Merge branch 'master' into feature/certification-work-items

Evolveum · Mar 31, 2017 · e63b7b1 · e63b7b1
2 parents b110687 + 701b06f
commit e63b7b1
Show file tree

Hide file tree

Showing 6 changed files with 69 additions and 19 deletions.
diff --git a/...i/src/main/java/com/evolveum/midpoint/web/component/assignment/AssignmentEditorPanel.java b/...i/src/main/java/com/evolveum/midpoint/web/component/assignment/AssignmentEditorPanel.java
@@ -96,7 +96,7 @@ public class AssignmentEditorPanel extends BasePanel<AssignmentEditorDto> {
 	private static final String OPERATION_LOAD_OBJECT = DOT_CLASS + "loadObject";
 	private static final String OPERATION_LOAD_RESOURCE = DOT_CLASS + "loadResource";
 	private static final String OPERATION_LOAD_ATTRIBUTES = DOT_CLASS + "loadAttributes";
-	private static final String OPERATION_LOAD_TARGET_OBJECT = DOT_CLASS + "loadUser";
+	private static final String OPERATION_LOAD_TARGET_OBJECT = DOT_CLASS + "loadItemSecurityDecisions";
 
 	private static final String ID_HEADER_ROW = "headerRow";
 	private static final String ID_SELECTED = "selected";
@@ -887,10 +887,6 @@ private void showEmptyPerformed(AjaxRequestTarget target) {
 	private List<ACAttributeDto> loadAttributes() {
 		AssignmentEditorDto dto = getModel().getObject();
 
-		if (dto.getAttributes() != null && !dto.getAttributes().isEmpty()) {
-			return dto.getAttributes();
-		}
-
 		OperationResult result = new OperationResult(OPERATION_LOAD_ATTRIBUTES);
 		List<ACAttributeDto> attributes = new ArrayList<>();
 		try {
@@ -956,6 +952,18 @@ public int compare(ACAttributeDto a1, ACAttributeDto a2) {
 			}
 		});
 
+
+		if (dto.getAttributes() != null && !dto.getAttributes().isEmpty()) {
+			for (ACAttributeDto assignmentAttribute : dto.getAttributes()) {
+				for (ACAttributeDto attributeDto : attributes){
+					if (attributeDto.getName().equals(assignmentAttribute.getName())){
+						attributes.set(attributes.indexOf(attributeDto), assignmentAttribute);
+						continue;
+					}
+				}
+			}
+		}
+
 		dto.setAttributes(attributes);
 
 		getPageBase().showResult(result, false);
@@ -1222,17 +1230,20 @@ private ItemSecurityDecisions loadSecurityDecisions(){
 		if (pageBase == null || getModelObject().getTargetRef() == null){
 			return null;
 		}
-		PrismObject<UserType> currentUser = pageBase.loadUserSelf(pageBase);
+		PrismObject<UserType> user = pageBase.getSessionStorage().getRoleCatalog().getTargetUser();
+		if (user == null){
+			user = pageBase.loadUserSelf(pageBase);
+		}
 		String targetObjectOid = getModelObject().getTargetRef().getOid();
 
 		Task task = pageBase.createSimpleTask(OPERATION_LOAD_TARGET_OBJECT);
 		OperationResult result = new OperationResult(OPERATION_LOAD_TARGET_OBJECT);
-		PrismObject<AbstractRoleType> targetRefObject = WebModelServiceUtils.loadObject(AbstractRoleType.class, targetObjectOid, pageBase,
-				task, result);
+		PrismObject<AbstractRoleType> targetRefObject = WebModelServiceUtils.loadObject(AbstractRoleType.class,
+				targetObjectOid, pageBase, task, result);
 		ItemSecurityDecisions decisions = null;
 		try{
 			decisions =
-					pageBase.getModelInteractionService().getAllowedRequestAssignmentItems(currentUser, targetRefObject);
+					pageBase.getModelInteractionService().getAllowedRequestAssignmentItems(user, targetRefObject);
 
 		} catch (SchemaException|SecurityViolationException ex){
 			LoggingUtils.logUnexpectedException(LOGGER, "Couldn't load security decisions for assignment items.", ex);

diff --git a/...admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/resources/PageResources.java b/...admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/resources/PageResources.java
@@ -27,6 +27,7 @@
 import com.evolveum.midpoint.web.component.search.*;
 import com.evolveum.midpoint.web.session.PageStorage;
 import com.evolveum.midpoint.web.session.SessionStorage;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.SearchBoxModeType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
 import org.apache.commons.lang.StringUtils;
 import org.apache.wicket.Component;
@@ -140,9 +141,10 @@ private void initSearch(String text){
         if (storage == null) {
             storage = getSessionStorage().initPageStorage(SessionStorage.KEY_RESOURCES);
         }
-        Search search = SearchFactory.createSearch(UserType.class, getPrismContext(), getModelInteractionService());
-
-        if (search.getItems() != null && search.getItems().size() > 0){
+        Search search = SearchFactory.createSearch(ResourceType.class, getPrismContext(), getModelInteractionService());
+		if (SearchBoxModeType.FULLTEXT.equals(search.getSearchType())){
+			search.setFullText(text);
+		} else if (search.getItems() != null && search.getItems().size() > 0){
             SearchItem searchItem = search.getItems().get(0);
             searchItem.getValues().add(new SearchValue<>(text));
         }

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/users/PageUsers.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/users/PageUsers.java
@@ -151,7 +151,9 @@ private void initSearch(String text){
             storage = getSessionStorage().initPageStorage(SessionStorage.KEY_USERS);
         }
         Search search = SearchFactory.createSearch(UserType.class, getPrismContext(), getModelInteractionService());
-        if (search.getItems() != null && search.getItems().size() > 0){
+		if (SearchBoxModeType.FULLTEXT.equals(search.getSearchType())){
+			search.setFullText(text);
+		} else if (search.getItems() != null && search.getItems().size() > 0){
             SearchItem searchItem = search.getItems().get(0);
             searchItem.getValues().add(new SearchValue<>(text));
         }

diff --git a/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd b/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd
@@ -12088,8 +12088,8 @@
             <xsd:enumeration value="encryption">
                 <xsd:annotation>
                 	<xsd:documentation>
-                		Credential will be stored in an ecrypted form.
-                		This is a symetric (reversible) encryption.
+                		Credential will be stored in an encrypted form.
+                		This is a symmetric (reversible) encryption.
                 		MidPoint will be able to get a cleartext form of
                 		the credential if needed.
                 	</xsd:documentation>
@@ -12102,7 +12102,7 @@
                 <xsd:annotation>
                 	<xsd:documentation>
                 		Credential will be stored in a hashed form.
-                		One-way (ireversible) cryptographic hash or key derivation function
+                		One-way (irreversible) cryptographic hash or key derivation function
                 		will be used to transform the credential before storage.
                 		MidPoint will NOT be able to get a cleartext form of
                 		the credential, but it can still compare credential values.
@@ -12116,14 +12116,15 @@
                 <xsd:annotation>
                 	<xsd:documentation>
                 		MidPoint will not store the credential at all.
-                		MidPoitn will only work with credential in the memory
+                		MidPoint will only work with credential in the memory
                 		while it is needed to complete current operation.
                 		The credential will be discarded after the operation.
 
                 		THIS IS ONLY PARTIALLY SUPPORTED
 
                 		MidPoint should be able not to store the credentials when
-                		this setting is used. But there may be side effects.
+                		this setting is used. But there may be side effects
+                		that are not completely addressed yet.
                 		This is not entirelly tests and not supported.
                 		Use at your own risk.
                 	</xsd:documentation>

diff --git a/...ain/java/com/evolveum/midpoint/model/impl/security/MidpointRestAuthenticationHandler.java b/...ain/java/com/evolveum/midpoint/model/impl/security/MidpointRestAuthenticationHandler.java
@@ -86,7 +86,14 @@ public void filter(ContainerRequestContext requestCtx) throws IOException {
 			passwordAuthenticator.handleRequest(policy, m, requestCtx);
 			return;
 		}
+
 		String authorization = requestCtx.getHeaderString("Authorization");
+
+		if (StringUtils.isBlank(authorization)){
+			createAbortMessage(requestCtx);
+			return;
+		}
+
 		String[] parts = authorization.split(" ");
 		String authenticationType = parts[0];
 

diff --git a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportUtils.java b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportUtils.java
@@ -18,6 +18,7 @@
 import com.evolveum.midpoint.prism.Containerable;
 import com.evolveum.midpoint.prism.Item;
 import com.evolveum.midpoint.prism.PrismContainerValue;
+import com.evolveum.midpoint.prism.PrismObjectValue;
 import com.evolveum.midpoint.prism.PrismPropertyValue;
 import com.evolveum.midpoint.prism.PrismReferenceValue;
 import com.evolveum.midpoint.prism.PrismValue;
@@ -36,12 +37,15 @@
 import javax.xml.namespace.QName;
 
 import com.evolveum.midpoint.xml.ns._public.common.common_3.AccessCertificationResponseType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.EvaluatedPolicyRuleTriggerType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.EvaluatedSituationTriggerType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.EvaluatedExclusionTriggerType;
 import org.apache.commons.lang.StringUtils;
 
 import com.evolveum.midpoint.util.PrettyPrinter;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.logging.Trace;
-import com.evolveum.midpoint.util.logging.TraceManager;
+import com.evolveum.midpoint.util.logging.TraceManager;   
 import com.evolveum.midpoint.xml.ns._public.common.common_3.MetadataType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
@@ -608,6 +612,29 @@ public static String prettyPrintForReport(AccessCertificationResponseType respon
         }
         return getPropertyString("AccessCertificationResponseType."+response.name());
     }
+
+    public static String prettyPrintForReport(EvaluatedPolicyRuleTriggerType trigger) {
+        return prettyPrintRuleTriggerForReport(trigger);
+    }    
+
+    public static String prettyPrintForReport(EvaluatedSituationTriggerType trigger) {
+        return prettyPrintRuleTriggerForReport(trigger);
+    } 
+
+    public static String prettyPrintForReport(EvaluatedExclusionTriggerType trigger) {
+        return prettyPrintRuleTriggerForReport(trigger);
+    }
+
+    public static String prettyPrintForReport(PrismObjectValue pov) {
+        return prettyPrintForReport((PrismContainerValue) pov);
+    }
+
+    private static String prettyPrintRuleTriggerForReport(EvaluatedPolicyRuleTriggerType trigger) {
+        if (trigger == null) {
+            return "";
+        }
+        return "Rule: " + (trigger.getRuleName()!=null?trigger.getRuleName():"N/A");
+    }
 
     public static String prettyPrintForReport(Enum e) {
         if (e == null) {