method below)
      */
-    public void evaluateExpressionInBackground(QName objectType, ObjectFilter filter, String actionName, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException;
+    @Deprecated
+    void evaluateExpressionInBackground(QName objectType, ObjectFilter filter, String actionName, Task task,
+            OperationResult parentResult) throws SchemaException, SecurityViolationException;
 
     /**
      * Asynchronously executes any scripting expression.
@@ -59,7 +62,7 @@ public interface ScriptingService {
      * @param parentResult
      * @throws SchemaException
      */
-    public void evaluateExpressionInBackground(ScriptingExpressionType expression, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException;
+    void evaluateExpressionInBackground(ScriptingExpressionType expression, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException;
 
     /**
      * Synchronously executes any scripting expression (with no input data).
@@ -72,5 +75,10 @@ public interface ScriptingService {
      * TODO return ExecutionContext (requires moving the context to model api)
      */
 
-    public ScriptExecutionResult evaluateExpression(ScriptingExpressionType expression, Task task, OperationResult result) throws ScriptExecutionException, SchemaException, SecurityViolationException;
+    ScriptExecutionResult evaluateExpression(ScriptingExpressionType expression, Task task, OperationResult result)
+			throws ScriptExecutionException, SchemaException, SecurityViolationException;
+
+	ScriptExecutionResult evaluateExpression(ExecuteScriptType executeScriptCommand, Task task, OperationResult result)
+			throws ScriptExecutionException, SchemaException, SecurityViolationException;
+
 }

model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/AssignmentPath.java

@@ -24,20 +24,25 @@
 import java.util.List;
 
 /**
+ * Path from the source object (focus) to the ultimate assignment that is being processed or referenced.
+ * The path consists of a chain (list) of segments. Each segment corresponds to a single assignment or inducement.
+ * The source of the first segment is the focus. Source of each following segment (i.e. assignment) is the target
+ * of previous segment (i.e. assignment).
+ *
  * @author semancik
  * @author mederly
  */
 public interface AssignmentPath extends DebugDumpable {
 
 	List<? extends AssignmentPathSegment> getSegments();
 
-	AssignmentPathSegment getFirstAssignmentSegment();
+	AssignmentPathSegment first();
 
 	boolean isEmpty();
 
 	int size();
 
-	EvaluationOrder getEvaluationOrder();
+//	EvaluationOrder getEvaluationOrder();
 
 	AssignmentPathSegment last();
 

model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/AssignmentPathSegment.java

@@ -22,27 +22,36 @@
 import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentPathSegmentType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
+import org.jetbrains.annotations.NotNull;
 
 /**
+ * Single assignment in an assignment path. In addition to the AssignmentType, it contains resolved target:
+ * full object, resolved from targetRef. If targetRef resolves to multiple objects, in the path segment
+ * one of them is stored: the one that participates in the particular assignment path.
+ *
  * @author semancik
  * @author mederly
  */
 public interface AssignmentPathSegment extends DebugDumpable {
-	boolean isAssignment();
 
 	AssignmentType getAssignment();
 
-	QName getRelation();
-
-	ObjectType getTarget();
+	/**
+	 * True if the segment corresponds to assignment. False if it's an inducement.
+	 */
+	boolean isAssignment();
 
 	ObjectType getSource();
 
-	EvaluationOrder getEvaluationOrder();
+	ObjectType getTarget();
 
-	ObjectType getOrderOneObject();
+	QName getRelation();
 
+	/**
+	 * True if the relation is a delegation one.
+	 */
 	boolean isDelegation();
 
+	@NotNull
 	AssignmentPathSegmentType toAssignmentPathSegmentType();
 }

model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/EvaluationOrder.java

@@ -32,6 +32,10 @@ public interface EvaluationOrder extends DebugDumpable {
 
 	EvaluationOrder advance(QName relation);
 
+	EvaluationOrder decrease(int amount);
+
+	EvaluationOrder decrease(int amount, QName relation);
+
 	int getMatchingRelationOrder(QName relation);
 
 	String shortDump();

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java

@@ -71,6 +71,7 @@
 import com.evolveum.midpoint.xml.ns._public.common.api_types_3.CompareResultType;
 import com.evolveum.midpoint.xml.ns._public.common.api_types_3.ImportOptionsType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
+import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ExecuteScriptType;
 import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ScriptingExpressionType;
 import com.evolveum.prism.xml.ns._public.types_3.EvaluationTimeType;
 
@@ -2042,6 +2043,7 @@ public void delegateWorkItem(String workItemId, List<ObjectReferenceType> delega
     //endregion
 
     //region Scripting (bulk actions)
+	@Deprecated
     @Override
     public void evaluateExpressionInBackground(QName objectType, ObjectFilter filter, String actionName, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException {
         checkScriptingAuthorization(parentResult);
@@ -2061,6 +2063,14 @@ public ScriptExecutionResult evaluateExpression(ScriptingExpressionType expressi
         return executionContext.toExecutionResult();
     }
 
+    @Override
+    public ScriptExecutionResult evaluateExpression(ExecuteScriptType scriptExecutionCommand, Task task, OperationResult result)
+			throws ScriptExecutionException, SchemaException, SecurityViolationException {
+        checkScriptingAuthorization(result);
+        ExecutionContext executionContext = scriptingExpressionEvaluator.evaluateExpression(scriptExecutionCommand, task, result);
+        return executionContext.toExecutionResult();
+    }
+
     private void checkScriptingAuthorization(OperationResult parentResult) throws SchemaException, SecurityViolationException {
         securityEnforcer.authorize(ModelAuthorizationAction.EXECUTE_SCRIPT.getUrl(), null, null, null, null, null, parentResult);
     }