Fixing support for deprecated globalPassowrdPolicyRef (+test)

infra/prism/src/main/java/com/evolveum/midpoint/prism/delta/ReferenceDelta.java

@@ -112,12 +112,12 @@ public static ReferenceDelta createModificationReplace(ItemPath path, PrismObjec
 
     public static <O extends Objectable> ReferenceDelta createModificationReplace(QName refName, Class<O> type, PrismContext ctx , String oid) {
     	PrismObjectDefinition<O> objectDefinition = ctx.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(type);
-		return createModificationReplace(refName, objectDefinition, new PrismReferenceValue(oid));
+		return createModificationReplace(refName, objectDefinition, oid==null?null:new PrismReferenceValue(oid));
 	}
 
     public static <O extends Objectable> ReferenceDelta createModificationReplace(ItemPath path, Class<O> type, PrismContext ctx, String oid) {
     	PrismObjectDefinition<O> objectDefinition = ctx.getSchemaRegistry().findObjectDefinitionByCompileTimeClass(type);
-		return createModificationReplace(path, objectDefinition, new PrismReferenceValue(oid));
+		return createModificationReplace(path, objectDefinition, oid==null?null:new PrismReferenceValue(oid));
 	}
 
     public static ReferenceDelta createModificationReplace(ItemPath path, PrismObjectDefinition<?> objectDefinition,
@@ -144,7 +144,11 @@ public static ReferenceDelta createModificationReplace(QName refName, PrismObjec
     		PrismReferenceValue refValue) {
     	PrismReferenceDefinition referenceDefinition = objectDefinition.findItemDefinition(refName, PrismReferenceDefinition.class);
     	ReferenceDelta referenceDelta = new ReferenceDelta(refName, referenceDefinition, objectDefinition.getPrismContext());              // hoping the prismContext is there
-    	referenceDelta.setValueToReplace(refValue);
+    	if (refValue == null) {
+    		referenceDelta.setValueToReplace();
+    	} else {
+    		referenceDelta.setValueToReplace(refValue);
+    	}
     	return referenceDelta;
     }
 

model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java

@@ -187,6 +187,7 @@ public <F extends FocusType> SecurityPolicyType locateSecurityPolicy(PrismObject
     	if (orgSecurityPolicy != null) {
     		SecurityPolicyType orgSecurityPolicyType = orgSecurityPolicy.asObjectable();
     		postProcessSecurityPolicy(orgSecurityPolicyType, task, result);
+    		traceSecurityPolicy(orgSecurityPolicyType, user);
     		return orgSecurityPolicyType;
     	}
 
@@ -197,9 +198,11 @@ public <F extends FocusType> SecurityPolicyType locateSecurityPolicy(PrismObject
 					SecurityPolicyType globalSecurityPolicyType = objectResolver.resolve(globalSecurityPolicyRef, SecurityPolicyType.class, null, "global security policy reference in system configuration", task, result);
 					LOGGER.trace("Using global security policy: {}", globalSecurityPolicyType);
 					postProcessSecurityPolicy(globalSecurityPolicyType, task, result);
+					traceSecurityPolicy(globalSecurityPolicyType, user);
 					return globalSecurityPolicyType;
 				} catch (ObjectNotFoundException | SchemaException e) {
 					LOGGER.error(e.getMessage(), e);
+					traceSecurityPolicy(null, user);
 					return null;
 				}
 			}
@@ -210,7 +213,9 @@ public <F extends FocusType> SecurityPolicyType locateSecurityPolicy(PrismObject
     	PrismObject<ValuePolicyType> orgPasswordPolicy = objectResolver.searchOrgTreeWidthFirstReference(user, o -> o.asObjectable().getPasswordPolicyRef(), "security policy", task, result);
     	LOGGER.trace("Found organization password policy: {}", orgPasswordPolicy);
     	if (orgPasswordPolicy != null) {
-    		return postProcessPasswordPolicy(orgPasswordPolicy.asObjectable());
+    		SecurityPolicyType policy = postProcessPasswordPolicy(orgPasswordPolicy.asObjectable());
+    		traceSecurityPolicy(policy, user);
+    		return policy;
     	}
 
     	if (systemConfiguration != null) {
@@ -219,9 +224,12 @@ public <F extends FocusType> SecurityPolicyType locateSecurityPolicy(PrismObject
 				try {
 					ValuePolicyType globalPasswordPolicyType = objectResolver.resolve(globalPasswordPolicyRef, ValuePolicyType.class, null, "global security policy reference in system configuration", task, result);
 					LOGGER.trace("Using global password policy: {}", globalPasswordPolicyType);
-					return postProcessPasswordPolicy(globalPasswordPolicyType);
+					SecurityPolicyType policy = postProcessPasswordPolicy(globalPasswordPolicyType);
+					traceSecurityPolicy(policy, user);
+		    		return policy;
 				} catch (ObjectNotFoundException | SchemaException e) {
 					LOGGER.error(e.getMessage(), e);
+					traceSecurityPolicy(null, user);
 					return null;
 				}
 			}
@@ -231,6 +239,17 @@ public <F extends FocusType> SecurityPolicyType locateSecurityPolicy(PrismObject
 	}
 
 
+	private <F extends FocusType> void traceSecurityPolicy(SecurityPolicyType securityPolicyType, PrismObject<F> user) {
+		if (LOGGER.isTraceEnabled()) {
+			if (securityPolicyType == null) {
+				LOGGER.trace("Located security policy for {}: null", user);
+			} else {
+				LOGGER.trace("Located security policy for {}:\n{}", user, securityPolicyType.asPrismObject().debugDump(1));
+			}
+		}
+
+	}
+
 	private void postProcessSecurityPolicy(SecurityPolicyType securityPolicyType, Task task, OperationResult result) {
 		CredentialsPolicyType creds = securityPolicyType.getCredentials();
 		if (creds != null) {
@@ -293,7 +312,7 @@ private SecurityPolicyType postProcessPasswordPolicy(ValuePolicyType passwordPol
 		creds.setPassword(passwd);
 		securityPolicyType.setCredentials(creds);
 		setDeprecatedPasswordPolicyProperties(passwordPolicyType, passwd);
-		return null;
+		return securityPolicyType;
 	}
 
 	private void setDeprecatedPasswordPolicyProperties(ValuePolicyType passwordPolicyType,

model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/password/AbstractPasswordTest.java

@@ -76,7 +76,7 @@ public abstract class AbstractPasswordTest extends AbstractInitializedModelInteg
 	protected static final String USER_PASSWORD_VALID_3 = "abcd323";
 	protected static final String USER_PASSWORD_VALID_4 = "abcd423";
 
-	protected static final File TEST_DIR = new File(MidPointTestConstants.TEST_RESOURCES_DIR, "password");
+	public static final File TEST_DIR = new File(MidPointTestConstants.TEST_RESOURCES_DIR, "password");
 
 	protected static final File RESOURCE_DUMMY_UGLY_FILE = new File(TEST_DIR, "resource-dummy-ugly.xml");
 	protected static final String RESOURCE_DUMMY_UGLY_OID = "10000000-0000-0000-0000-000000344104";
@@ -94,11 +94,6 @@ public abstract class AbstractPasswordTest extends AbstractInitializedModelInteg
 	protected static final String USER_JACK_EMPLOYEE_NUMBER_NEW_BAD = "No1";
 	protected static final String USER_JACK_EMPLOYEE_NUMBER_NEW_GOOD = "pir321";
 
-	protected DummyResource dummyResourceUgly;
-	protected DummyResourceContoller dummyResourceCtlUgly;
-	protected ResourceType resourceDummyUglyType;
-	protected PrismObject<ResourceType> resourceDummyUgly;
-
 	protected String accountJackOid;
 	protected String accountJackRedOid;
 	protected String accountJackUglyOid;
@@ -116,12 +111,7 @@ public void initSystem(Task initTask, OperationResult initResult) throws Excepti
 
 		setGlobalSecurityPolicy(getSecurityPolicyOid(), initResult);
 
-		dummyResourceCtlUgly = DummyResourceContoller.create(RESOURCE_DUMMY_UGLY_NAME, resourceDummyUgly);
-		dummyResourceCtlUgly.extendSchemaPirate();
-		dummyResourceUgly = dummyResourceCtlUgly.getDummyResource();
-		resourceDummyUgly = importAndGetObjectFromFile(ResourceType.class, RESOURCE_DUMMY_UGLY_FILE, RESOURCE_DUMMY_UGLY_OID, initTask, initResult);
-		resourceDummyUglyType = resourceDummyUgly.asObjectable();
-		dummyResourceCtlUgly.setResource(resourceDummyUgly);
+		initDummyResourcePirate(RESOURCE_DUMMY_UGLY_NAME, RESOURCE_DUMMY_UGLY_FILE, RESOURCE_DUMMY_UGLY_OID, initTask, initResult);
 
 		login(USER_ADMINISTRATOR_USERNAME);
 	}
@@ -148,7 +138,7 @@ public void test010AddPasswordPolicy() throws Exception {
         assertEquals("Wrong OID after add", PASSWORD_POLICY_GLOBAL_OID, passwordPolicy.getOid());
 
 		// Check object
-        PrismObject<ValuePolicyType> accountShadow = repositoryService.getObject(ValuePolicyType.class, PASSWORD_POLICY_GLOBAL_OID, null, result);
+        PrismObject<ValuePolicyType> valuePolicy = repositoryService.getObject(ValuePolicyType.class, PASSWORD_POLICY_GLOBAL_OID, null, result);
 
         // TODO: more asserts
 	}