Improved error handling, cleaned up ObjectResolver, removed XPath sup…

…port

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java

@@ -41,6 +41,7 @@
 import com.evolveum.midpoint.prism.query.builder.QueryBuilder;
 import com.evolveum.midpoint.prism.query.builder.S_FilterEntryOrEmpty;
 import com.evolveum.midpoint.repo.api.CacheDispatcher;
+import com.evolveum.midpoint.repo.common.ObjectResolver;
 import com.evolveum.midpoint.repo.common.expression.Expression;
 import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext;
 import com.evolveum.midpoint.repo.common.expression.ExpressionFactory;
@@ -51,7 +52,6 @@
 import com.evolveum.midpoint.schema.internals.InternalsConfig;
 import com.evolveum.midpoint.schema.result.OperationConstants;
 import com.evolveum.midpoint.schema.result.OperationResult;
-import com.evolveum.midpoint.schema.util.ObjectResolver;
 import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import com.evolveum.midpoint.security.api.MidPointPrincipal;
 import com.evolveum.midpoint.security.api.OwnerResolver;

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java

@@ -19,8 +19,8 @@
 import com.evolveum.midpoint.model.api.ModelInteractionService;
 import com.evolveum.midpoint.model.api.ModelService;
 import com.evolveum.midpoint.prism.PrismContext;
+import com.evolveum.midpoint.repo.common.ObjectResolver;
 import com.evolveum.midpoint.repo.common.expression.ExpressionFactory;
-import com.evolveum.midpoint.schema.util.ObjectResolver;
 import com.evolveum.midpoint.security.api.SecurityContextManager;
 import com.evolveum.midpoint.security.enforcer.api.SecurityEnforcer;
 import com.evolveum.midpoint.task.api.Task;

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebModelServiceUtils.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2017 Evolveum
+ * Copyright (c) 2010-2018 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -801,7 +801,7 @@ public static boolean isPostAuthenticationEnabled(TaskManager taskManager, Model
 	    		if (StringUtils.isNotBlank(requiredLifecycleState) && requiredLifecycleState.equals(user.getLifecycleState())) {
 	    			return true; 
 	    		}
-			} catch (ObjectNotFoundException | SchemaException e) {
+			} catch (CommonException e) {
 				LoggingUtils.logException(LOGGER, "Cannot determine post authentication policies", e);
 			}
     	}

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PagePreviewChanges.java

@@ -23,8 +23,8 @@
 import com.evolveum.midpoint.model.api.visualizer.Scene;
 import com.evolveum.midpoint.prism.PrismObject;
 import com.evolveum.midpoint.prism.delta.ObjectDelta;
+import com.evolveum.midpoint.repo.common.ObjectResolver;
 import com.evolveum.midpoint.schema.result.OperationResult;
-import com.evolveum.midpoint.schema.util.ObjectResolver;
 import com.evolveum.midpoint.security.api.AuthorizationConstants;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.util.DebugUtil;

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PreviewChangesTabPanel.java

@@ -6,8 +6,8 @@
 import com.evolveum.midpoint.model.api.context.ModelProjectionContext;
 import com.evolveum.midpoint.model.api.visualizer.Scene;
 import com.evolveum.midpoint.prism.delta.ObjectDelta;
+import com.evolveum.midpoint.repo.common.ObjectResolver;
 import com.evolveum.midpoint.schema.result.OperationResult;
-import com.evolveum.midpoint.schema.util.ObjectResolver;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.util.DebugUtil;
 import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalProcessExecutionInformationDto.java

@@ -16,8 +16,8 @@
 
 package com.evolveum.midpoint.web.page.admin.workflow.dto;
 
+import com.evolveum.midpoint.repo.common.ObjectResolver;
 import com.evolveum.midpoint.schema.result.OperationResult;
-import com.evolveum.midpoint.schema.util.ObjectResolver;
 import com.evolveum.midpoint.schema.util.WfContextUtil;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ApprovalLevelOutcomeType;

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalStageExecutionInformationDto.java

@@ -16,8 +16,8 @@
 
 package com.evolveum.midpoint.web.page.admin.workflow.dto;
 
+import com.evolveum.midpoint.repo.common.ObjectResolver;
 import com.evolveum.midpoint.schema.result.OperationResult;
-import com.evolveum.midpoint.schema.util.ObjectResolver;
 import com.evolveum.midpoint.schema.util.ObjectTypeUtil;
 import com.evolveum.midpoint.schema.util.WfContextUtil;
 import com.evolveum.midpoint.task.api.Task;

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageLogin.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2017 Evolveum
+ * Copyright (c) 2010-2018 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,6 +19,7 @@
 import com.evolveum.midpoint.gui.api.page.PageBase;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.exception.CommonException;
 import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.logging.Trace;
@@ -74,7 +75,7 @@ public boolean isVisible() {
                 SecurityPolicyType securityPolicy = null;
                 try {
                     securityPolicy = getModelInteractionService().getSecurityPolicy(null, null, parentResult);
-                } catch (ObjectNotFoundException | SchemaException e) {
+                } catch (CommonException e) {
                     LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), e);
                 }
 
@@ -120,7 +121,7 @@ public boolean isVisible() {
                 		registrationPolicies = getModelInteractionService().getRegistrationPolicy(null, task, parentResult);
                 	}
 
-                } catch (ObjectNotFoundException | SchemaException e) {
+                } catch (CommonException e) {
                     LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), e);
                 }
 

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageRegistrationBase.java

@@ -1,3 +1,18 @@
+/*
+ * Copyright (c) 2010-2018 Evolveum
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package com.evolveum.midpoint.web.page.login;
 
 import org.apache.wicket.RestartResponseException;
@@ -10,6 +25,7 @@
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.util.Producer;
+import com.evolveum.midpoint.util.exception.CommonException;
 import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.logging.Trace;
@@ -93,6 +109,7 @@ private void initResetCredentialsConfiguration() {
 
 	private SecurityPolicyType resolveSecurityPolicy() {
 		SecurityPolicyType securityPolicy = runPrivileged(new Producer<SecurityPolicyType>() {
+			private static final long serialVersionUID = 1L;
 
 			@Override
 			public SecurityPolicyType run() {
@@ -103,8 +120,8 @@ public SecurityPolicyType run() {
 
 				try {
 					return getModelInteractionService().getSecurityPolicy(null, task, result);
-				} catch (ObjectNotFoundException | SchemaException e) {
-					LOGGER.error("Could not retrieve security policy");
+				} catch (CommonException e) {
+					LOGGER.error("Could not retrieve security policy: {}", e.getMessage(), e);
 					return null;
 				}
 

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java

@@ -40,6 +40,7 @@
 import com.evolveum.midpoint.security.api.MidPointPrincipal;
 import com.evolveum.midpoint.security.api.UserProfileService;
 import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.exception.CommonException;
 import com.evolveum.midpoint.util.exception.CommunicationException;
 import com.evolveum.midpoint.util.exception.ConfigurationException;
 import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
@@ -208,8 +209,8 @@ protected void submitRegistration(AjaxRequestTarget target) {
 			try {
 				getModelInteractionService().refreshPrincipal(principal.getOid());
 				navigateToNext(getMidpointApplication().getHomePage());
-			} catch (ObjectNotFoundException | SchemaException e) {
-				LOGGER.error("Errpr while refreshing user: ", e);
+			} catch (CommonException e) {
+				LOGGER.error("Error while refreshing user: ", e);
 				target.add(PagePostAuthentication.this);
 			}
 

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java

@@ -96,7 +96,7 @@ public void setupPreAuthenticatedSecurityContext(Authentication authentication)
     }
 
     @Override
-    public void setupPreAuthenticatedSecurityContext(PrismObject<UserType> user) throws SchemaException {
+    public void setupPreAuthenticatedSecurityContext(PrismObject<UserType> user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
     	securityContextManager.setupPreAuthenticatedSecurityContext(user);
 	}
 
@@ -317,7 +317,7 @@ public MidPointPrincipal createDonorPrincipal(MidPointPrincipal attorneyPrincipa
 
 
 	@Override
-	public <T> T runAs(Producer<T> producer, PrismObject<UserType> user) throws SchemaException {
+	public <T> T runAs(Producer<T> producer, PrismObject<UserType> user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
 		return securityContextManager.runAs(producer, user);
 	}
 

gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationSecurity.java

@@ -1,5 +1,5 @@
 /**
- * Copyright (c) 2016-2017 Evolveum
+ * Copyright (c) 2016-2018 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -242,7 +242,7 @@ private void assertDeny(Authentication authentication, String path) {
 
 	}
 
-	private Authentication createPasswordAuthentication(String username) throws ObjectNotFoundException, SchemaException {
+	private Authentication createPasswordAuthentication(String username) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
 		MidPointPrincipal principal = userProfileService.getPrincipal(username);
 		UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(principal, null, principal.getAuthorities());
 		return auth;

infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ExceptionUtil.java

@@ -24,6 +24,7 @@
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.exception.SecurityViolationException;
 import com.evolveum.midpoint.util.exception.TunnelException;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.CriticalityType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ErrorSelectorType;
 
 /**
@@ -52,32 +53,32 @@ public static String lookForMessage(Throwable e) {
 		return null;
 	}
 
-	public static boolean isSelected(ErrorSelectorType selector, Throwable exception, boolean defaultValue) {
+	public static CriticalityType getCriticality(ErrorSelectorType selector, Throwable exception, CriticalityType defaultValue) {
 		if (selector == null) {
 			return defaultValue;
 		}
 		if (exception instanceof CommunicationException) {
-			return isSelected(selector.isNetwork(), defaultValue);
+			return getCriticality(selector.getNetwork(), defaultValue);
 		}
 		if (exception instanceof SecurityViolationException) {
-			return isSelected(selector.isSecurity(), defaultValue);
+			return getCriticality(selector.getSecurity(), defaultValue);
 		}
 		if (exception instanceof PolicyViolationException) {
-			return isSelected(selector.isPolicy(), defaultValue);
+			return getCriticality(selector.getPolicy(), defaultValue);
 		}
 		if (exception instanceof SchemaException) {
-			return isSelected(selector.isSchema(), defaultValue);
+			return getCriticality(selector.getSchema(), defaultValue);
 		}
 		if (exception instanceof ConfigurationException || exception instanceof ExpressionEvaluationException) {
-			return isSelected(selector.isConfiguration(), defaultValue);
+			return getCriticality(selector.getConfiguration(), defaultValue);
 		}
 		if (exception instanceof UnsupportedOperationException) {
-			return isSelected(selector.isUnsupported(), defaultValue);
+			return getCriticality(selector.getUnsupported(), defaultValue);
 		}
-		return isSelected(selector.isGeneric(), defaultValue);
+		return getCriticality(selector.getGeneric(), defaultValue);
 	}
 
-	private static boolean isSelected(Boolean value, boolean defaultValue) {
+	private static CriticalityType getCriticality(CriticalityType value, CriticalityType defaultValue) {
 		if (value == null) {
 			return defaultValue;
 		} else {

infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010-2013 Evolveum
+ * Copyright (c) 2010-2018 Evolveum
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -85,23 +85,6 @@ public static String getConnectorOid(ResourceType resource) {
 		}
 	}
 
-	/**
-	 * The usage of "resolver" is experimental. Let's see if it will be
-	 * practical ...
-	 *
-	 * @see ObjectResolver
-	 */
-	public static ConnectorType getConnectorType(ResourceType resource, ObjectResolver resolver, OperationResult parentResult) throws ObjectNotFoundException, SchemaException {
-		if (resource.getConnector() != null) {
-			return resource.getConnector();
-		} else if (resource.getConnectorRef() != null) {
-			return resolver.resolve(resource.getConnectorRef(), ConnectorType.class,
-					null, "resolving connector in " + resource, null, parentResult);		// TODO task
-		} else {
-			return null;
-		}
-	}
-
 	@SuppressWarnings("unchecked")
 	public static PrismObject<ConnectorType> getConnectorIfPresent(PrismObject<ResourceType> resource) {
 		PrismReference existingConnectorRef = resource.findReference(ResourceType.F_CONNECTOR_REF);

infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SimpleObjectResolver.java

@@ -0,0 +1,39 @@
+/**
+ * Copyright (c) 2018 Evolveum
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.evolveum.midpoint.schema.util;
+
+import java.util.Collection;
+
+import com.evolveum.midpoint.prism.PrismObject;
+import com.evolveum.midpoint.schema.GetOperationOptions;
+import com.evolveum.midpoint.schema.SelectorOptions;
+import com.evolveum.midpoint.schema.result.OperationResult;
+import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
+import com.evolveum.midpoint.util.exception.SchemaException;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
+
+/**
+ * Object resolver for simple cases.
+ * Contrary to "full" ObjectResolver this interface does not require task to do the resolution.
+ * 
+ * @author Radovan Semancik
+ */
+public interface SimpleObjectResolver {
+
+	<O extends ObjectType> PrismObject<O> getObject(Class<O> type, String oid, Collection<SelectorOptions<GetOperationOptions>> options,
+			OperationResult parentResult)
+			throws ObjectNotFoundException, SchemaException;
+}