Merge branch 'post-3.7-fixes' of https://github.com/Evolveum/midpoint …

…into post-3.7-fixes

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/assignment/AssignmentPanel.java

@@ -169,6 +169,12 @@ protected void saveProviderPaging(ObjectQuery query, ObjectPaging paging) {
 			public ObjectQuery getQuery() {
 				return createObjectQuery();
 			}
+
+			@Override
+			protected List<ContainerValueWrapper<AssignmentType>> searchThroughList() {
+				List<ContainerValueWrapper<AssignmentType>> resultList = super.searchThroughList();
+				return postSearch(resultList);
+			}
 
 		};
 
@@ -203,6 +209,10 @@ public String getObject() {
 		return assignmentTable;
 
 	}
+
+	protected List<ContainerValueWrapper<AssignmentType>> postSearch(List<ContainerValueWrapper<AssignmentType>> assignments) {
+		return assignments;
+	}
 
 	protected AssignmentsTabStorage getAssignmentsStorage() {
 		return getPageBase().getSessionStorage().getAssignmentsTabStorage();

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/assignment/GenericAbstractRoleAssignmentPanel.java

@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 2010-2017 Evolveum
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.evolveum.midpoint.web.component.assignment;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import org.apache.wicket.model.IModel;
+
+import com.evolveum.midpoint.gui.api.util.WebComponentUtil;
+import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
+import com.evolveum.midpoint.prism.PrismObject;
+import com.evolveum.midpoint.prism.path.ItemPath;
+import com.evolveum.midpoint.prism.query.ObjectQuery;
+import com.evolveum.midpoint.prism.query.builder.QueryBuilder;
+import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.QNameUtil;
+import com.evolveum.midpoint.web.component.prism.ContainerValueWrapper;
+import com.evolveum.midpoint.web.component.prism.ContainerWrapper;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;
+
+public class GenericAbstractRoleAssignmentPanel extends AbstractRoleAssignmentPanel {
+
+	private static final long serialVersionUID = 1L;
+
+	public GenericAbstractRoleAssignmentPanel(String id, IModel<ContainerWrapper<AssignmentType>> assignmentContainerWrapperModel) {
+		super(id, assignmentContainerWrapperModel);
+	}
+
+//	@Override
+//	protected boolean isRelationVisible() {
+//		return true;
+//	}
+
+//	@Override
+//	protected <T extends ObjectType> void addSelectedAssignmentsPerformed(AjaxRequestTarget target, List<T> assignmentsList,
+//			QName relation) {
+//		super.addSelectedAssignmentsPerformed(target, assignmentsList, SchemaConstants.ORG_DEFAULT);
+//	}
+
+	@Override
+	protected List<ContainerValueWrapper<AssignmentType>> postSearch(List<ContainerValueWrapper<AssignmentType>> assignments) {
+
+		List<ContainerValueWrapper<AssignmentType>> resultList = new ArrayList<>();
+		Task task = getPageBase().createSimpleTask("load assignment targets");
+		Iterator<ContainerValueWrapper<AssignmentType>> assignmentIterator = assignments.iterator();
+		while (assignmentIterator.hasNext()) {
+			ContainerValueWrapper<AssignmentType> ass = assignmentIterator.next();
+			AssignmentType assignment = ass.getContainerValue().asContainerable();
+			if (QNameUtil.match(assignment.getTargetRef().getType(), OrgType.COMPLEX_TYPE)) {
+				PrismObject<OrgType> org = WebModelServiceUtils.loadObject(assignment.getTargetRef(), getPageBase(), task, task.getResult());
+				if (org != null) {
+					if (org.asObjectable().getOrgType().contains("access")) {
+						resultList.add(ass);
+					}
+				}
+			}
+
+		}
+
+		return resultList;
+	}
+
+//	protected ObjectQuery createObjectQuery() {
+//		
+//		List<ContainerValueWrapper<AssignmentType>> assignments = getModelObject().getValues();
+//		
+//		Task task = getPageBase().createSimpleTask("load assignment targets");
+//		
+//		List<String> oids = new ArrayList<>(); 
+//		Iterator<ContainerValueWrapper<AssignmentType>> assignmentIterator = assignments.iterator();
+//		while (assignmentIterator.hasNext()) {
+//			ContainerValueWrapper<AssignmentType> ass = assignmentIterator.next();
+//			AssignmentType assignment = ass.getContainerValue().asContainerable();
+//			PrismObject<OrgType> org = WebModelServiceUtils.loadObject(assignment.getTargetRef(), getPageBase(), task, task.getResult());
+//			if (org != null) {
+//				assignment.setTarget(org.asObjectable());
+//			}
+//			
+//		}
+//		ObjectQuery query =  QueryBuilder.queryFor(AssignmentType.class, getParentPage().getPrismContext())
+//				.item(new ItemPath(AssignmentType.F_TARGET, OrgType.F_ORG_TYPE)).eq("access").build();
+//				
+//		return query;
+//	}
+}

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/objectdetails/FocusAssignmentsTabPanel.java

@@ -22,6 +22,7 @@
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
 import com.evolveum.midpoint.web.component.assignment.AbstractRoleAssignmentPanel;
+import com.evolveum.midpoint.web.component.assignment.AssignmentPanel;
 import com.evolveum.midpoint.web.component.assignment.AssignmentsUtil;
 import com.evolveum.midpoint.web.component.form.Form;
 import com.evolveum.midpoint.web.component.prism.*;
@@ -64,11 +65,15 @@ private void initLayout() {
 		WebMarkupContainer assignments = new WebMarkupContainer(ID_ASSIGNMENTS);
 		assignments.setOutputMarkupId(true);
 		add(assignments);
-
-		AbstractRoleAssignmentPanel panel = new AbstractRoleAssignmentPanel(ID_ASSIGNMENTS_PANEL,
-				new ContainerWrapperFromObjectWrapperModel<>(getObjectWrapperModel(), new ItemPath(FocusType.F_ASSIGNMENT)));
+		ContainerWrapperFromObjectWrapperModel model = new ContainerWrapperFromObjectWrapperModel<>(getObjectWrapperModel(), new ItemPath(FocusType.F_ASSIGNMENT));
+		AssignmentPanel panel = createPanel(ID_ASSIGNMENTS_PANEL, model);
 
 		assignments.add(panel);
 	}
+
+	protected AssignmentPanel createPanel(String panelId, ContainerWrapperFromObjectWrapperModel<AssignmentType, F> model) {
+		AbstractRoleAssignmentPanel panel = new AbstractRoleAssignmentPanel(panelId, model);
+		return panel;
+	}
 
 }

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/objectdetails/FocusMainPanel.java

@@ -21,19 +21,25 @@
 import com.evolveum.midpoint.gui.api.model.LoadableModel;
 import com.evolveum.midpoint.gui.api.page.PageBase;
 import com.evolveum.midpoint.gui.api.util.FocusTabVisibleBehavior;
+import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
 import com.evolveum.midpoint.prism.PrismObject;
 import com.evolveum.midpoint.prism.path.ItemPath;
 import com.evolveum.midpoint.prism.query.ObjectQuery;
 import com.evolveum.midpoint.prism.query.builder.QueryBuilder;
+import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.QNameUtil;
 import com.evolveum.midpoint.util.exception.SystemException;
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
+import com.evolveum.midpoint.web.component.assignment.AssignmentPanel;
 import com.evolveum.midpoint.web.component.assignment.AssignmentsUtil;
+import com.evolveum.midpoint.web.component.assignment.GenericAbstractRoleAssignmentPanel;
 import com.evolveum.midpoint.web.component.form.Form;
 import com.evolveum.midpoint.web.component.prism.ContainerValueWrapper;
 import com.evolveum.midpoint.web.component.prism.ContainerWrapper;
 import com.evolveum.midpoint.web.component.prism.ObjectWrapper;
 import com.evolveum.midpoint.web.component.prism.ValueStatus;
+import com.evolveum.midpoint.web.model.ContainerWrapperFromObjectWrapperModel;
 import com.evolveum.midpoint.web.page.admin.PageAdminFocus;
 import com.evolveum.midpoint.web.page.admin.PageAdminObjectDetails;
 import com.evolveum.midpoint.web.page.admin.server.dto.TaskDtoProvider;
@@ -54,6 +60,8 @@
 import java.util.ArrayList;
 import java.util.List;
 
+import javax.xml.namespace.QName;
+
 /**
  * @author semancik
  *
@@ -204,6 +212,18 @@ protected WebMarkupContainer createFocusAssignmentsTabPanel(String panelId, Page
 		assignmentsTabPanel = new FocusAssignmentsTabPanel<F>(panelId, getMainForm(), getObjectModel(), parentPage);
         return assignmentsTabPanel;
 	}
+
+	protected WebMarkupContainer createFocusDataProtectionTabPanel(String panelId, PageAdminObjectDetails<F> parentPage) {
+		assignmentsTabPanel = new FocusAssignmentsTabPanel<F>(panelId, getMainForm(), getObjectModel(), parentPage) {
+
+			 @Override
+			protected AssignmentPanel createPanel(String panelId, ContainerWrapperFromObjectWrapperModel<AssignmentType, F> model) {
+				return new GenericAbstractRoleAssignmentPanel(panelId, model);
+			}
+
+		};
+        return assignmentsTabPanel;
+	}
 
 	protected WebMarkupContainer createObjectHistoryTabPanel(String panelId, PageAdminObjectDetails<F> parentPage) {
 		return new ObjectHistoryTabPanel<>(panelId, getMainForm(), getObjectModel(), parentPage);
@@ -283,6 +303,42 @@ public String getCount() {
 						return Integer.toString(countAssignments());
 					}
 				});
+
+		authorization = new FocusTabVisibleBehavior(unwrapModel(), ComponentConstants.UI_FOCUS_TAB_ASSIGNMENTS_URL);
+		tabs.add(
+				new CountablePanelTab(parentPage.createStringResource("pageAdminFocus.dataProtection"), authorization) {
+
+					private static final long serialVersionUID = 1L;
+
+					@Override
+					public WebMarkupContainer createPanel(String panelId) {
+						return createFocusDataProtectionTabPanel(panelId, parentPage);
+					}
+
+					@Override
+					public String getCount() {
+						PrismObject<F> focus = getObjectModel().getObject().getObject();
+						List<AssignmentType> assignments = focus.asObjectable().getAssignment();
+						int count = 0;
+						for (AssignmentType assignment : assignments) {
+							if (assignment.getTargetRef() == null) {
+								continue;
+							}
+							if (QNameUtil.match(assignment.getTargetRef().getType(), OrgType.COMPLEX_TYPE)) {
+								Task task = parentPage.createSimpleTask("load data protection obejcts");
+								PrismObject<OrgType> org = WebModelServiceUtils.loadObject(assignment.getTargetRef(), parentPage, task, task.getResult());
+
+								if (org != null) {
+									if (org.asObjectable().getOrgType().contains("access")) {
+										count++;
+									}
+								}
+							}
+						}
+
+						return String.valueOf(count);
+					}
+				});
 
 		authorization = new FocusTabVisibleBehavior(unwrapModel(), ComponentConstants.UI_FOCUS_TAB_TASKS_URL);
 		tabs.add(

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/util/AssignmentListDataProvider.java

@@ -120,7 +120,7 @@ public List<ContainerValueWrapper<AssignmentType>> getSelectedData() {
     	return getAvailableData().stream().filter(a -> a.isSelected()).collect(Collectors.toList());
     }
 
-    private List<ContainerValueWrapper<AssignmentType>> searchThroughList() {
+    protected List<ContainerValueWrapper<AssignmentType>> searchThroughList() {
     	List<ContainerValueWrapper<AssignmentType>> list = model.getObject();
 
     	if (list == null || list.isEmpty()) {

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PageAssignmentsList.java

@@ -427,7 +427,7 @@ private void handleModifyAssignmentDelta(AssignmentEditorDto assDto,
         }
     }
 
-    private List<ConflictDto> getAssignmentConflicts(){
+   private List<ConflictDto> getAssignmentConflicts(){
         ModelContext<UserType> modelContext = null;
 
         ObjectDelta<UserType> delta;
@@ -452,40 +452,14 @@ private List<ConflictDto> getAssignmentConflicts(){
                     .getEvaluatedAssignmentTriple();
             Collection<? extends EvaluatedAssignment> addedAssignments = evaluatedAssignmentTriple.getPlusSet();
             for (EvaluatedAssignment<UserType> evaluatedAssignment : addedAssignments) {
+
                 for (EvaluatedPolicyRule policyRule : evaluatedAssignment.getAllTargetsPolicyRules()) {
                     if (!policyRule.containsEnabledAction()) {
                         continue;
                     }
                     // everything other than 'enforce' is a warning
                     boolean isWarning = !policyRule.containsEnabledAction(EnforcementPolicyActionType.class);
-                    for (EvaluatedPolicyRuleTrigger<?> trigger : policyRule.getAllTriggers()) {
-                        if (trigger instanceof EvaluatedExclusionTrigger) {
-                            EvaluatedExclusionTrigger exclusionTrigger = (EvaluatedExclusionTrigger) trigger;
-                            EvaluatedAssignment<F> conflictingAssignment = exclusionTrigger.getConflictingAssignment();
-                            PrismObject<F> addedAssignmentTargetObj = (PrismObject<F>)evaluatedAssignment.getTarget();
-                            PrismObject<F> exclusionTargetObj = (PrismObject<F>)conflictingAssignment.getTarget();
-
-                            AssignmentConflictDto<F> dto1 = new AssignmentConflictDto<>(exclusionTargetObj,
-                                    conflictingAssignment.getAssignmentType(true) != null);
-                            AssignmentConflictDto<F> dto2 = new AssignmentConflictDto<>(addedAssignmentTargetObj,
-                                    evaluatedAssignment.getAssignmentType(true) != null);
-                            ConflictDto conflict = new ConflictDto(dto1, dto2, isWarning);
-                            String oid1 = exclusionTargetObj.getOid();
-                            String oid2 = addedAssignmentTargetObj.getOid();
-                            if (!conflictsMap.containsKey(oid1 + oid2) && !conflictsMap.containsKey(oid2 + oid1)) {
-                                conflictsMap.put(oid1 + oid2, conflict);
-                            } else if (!isWarning) {
-                                // error is stronger than warning, so we replace (potential) warnings with this error
-                                // TODO Kate please review this
-                                if (conflictsMap.containsKey(oid1 + oid2)) {
-                                    conflictsMap.replace(oid1 + oid2, conflict);
-                                }
-                                if (conflictsMap.containsKey(oid2 + oid1)) {
-                                    conflictsMap.replace(oid2 + oid1, conflict);
-                                }
-                            }
-                        }
-                    }
+                    fillInConflictedObjects(evaluatedAssignment, policyRule.getAllTriggers(), isWarning, conflictsMap);
                 }
             }
         } catch (Exception e) {
@@ -495,7 +469,48 @@ private List<ConflictDto> getAssignmentConflicts(){
         conflictsList.addAll(conflictsMap.values());
         return conflictsList;
     }
+
+    private void fillInConflictedObjects(EvaluatedAssignment<UserType> evaluatedAssignment, Collection<EvaluatedPolicyRuleTrigger<?>> triggers, boolean isWarning, Map<String, ConflictDto> conflictsMap) {
+
+    	for (EvaluatedPolicyRuleTrigger<?> trigger : triggers) {
+
+       	 if (trigger instanceof EvaluatedExclusionTrigger) {
+              fillInFromEvaluatedExclusionTrigger(evaluatedAssignment, (EvaluatedExclusionTrigger) trigger, isWarning, conflictsMap);
+           } else if (trigger instanceof EvaluatedCompositeTrigger) {
+        	   EvaluatedCompositeTrigger compositeTrigger = (EvaluatedCompositeTrigger) trigger;
+           	   Collection<EvaluatedPolicyRuleTrigger<?>> innerTriggers = compositeTrigger.getInnerTriggers();
+           	   fillInConflictedObjects(evaluatedAssignment, innerTriggers, isWarning, conflictsMap);
+           }
+    	} 
+
+    }
 
+    private void fillInFromEvaluatedExclusionTrigger(EvaluatedAssignment<UserType> evaluatedAssignment, EvaluatedExclusionTrigger exclusionTrigger, boolean isWarning, Map<String, ConflictDto> conflictsMap) {
+//    	 EvaluatedExclusionTrigger exclusionTrigger = (EvaluatedExclusionTrigger) trigger;
+         EvaluatedAssignment<F> conflictingAssignment = exclusionTrigger.getConflictingAssignment();
+         PrismObject<F> addedAssignmentTargetObj = (PrismObject<F>)evaluatedAssignment.getTarget();
+         PrismObject<F> exclusionTargetObj = (PrismObject<F>)conflictingAssignment.getTarget();
+
+         AssignmentConflictDto<F> dto1 = new AssignmentConflictDto<>(exclusionTargetObj,
+                 conflictingAssignment.getAssignmentType(true) != null);
+         AssignmentConflictDto<F> dto2 = new AssignmentConflictDto<>(addedAssignmentTargetObj,
+                 evaluatedAssignment.getAssignmentType(true) != null);
+         ConflictDto conflict = new ConflictDto(dto1, dto2, isWarning);
+         String oid1 = exclusionTargetObj.getOid();
+         String oid2 = addedAssignmentTargetObj.getOid();
+         if (!conflictsMap.containsKey(oid1 + oid2) && !conflictsMap.containsKey(oid2 + oid1)) {
+             conflictsMap.put(oid1 + oid2, conflict);
+         } else if (!isWarning) {
+             // error is stronger than warning, so we replace (potential) warnings with this error
+             // TODO Kate please review this
+             if (conflictsMap.containsKey(oid1 + oid2)) {
+                 conflictsMap.replace(oid1 + oid2, conflict);
+             }
+             if (conflictsMap.containsKey(oid2 + oid1)) {
+                 conflictsMap.replace(oid2 + oid1, conflict);
+             }
+         }
+    }
     private boolean onlyWarnings(){
         List<ConflictDto> list = getSessionStorage().getRoleCatalog().getConflictsList();
         for (ConflictDto dto : list){

gui/admin-gui/src/main/resources/localization/Midpoint.properties

@@ -3925,4 +3925,5 @@ CertCampaignStateFilter.CREATED=Created
 CertCampaignStateFilter.IN_REVIEW_STAGE=In review stage
 CertCampaignStateFilter.REVIEW_STAGE_DONE=Review stage done
 CertCampaignStateFilter.IN_REMEDIATION=In remediation
-CertCampaignStateFilter.CLOSED=Closed
+CertCampaignStateFilter.CLOSED=Closed
+pageAdminFocus.dataProtection=Data protection