From f591b214814f5cf159b810710ac8094e7763fc30 Mon Sep 17 00:00:00 2001 From: Radovan Semancik Date: Tue, 28 Aug 2018 17:03:46 +0200 Subject: [PATCH] Improved error handling, cleaned up ObjectResolver, removed XPath support --- .../midpoint/gui/api/page/PageBase.java | 2 +- .../gui/api/util/ModelServiceLocator.java | 2 +- .../gui/api/util/WebModelServiceUtils.java | 4 +- .../prism/show/PagePreviewChanges.java | 2 +- .../prism/show/PreviewChangesTabPanel.java | 2 +- ...pprovalProcessExecutionInformationDto.java | 2 +- .../ApprovalStageExecutionInformationDto.java | 2 +- .../midpoint/web/page/login/PageLogin.java | 7 +- .../web/page/login/PageRegistrationBase.java | 21 +- .../web/page/self/PagePostAuthentication.java | 5 +- .../MidPointGuiAuthorizationEvaluator.java | 4 +- .../midpoint/web/TestIntegrationSecurity.java | 4 +- .../midpoint/schema/util/ExceptionUtil.java | 19 +- .../schema/util/ResourceTypeUtil.java | 19 +- .../schema/util/SimpleObjectResolver.java | 39 ++ .../xml/ns/public/common/common-core-3.xsd | 29 +- .../impl/CertificationManagerImpl.java | 6 +- .../handlers/BaseCertificationHandler.java | 2 +- .../model/api/ModelInteractionService.java | 24 +- model/model-common/pom.xml | 9 +- .../AbstractSearchExpressionEvaluator.java | 2 +- ...gnmentTargetSearchExpressionEvaluator.java | 2 +- ...ssociationFromLinkExpressionEvaluator.java | 8 +- ...iationTargetSearchExpressionEvaluator.java | 2 +- .../FunctionExpressionEvaluator.java | 2 +- .../GenerateExpressionEvaluator.java | 2 +- .../evaluator/PathExpressionEvaluator.java | 2 +- .../ReferenceSearchExpressionEvaluator.java | 2 +- .../expression/script/ScriptEvaluator.java | 9 +- .../expression/script/ScriptExpression.java | 13 +- .../script/ScriptExpressionEvaluator.java | 7 +- .../script/ScriptExpressionFactory.java | 2 +- .../script/ScriptExpressionUtil.java | 10 +- .../script/jsr223/Jsr223ScriptEvaluator.java | 11 +- .../velocity/VelocityScriptEvaluator.java | 11 +- .../xpath/LazyXPathVariableResolver.java | 239 ------- .../xpath/MidPointNamespaceContext.java | 66 -- .../ReflectionXPathFunctionResolver.java | 91 --- .../xpath/ReflectionXPathFunctionWrapper.java | 77 --- .../xpath/XPathExpressionCodeHolder.java | 118 ---- .../script/xpath/XPathScriptEvaluator.java | 421 ------------ .../model/common/mapping/MappingFactory.java | 2 +- .../model/common/mapping/MappingImpl.java | 10 +- .../AbstractValuePolicyOriginResolver.java | 6 +- .../ShadowValuePolicyOriginResolver.java | 2 +- .../UserValuePolicyOriginResolver.java | 2 +- .../common/expression/ExpressionTestUtil.java | 7 +- .../common/expression/TestExpression.java | 6 +- .../common/expression/TestExpressionUtil.java | 12 +- .../expression/script/AbstractScriptTest.java | 25 +- .../expression/script/TestScriptCaching.java | 11 +- .../script/TestXPathExpressions.java | 44 -- .../common/mapping/MappingTestEvaluator.java | 6 +- .../xpath/expression-func-concatname.xml | 25 - .../expression/xpath/expression-func.xml | 25 - .../expression/xpath/expression-list.xml | 27 - ...ression-objectref-variables-polystring.xml | 34 - .../xpath/expression-objectref-variables.xml | 36 - .../expression/xpath/expression-root-node.xml | 26 - .../expression/xpath/expression-simple.xml | 23 - .../xpath/expression-string-variables.xml | 27 - .../expression-user-extension-ship-path.xml | 28 - .../xpath/expression-user-extension-ship.xml | 25 - .../xpath/expression-user-given-name.xml | 26 - .../expression-user-stringify-full-name.xml | 27 - model/model-common/testng-unit.xml | 3 +- .../midpoint/model/impl/ModelCrudService.java | 7 +- .../model/impl/ModelObjectResolver.java | 19 +- .../impl/controller/MappingDiagEvaluator.java | 4 +- .../impl/controller/ModelController.java | 18 +- .../model/impl/controller/ModelImplUtils.java | 186 ----- .../ModelInteractionServiceImpl.java | 58 +- .../model/impl/expr/ExpressionHandler.java | 5 +- ...ImportAccountsFromResourceTaskHandler.java | 6 +- .../model/impl/importer/ObjectImporter.java | 4 +- .../ShadowIntegrityCheckResultHandler.java | 4 +- .../model/impl/lens/AbstractConstruction.java | 2 +- .../model/impl/lens/AssignmentEvaluator.java | 8 +- .../model/impl/lens/ChangeExecutor.java | 28 +- .../midpoint/model/impl/lens/Clockwork.java | 28 +- .../model/impl/lens/Construction.java | 6 +- .../model/impl/lens/LensOwnerResolver.java | 4 +- .../midpoint/model/impl/lens/LensUtil.java | 12 +- .../model/impl/lens/PersonaProcessor.java | 4 +- .../lens/projector/ActivationProcessor.java | 4 +- .../impl/lens/projector/ContextLoader.java | 14 +- .../impl/lens/projector/MappingEvaluator.java | 10 +- .../projector/ProjectionValuesProcessor.java | 5 +- .../model/impl/lens/projector/Projector.java | 7 +- .../projector/focus/AssignmentProcessor.java | 4 +- .../focus/AssignmentTripleEvaluator.java | 2 +- .../lens/projector/focus/FocusProcessor.java | 6 +- .../projector/focus/InboundProcessor.java | 4 +- .../focus/ObjectTemplateProcessor.java | 2 +- .../model/impl/scripting/VariablesUtil.java | 6 +- .../scripting/actions/ModifyExecutor.java | 4 +- .../scripting/actions/ScriptExecutor.java | 11 +- .../security/AuthenticationEvaluatorImpl.java | 18 +- .../security/MidpointRestAuthenticator.java | 4 +- ...intRestSecurityQuestionsAuthenticator.java | 4 +- .../model/impl/security/SecurityHelper.java | 19 +- ...ringAuthenticationInjectorInterceptor.java | 28 +- .../impl/security/UserProfileServiceImpl.java | 16 +- .../CorrelationConfirmationEvaluator.java | 8 +- .../model/impl/sync/LiveSyncTaskHandler.java | 6 +- .../model/impl/sync/RecomputeTaskHandler.java | 4 +- .../impl/sync/ReconciliationTaskHandler.java | 10 +- .../impl/sync/SynchronizationServiceImpl.java | 10 +- .../sync/SynchronizationServiceUtils.java | 4 +- .../sync/SynchronizeAccountResultHandler.java | 4 +- ...stractSearchIterativeModelTaskHandler.java | 2 +- .../util/{Utils.java => ModelImplUtils.java} | 649 +++++++++++------- .../src/main/resources/ctx-model.xml | 17 +- .../model/impl/TestRefinedSchema.java | 15 +- .../model/impl/controller/ModelUtilsTest.java | 2 +- .../model/impl/expr/TestModelExpressions.java | 11 +- .../lens/TestAbstractAssignmentEvaluator.java | 2 +- .../impl/lens/TestAssignmentProcessor2.java | 2 +- .../TestAbstractAuthenticationEvaluator.java | 10 +- .../intest/TestModelServiceContract.java | 25 +- .../model/intest/TestPreviewChanges.java | 21 +- .../model/intest/mapping/TestMapping.java | 37 +- .../intest/negative/TestBrokenResources.java | 89 ++- .../intest/password/AbstractPasswordTest.java | 3 +- .../intest/security/TestSecurityBasic.java | 2 +- .../resources/common/resource-dummy-black.xml | 4 +- .../resources/manual/resource-dummy-itsm.xml | 4 +- model/model-test/pom.xml | 5 + .../test/AbstractModelIntegrationTest.java | 14 +- .../midpoint/report/api/ReportService.java | 6 +- .../impl/MidPointLocalQueryExecutor.java | 4 +- .../report/impl/MidPointQueryExecutor.java | 4 +- .../report/impl/ReportCreateTaskHandler.java | 14 +- .../report/impl/ReportServiceImpl.java | 8 +- .../report/impl/ReportWebService.java | 23 +- .../aspect/BasePrimaryChangeAspect.java | 4 +- .../wf/impl/legacy/AbstractWfTestLegacy.java | 4 +- .../midpoint/repo/api/RepositoryService.java | 2 +- .../common}/DirectoryFileObjectResolver.java | 43 +- .../midpoint/repo/common}/ObjectResolver.java | 14 +- ...tResolvableExpressionEvaluatorFactory.java | 2 +- .../repo/common/expression/Expression.java | 6 +- .../common/expression/ExpressionFactory.java | 2 +- .../common/expression/ExpressionUtil.java | 22 +- .../test/AbstractIntegrationTest.java | 4 +- .../midpoint/test/RepoObjectResolver.java | 43 +- .../test/asserter/AbstractAsserter.java | 16 +- .../midpoint/security/api/OwnerResolver.java | 8 +- .../security/api/SecurityContextManager.java | 9 +- .../security/api/UserProfileService.java | 14 +- .../impl/SecurityContextManagerImpl.java | 7 +- .../quartzimpl/TaskManagerQuartzImpl.java | 10 +- .../quartzimpl/execution/JobExecutor.java | 6 +- 153 files changed, 1169 insertions(+), 2403 deletions(-) create mode 100644 infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SimpleObjectResolver.java delete mode 100644 model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/LazyXPathVariableResolver.java delete mode 100644 model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/MidPointNamespaceContext.java delete mode 100644 model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionResolver.java delete mode 100644 model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionWrapper.java delete mode 100644 model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathExpressionCodeHolder.java delete mode 100644 model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathScriptEvaluator.java delete mode 100644 model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestXPathExpressions.java delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-func-concatname.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-func.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-list.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-objectref-variables-polystring.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-objectref-variables.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-root-node.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-simple.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-string-variables.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship-path.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-user-given-name.xml delete mode 100644 model/model-common/src/test/resources/expression/xpath/expression-user-stringify-full-name.xml delete mode 100644 model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelImplUtils.java rename model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/{Utils.java => ModelImplUtils.java} (54%) rename {infra/test-util/src/main/java/com/evolveum/midpoint/test/util => repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common}/DirectoryFileObjectResolver.java (71%) rename {infra/schema/src/main/java/com/evolveum/midpoint/schema/util => repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common}/ObjectResolver.java (84%) diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java index 003ea8b89c9..1bebb62d1fe 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java @@ -41,6 +41,7 @@ import com.evolveum.midpoint.prism.query.builder.QueryBuilder; import com.evolveum.midpoint.prism.query.builder.S_FilterEntryOrEmpty; import com.evolveum.midpoint.repo.api.CacheDispatcher; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.Expression; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; @@ -51,7 +52,6 @@ import com.evolveum.midpoint.schema.internals.InternalsConfig; import com.evolveum.midpoint.schema.result.OperationConstants; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.AuthorizationConstants; import com.evolveum.midpoint.security.api.MidPointPrincipal; import com.evolveum.midpoint.security.api.OwnerResolver; diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java index cb19059db2c..97beeb9a084 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java @@ -19,8 +19,8 @@ import com.evolveum.midpoint.model.api.ModelInteractionService; import com.evolveum.midpoint.model.api.ModelService; import com.evolveum.midpoint.prism.PrismContext; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.security.enforcer.api.SecurityEnforcer; import com.evolveum.midpoint.task.api.Task; diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebModelServiceUtils.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebModelServiceUtils.java index 0420f04d84e..d8e7451587a 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebModelServiceUtils.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebModelServiceUtils.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -801,7 +801,7 @@ public static boolean isPostAuthenticationEnabled(TaskManager taskManager, Model if (StringUtils.isNotBlank(requiredLifecycleState) && requiredLifecycleState.equals(user.getLifecycleState())) { return true; } - } catch (ObjectNotFoundException | SchemaException e) { + } catch (CommonException e) { LoggingUtils.logException(LOGGER, "Cannot determine post authentication policies", e); } } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PagePreviewChanges.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PagePreviewChanges.java index 2e946b20e52..9eceeac1205 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PagePreviewChanges.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PagePreviewChanges.java @@ -23,8 +23,8 @@ import com.evolveum.midpoint.model.api.visualizer.Scene; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.delta.ObjectDelta; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.AuthorizationConstants; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.DebugUtil; diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PreviewChangesTabPanel.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PreviewChangesTabPanel.java index 2ccee29f748..5be8adba93a 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PreviewChangesTabPanel.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/prism/show/PreviewChangesTabPanel.java @@ -6,8 +6,8 @@ import com.evolveum.midpoint.model.api.context.ModelProjectionContext; import com.evolveum.midpoint.model.api.visualizer.Scene; import com.evolveum.midpoint.prism.delta.ObjectDelta; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.DebugUtil; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalProcessExecutionInformationDto.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalProcessExecutionInformationDto.java index 22353f22477..19a36e0bcba 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalProcessExecutionInformationDto.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalProcessExecutionInformationDto.java @@ -16,8 +16,8 @@ package com.evolveum.midpoint.web.page.admin.workflow.dto; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.WfContextUtil; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.xml.ns._public.common.common_3.ApprovalLevelOutcomeType; diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalStageExecutionInformationDto.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalStageExecutionInformationDto.java index 75f89204063..9ae01c51d56 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalStageExecutionInformationDto.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/dto/ApprovalStageExecutionInformationDto.java @@ -16,8 +16,8 @@ package com.evolveum.midpoint.web.page.admin.workflow.dto; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.schema.util.WfContextUtil; import com.evolveum.midpoint.task.api.Task; diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageLogin.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageLogin.java index 178403c9c6e..0de776213ab 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageLogin.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageLogin.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,6 +19,7 @@ import com.evolveum.midpoint.gui.api.page.PageBase; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommonException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.logging.Trace; @@ -74,7 +75,7 @@ public boolean isVisible() { SecurityPolicyType securityPolicy = null; try { securityPolicy = getModelInteractionService().getSecurityPolicy(null, null, parentResult); - } catch (ObjectNotFoundException | SchemaException e) { + } catch (CommonException e) { LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), e); } @@ -120,7 +121,7 @@ public boolean isVisible() { registrationPolicies = getModelInteractionService().getRegistrationPolicy(null, task, parentResult); } - } catch (ObjectNotFoundException | SchemaException e) { + } catch (CommonException e) { LOGGER.warn("Cannot read credentials policy: " + e.getMessage(), e); } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageRegistrationBase.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageRegistrationBase.java index 6b4b13e4ee9..357e882e6f5 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageRegistrationBase.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageRegistrationBase.java @@ -1,3 +1,18 @@ +/* + * Copyright (c) 2010-2018 Evolveum + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package com.evolveum.midpoint.web.page.login; import org.apache.wicket.RestartResponseException; @@ -10,6 +25,7 @@ import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.Producer; +import com.evolveum.midpoint.util.exception.CommonException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.logging.Trace; @@ -93,6 +109,7 @@ private void initResetCredentialsConfiguration() { private SecurityPolicyType resolveSecurityPolicy() { SecurityPolicyType securityPolicy = runPrivileged(new Producer() { + private static final long serialVersionUID = 1L; @Override public SecurityPolicyType run() { @@ -103,8 +120,8 @@ public SecurityPolicyType run() { try { return getModelInteractionService().getSecurityPolicy(null, task, result); - } catch (ObjectNotFoundException | SchemaException e) { - LOGGER.error("Could not retrieve security policy"); + } catch (CommonException e) { + LOGGER.error("Could not retrieve security policy: {}", e.getMessage(), e); return null; } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java index ecef681f3a0..0638ef5b897 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java @@ -40,6 +40,7 @@ import com.evolveum.midpoint.security.api.MidPointPrincipal; import com.evolveum.midpoint.security.api.UserProfileService; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommonException; import com.evolveum.midpoint.util.exception.CommunicationException; import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; @@ -208,8 +209,8 @@ protected void submitRegistration(AjaxRequestTarget target) { try { getModelInteractionService().refreshPrincipal(principal.getOid()); navigateToNext(getMidpointApplication().getHomePage()); - } catch (ObjectNotFoundException | SchemaException e) { - LOGGER.error("Errpr while refreshing user: ", e); + } catch (CommonException e) { + LOGGER.error("Error while refreshing user: ", e); target.add(PagePostAuthentication.this); } diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java index 78509ca1f55..5ad9401f5be 100644 --- a/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java +++ b/gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointGuiAuthorizationEvaluator.java @@ -96,7 +96,7 @@ public void setupPreAuthenticatedSecurityContext(Authentication authentication) } @Override - public void setupPreAuthenticatedSecurityContext(PrismObject user) throws SchemaException { + public void setupPreAuthenticatedSecurityContext(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { securityContextManager.setupPreAuthenticatedSecurityContext(user); } @@ -317,7 +317,7 @@ public MidPointPrincipal createDonorPrincipal(MidPointPrincipal attorneyPrincipa @Override - public T runAs(Producer producer, PrismObject user) throws SchemaException { + public T runAs(Producer producer, PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { return securityContextManager.runAs(producer, user); } diff --git a/gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationSecurity.java b/gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationSecurity.java index 0a75424e1ca..d82e8e99045 100644 --- a/gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationSecurity.java +++ b/gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationSecurity.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2016-2017 Evolveum + * Copyright (c) 2016-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -242,7 +242,7 @@ private void assertDeny(Authentication authentication, String path) { } - private Authentication createPasswordAuthentication(String username) throws ObjectNotFoundException, SchemaException { + private Authentication createPasswordAuthentication(String username) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(username); UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(principal, null, principal.getAuthorities()); return auth; diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ExceptionUtil.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ExceptionUtil.java index 6d77ba3be44..056b834e4b0 100644 --- a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ExceptionUtil.java +++ b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ExceptionUtil.java @@ -24,6 +24,7 @@ import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.exception.TunnelException; +import com.evolveum.midpoint.xml.ns._public.common.common_3.CriticalityType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ErrorSelectorType; /** @@ -52,32 +53,32 @@ public static String lookForMessage(Throwable e) { return null; } - public static boolean isSelected(ErrorSelectorType selector, Throwable exception, boolean defaultValue) { + public static CriticalityType getCriticality(ErrorSelectorType selector, Throwable exception, CriticalityType defaultValue) { if (selector == null) { return defaultValue; } if (exception instanceof CommunicationException) { - return isSelected(selector.isNetwork(), defaultValue); + return getCriticality(selector.getNetwork(), defaultValue); } if (exception instanceof SecurityViolationException) { - return isSelected(selector.isSecurity(), defaultValue); + return getCriticality(selector.getSecurity(), defaultValue); } if (exception instanceof PolicyViolationException) { - return isSelected(selector.isPolicy(), defaultValue); + return getCriticality(selector.getPolicy(), defaultValue); } if (exception instanceof SchemaException) { - return isSelected(selector.isSchema(), defaultValue); + return getCriticality(selector.getSchema(), defaultValue); } if (exception instanceof ConfigurationException || exception instanceof ExpressionEvaluationException) { - return isSelected(selector.isConfiguration(), defaultValue); + return getCriticality(selector.getConfiguration(), defaultValue); } if (exception instanceof UnsupportedOperationException) { - return isSelected(selector.isUnsupported(), defaultValue); + return getCriticality(selector.getUnsupported(), defaultValue); } - return isSelected(selector.isGeneric(), defaultValue); + return getCriticality(selector.getGeneric(), defaultValue); } - private static boolean isSelected(Boolean value, boolean defaultValue) { + private static CriticalityType getCriticality(CriticalityType value, CriticalityType defaultValue) { if (value == null) { return defaultValue; } else { diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java index 87075364b0c..3f808d2d1f9 100644 --- a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java +++ b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -85,23 +85,6 @@ public static String getConnectorOid(ResourceType resource) { } } - /** - * The usage of "resolver" is experimental. Let's see if it will be - * practical ... - * - * @see ObjectResolver - */ - public static ConnectorType getConnectorType(ResourceType resource, ObjectResolver resolver, OperationResult parentResult) throws ObjectNotFoundException, SchemaException { - if (resource.getConnector() != null) { - return resource.getConnector(); - } else if (resource.getConnectorRef() != null) { - return resolver.resolve(resource.getConnectorRef(), ConnectorType.class, - null, "resolving connector in " + resource, null, parentResult); // TODO task - } else { - return null; - } - } - @SuppressWarnings("unchecked") public static PrismObject getConnectorIfPresent(PrismObject resource) { PrismReference existingConnectorRef = resource.findReference(ResourceType.F_CONNECTOR_REF); diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SimpleObjectResolver.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SimpleObjectResolver.java new file mode 100644 index 00000000000..f0af0f4b9a0 --- /dev/null +++ b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SimpleObjectResolver.java @@ -0,0 +1,39 @@ +/** + * Copyright (c) 2018 Evolveum + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.evolveum.midpoint.schema.util; + +import java.util.Collection; + +import com.evolveum.midpoint.prism.PrismObject; +import com.evolveum.midpoint.schema.GetOperationOptions; +import com.evolveum.midpoint.schema.SelectorOptions; +import com.evolveum.midpoint.schema.result.OperationResult; +import com.evolveum.midpoint.util.exception.ObjectNotFoundException; +import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; + +/** + * Object resolver for simple cases. + * Contrary to "full" ObjectResolver this interface does not require task to do the resolution. + * + * @author Radovan Semancik + */ +public interface SimpleObjectResolver { + + PrismObject getObject(Class type, String oid, Collection> options, + OperationResult parentResult) + throws ObjectNotFoundException, SchemaException; +} diff --git a/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd b/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd index 40f0926a279..b9ecc02d602 100755 --- a/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd +++ b/infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd @@ -6261,7 +6261,6 @@ which error types to handle, etc. EXPERIMENTAL: use with care - TODO: change booleans to CriticalityType @@ -6269,21 +6268,21 @@ - + Selects network errors (connection refused, timeouts, unreachable network, connection resets, ...) - + Selects security issues (failed authentication, permission denied, ...) - + Selects policy violations. The operation failed because it violates @@ -6292,7 +6291,7 @@ - + Selects schema and data format errors. These are errors that data @@ -6301,7 +6300,7 @@ - + Selects configuration errors. These are caused by misconfiguration of @@ -6311,7 +6310,7 @@ - + Selects "unsupported operation" issues. These errors are caused by @@ -6324,7 +6323,7 @@ - + Selects generic, system and other non-specific issues. These errors @@ -6365,25 +6364,29 @@ Partial criticality. The error will be indicated, composite result of the operation will be presented as partial error, but the processing will NOT be interrupted. - The operation will try recover and continue. + The operation may try recover and continue. - - + + diff --git a/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/CertificationManagerImpl.java b/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/CertificationManagerImpl.java index b157b042d65..e8398d8f528 100644 --- a/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/CertificationManagerImpl.java +++ b/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/CertificationManagerImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -160,7 +160,7 @@ public AccessCertificationCampaignType createCampaign(String definitionOid, Task // Child result is intentionally created only when a certification campaign is to be started (to avoid useless creation of many empty records) void startAdHocCertifications(PrismObject focus, List actions, Task task, OperationResult parentResult) - throws SchemaException, ObjectNotFoundException { + throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Set definitionOids = new HashSet<>(); for (CertificationPolicyActionType action : actions) { if (action.getDefinitionRef() != null) { @@ -190,7 +190,7 @@ void startAdHocCertifications(PrismObject focus, parentResult.computeStatus(); return null; }, administrator); - } catch (RuntimeException e) { + } catch (Throwable e) { result.recordFatalError(e.getMessage(), e); // TODO throw e; } diff --git a/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/handlers/BaseCertificationHandler.java b/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/handlers/BaseCertificationHandler.java index ac54df610e6..33dc0c9fe8e 100644 --- a/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/handlers/BaseCertificationHandler.java +++ b/model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/handlers/BaseCertificationHandler.java @@ -28,9 +28,9 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.delta.ContainerDelta; import com.evolveum.midpoint.prism.delta.ObjectDelta; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.constants.ObjectTypes; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.*; diff --git a/model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java b/model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java index 17db5ace5b8..5c00c013b15 100644 --- a/model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java +++ b/model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java @@ -187,7 +187,7 @@ ModelContext previewChanges( */ ItemSecurityConstraints getAllowedRequestAssignmentItems(PrismObject object, PrismObject target, Task task, OperationResult result) throws SchemaException, SecurityViolationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException; - SecurityPolicyType getSecurityPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException; + SecurityPolicyType getSecurityPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; /** * Returns an authentications policies as defined in the system configuration security policy. This method is designed to be used @@ -196,34 +196,37 @@ ModelContext previewChanges( * * * @param task - *@param parentResult @return applicable credentials policy or null + * @param parentResult + * @return applicable credentials policy or null * @throws ObjectNotFoundException No system configuration or other major system inconsistency * @throws SchemaException Wrong schema or content of security policy */ - AuthenticationsPolicyType getAuthenticationPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException; + AuthenticationsPolicyType getAuthenticationPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; /** * Returns a policy for registration, e.g. type of the supported registrations (self, social,...) * * @param user user for who the policy should apply * @param task - *@param parentResult @return applicable credentials policy or null + * @param parentResult + * @return applicable credentials policy or null * @throws ObjectNotFoundException No system configuration or other major system inconsistency * @throws SchemaException Wrong schema or content of security policy * @deprecated */ - RegistrationsPolicyType getRegistrationPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException; + RegistrationsPolicyType getRegistrationPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; /** * Returns a policy for registration, e.g. type of the supported registrations (self, social,...) * * @param user user for who the policy should apply * @param task - *@param parentResult @return applicable credentials policy or null + * @param parentResult + * @return applicable credentials policy or null * @throws ObjectNotFoundException No system configuration or other major system inconsistency * @throws SchemaException Wrong schema or content of security policy */ - RegistrationsPolicyType getFlowPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException; + RegistrationsPolicyType getFlowPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; /** * Returns a credential policy that applies to the specified user. This method is designed to be used @@ -232,11 +235,12 @@ ModelContext previewChanges( * * @param user user for who the policy should apply * @param task - *@param parentResult @return applicable credentials policy or null + * @param parentResult + * @return applicable credentials policy or null * @throws ObjectNotFoundException No system configuration or other major system inconsistency * @throws SchemaException Wrong schema or content of security policy */ - CredentialsPolicyType getCredentialsPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException; + CredentialsPolicyType getCredentialsPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; /** * Returns currently applicable admin GUI configuration. The implementation will do all steps necessary to construct @@ -347,7 +351,7 @@ ExecuteCredentialResetResponseType executeCredentialsReset(PrismObject void clearCaches(); - void refreshPrincipal(String oid) throws ObjectNotFoundException, SchemaException; + void refreshPrincipal(String oid) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; List getRelationDefinitions(OperationResult parentResult) throws ObjectNotFoundException, SchemaException; diff --git a/model/model-common/pom.xml b/model/model-common/pom.xml index e0a6375930e..49ad807da4a 100644 --- a/model/model-common/pom.xml +++ b/model/model-common/pom.xml @@ -77,6 +77,11 @@ audit-api 3.9-SNAPSHOT + + com.evolveum.midpoint.repo + repo-common + 3.9-SNAPSHOT + com.evolveum.midpoint.repo repo-api @@ -150,10 +155,6 @@ javax.xml.bind jaxb-api - - net.sf.saxon - Saxon-HE - org.jetbrains annotations-java5 diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AbstractSearchExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AbstractSearchExpressionEvaluator.java index b23566e9b1e..f6f61dbc22c 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AbstractSearchExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AbstractSearchExpressionEvaluator.java @@ -43,6 +43,7 @@ import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.prism.query.QueryJaxbConvertor; import com.evolveum.midpoint.prism.util.CloneUtil; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.Expression; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; @@ -54,7 +55,6 @@ import com.evolveum.midpoint.schema.constants.ObjectTypes; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.QNameUtil; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssignmentTargetSearchExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssignmentTargetSearchExpressionEvaluator.java index 1612e555608..ff0464f7d3c 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssignmentTargetSearchExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssignmentTargetSearchExpressionEvaluator.java @@ -27,9 +27,9 @@ import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.delta.ItemDelta; import com.evolveum.midpoint.prism.path.ItemPath; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.schema.internals.InternalsConfig; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SystemException; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationFromLinkExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationFromLinkExpressionEvaluator.java index 70e10030e5c..8cfe54e66df 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationFromLinkExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationFromLinkExpressionEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014-2017 Evolveum + * Copyright (c) 2014-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,6 +32,7 @@ import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.prism.query.builder.QueryBuilder; import com.evolveum.midpoint.prism.query.builder.S_AtomicFilterExit; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluator; import com.evolveum.midpoint.prism.delta.ItemDelta; @@ -40,7 +41,6 @@ import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.constants.ExpressionConstants; import com.evolveum.midpoint.schema.util.FocusTypeUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.util.exception.*; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; @@ -84,7 +84,7 @@ public class AssociationFromLinkExpressionEvaluator */ @Override public PrismValueDeltaSetTriple> evaluate(ExpressionEvaluationContext context) throws SchemaException, - ExpressionEvaluationException, ObjectNotFoundException { + ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { String desc = context.getContextDescription(); @@ -200,7 +200,7 @@ private void gatherCandidateShadowsFromAbstractRole(AbstractRoleType thisRole, L private void gatherCandidateShadowsFromAbstractRoleRecurse(OrgType thisOrg, List< String > candidateShadowsOidList, Collection> options, - String desc, ExpressionEvaluationContext params) throws SchemaException, ObjectNotFoundException { + String desc, ExpressionEvaluationContext params) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationTargetSearchExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationTargetSearchExpressionEvaluator.java index d44be979f5e..6b03784c92d 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationTargetSearchExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/AssociationTargetSearchExpressionEvaluator.java @@ -34,13 +34,13 @@ import com.evolveum.midpoint.prism.query.AndFilter; import com.evolveum.midpoint.prism.query.ObjectFilter; import com.evolveum.midpoint.prism.query.ObjectQuery; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.schema.GetOperationOptions; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.constants.ExpressionConstants; import com.evolveum.midpoint.schema.internals.InternalsConfig; import com.evolveum.midpoint.schema.util.ObjectQueryUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.SchemaException; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/FunctionExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/FunctionExpressionEvaluator.java index fa1963e9d23..df8daac469d 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/FunctionExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/FunctionExpressionEvaluator.java @@ -29,6 +29,7 @@ import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.Expression; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluator; @@ -37,7 +38,6 @@ import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.SchemaConstantsGenerated; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.CommunicationException; import com.evolveum.midpoint.util.exception.ConfigurationException; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/GenerateExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/GenerateExpressionEvaluator.java index 50cd87b21dc..7629d8d4433 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/GenerateExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/GenerateExpressionEvaluator.java @@ -30,6 +30,7 @@ import com.evolveum.midpoint.prism.PrismPropertyValue; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluator; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; @@ -37,7 +38,6 @@ import com.evolveum.midpoint.repo.common.expression.ValuePolicyResolver; import com.evolveum.midpoint.prism.delta.ItemDelta; import com.evolveum.midpoint.schema.constants.ExpressionConstants; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.util.RandomString; import com.evolveum.midpoint.util.exception.CommunicationException; import com.evolveum.midpoint.util.exception.ConfigurationException; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/PathExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/PathExpressionEvaluator.java index cd66ce2ffc2..4b57f1dc137 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/PathExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/PathExpressionEvaluator.java @@ -31,12 +31,12 @@ import com.evolveum.midpoint.prism.path.ItemPath; import com.evolveum.midpoint.prism.path.ItemPathSegment; import com.evolveum.midpoint.prism.path.NameItemPathSegment; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluator; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ItemDeltaItem; import com.evolveum.midpoint.repo.common.expression.Source; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.util.QNameUtil; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/ReferenceSearchExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/ReferenceSearchExpressionEvaluator.java index f9f31c38424..1f961b8bd00 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/ReferenceSearchExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/ReferenceSearchExpressionEvaluator.java @@ -26,8 +26,8 @@ import com.evolveum.midpoint.prism.PrismReferenceValue; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.delta.ItemDelta; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptEvaluator.java index f4ea2b80c7a..6d89b5a216d 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,13 +18,16 @@ import com.evolveum.midpoint.model.common.expression.functions.FunctionLibrary; import com.evolveum.midpoint.prism.ItemDefinition; import com.evolveum.midpoint.prism.PrismValue; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionReturnTypeType; @@ -41,7 +44,7 @@ List evaluate(ScriptExpressionEvaluatorType express ItemDefinition outputDefinition, Function additionalConvertor, ScriptExpressionReturnTypeType suggestedReturnType, ObjectResolver objectResolver, Collection functions, String contextDescription, Task task, OperationResult result) - throws ExpressionEvaluationException, ObjectNotFoundException, ExpressionSyntaxException; + throws ExpressionEvaluationException, ObjectNotFoundException, ExpressionSyntaxException, CommunicationException, ConfigurationException, SecurityViolationException; /** * Returns human readable name of the language that this evaluator supports diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpression.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpression.java index bbd7e2171cf..3b6069614b5 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpression.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpression.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,15 +23,18 @@ import com.evolveum.midpoint.prism.ItemDefinition; import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.path.ItemPath; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.SchemaDebugUtil; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.DebugUtil; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; @@ -95,7 +98,7 @@ public void setAdditionalConvertor(Function additionalConvertor) public List evaluate(ExpressionVariables variables, ScriptExpressionReturnTypeType suggestedReturnType, boolean useNew, String contextDescription, Task task, OperationResult result) - throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { ScriptExpressionEvaluationContext context = new ScriptExpressionEvaluationContext(variables, contextDescription, result, task, this); context.setEvaluateNew(useNew); @@ -108,7 +111,7 @@ public List evaluate(ExpressionVariables variables, Sc traceExpressionSuccess(variables, contextDescription, expressionResult); return expressionResult; - } catch (ExpressionEvaluationException | ObjectNotFoundException | SchemaException | RuntimeException ex) { + } catch (ExpressionEvaluationException | ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | RuntimeException | Error ex) { traceExpressionFailure(variables, contextDescription, ex); throw ex; } finally { @@ -130,7 +133,7 @@ private void traceExpressionSuccess(ExpressionVariables variables, String shortD formatCode(), SchemaDebugUtil.prettyPrint(returnValue)); } - private void traceExpressionFailure(ExpressionVariables variables, String shortDesc, Exception exception) { + private void traceExpressionFailure(ExpressionVariables variables, String shortDesc, Throwable exception) { LOGGER.error("Expression error: {}", exception.getMessage(), exception); if (!isTrace()) { return; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionEvaluator.java index 8ea5c0d52e4..977470ccaf6 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,9 +27,12 @@ import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; @@ -54,7 +57,7 @@ public class ScriptExpressionEvaluator transformSingleValue(ExpressionVariables variables, PlusMinusZero valueDestination, boolean useNew, ExpressionEvaluationContext context, String contextDescription, Task task, OperationResult result) - throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { ScriptExpressionReturnTypeType returnType = getExpressionEvaluatorType().getReturnType(); if (returnType == null && isRelative()) { returnType = ScriptExpressionReturnTypeType.SCALAR; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionFactory.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionFactory.java index a0bcad3b476..47cea3b06b3 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionFactory.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionFactory.java @@ -27,6 +27,7 @@ import com.evolveum.midpoint.repo.api.RepositoryService; import com.evolveum.midpoint.repo.common.CacheRegistry; import com.evolveum.midpoint.repo.common.Cacheable; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.schema.GetOperationOptions; @@ -34,7 +35,6 @@ import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.constants.MidPointConstants; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.logging.Trace; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionUtil.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionUtil.java index 470daf61ebd..61c405ca093 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionUtil.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/ScriptExpressionUtil.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,13 +24,17 @@ import com.evolveum.midpoint.model.common.expression.functions.FunctionLibrary; import com.evolveum.midpoint.prism.PrismContext; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; /** * @author semancik @@ -40,7 +44,7 @@ public class ScriptExpressionUtil { public static Map prepareScriptVariables(ExpressionVariables variables, ObjectResolver objectResolver, Collection functions, - String contextDescription, PrismContext prismContext, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException { + String contextDescription, PrismContext prismContext, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Map scriptVariables = new HashMap<>(); // Functions if (functions != null) { diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/jsr223/Jsr223ScriptEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/jsr223/Jsr223ScriptEvaluator.java index d46766c7dc6..7efd550aac2 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/jsr223/Jsr223ScriptEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/jsr223/Jsr223ScriptEvaluator.java @@ -41,6 +41,7 @@ import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.xml.XsdTypeMapper; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; @@ -49,10 +50,12 @@ import com.evolveum.midpoint.schema.internals.InternalMonitor; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.ExceptionUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.exception.SystemException; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionReturnTypeType; @@ -94,7 +97,7 @@ public List evaluate(ScriptExpressionEvaluatorType ScriptExpressionReturnTypeType suggestedReturnType, ObjectResolver objectResolver, Collection functions, String contextDescription, Task task, OperationResult result) throws ExpressionEvaluationException, - ObjectNotFoundException, ExpressionSyntaxException { + ObjectNotFoundException, ExpressionSyntaxException, CommunicationException, ConfigurationException, SecurityViolationException { Bindings bindings = convertToBindings(variables, objectResolver, functions, contextDescription, task, result); @@ -164,7 +167,7 @@ public List evaluate(ScriptExpressionEvaluatorType public Object evaluateReportScript(String codeString, ExpressionVariables variables, ObjectResolver objectResolver, Collection functions, String contextDescription, OperationResult result) throws ExpressionEvaluationException, - ObjectNotFoundException, ExpressionSyntaxException { + ObjectNotFoundException, ExpressionSyntaxException, CommunicationException, ConfigurationException, SecurityViolationException { Bindings bindings = convertToBindings(variables, objectResolver, functions, contextDescription, (Task) null, result); @@ -219,7 +222,7 @@ private T convertScalarResult(Class expectedType, Function functions, - String contextDescription, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException { + String contextDescription, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Bindings bindings = scriptEngine.createBindings(); bindings.putAll(ScriptExpressionUtil.prepareScriptVariables(variables, objectResolver, functions, contextDescription, prismContext, task, result)); return bindings; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/velocity/VelocityScriptEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/velocity/VelocityScriptEvaluator.java index 1aec6abf964..fd83a90f1cb 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/velocity/VelocityScriptEvaluator.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/velocity/VelocityScriptEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,6 +23,7 @@ import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.xml.XsdTypeMapper; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; @@ -30,10 +31,12 @@ import com.evolveum.midpoint.schema.internals.InternalCounters; import com.evolveum.midpoint.schema.internals.InternalMonitor; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionReturnTypeType; import org.apache.velocity.VelocityContext; @@ -72,7 +75,7 @@ public List evaluate(ScriptExpressionEvaluatorType ScriptExpressionReturnTypeType suggestedReturnType, ObjectResolver objectResolver, Collection functions, String contextDescription, Task task, OperationResult result) throws ExpressionEvaluationException, - ObjectNotFoundException, ExpressionSyntaxException { + ObjectNotFoundException, ExpressionSyntaxException, CommunicationException, ConfigurationException, SecurityViolationException { VelocityContext context = createVelocityContext(variables, objectResolver, functions, contextDescription, task, result); @@ -128,7 +131,7 @@ public List evaluate(ScriptExpressionEvaluatorType private VelocityContext createVelocityContext(ExpressionVariables variables, ObjectResolver objectResolver, Collection functions, - String contextDescription, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException { + String contextDescription, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { VelocityContext context = new VelocityContext(); Map scriptVariables = ScriptExpressionUtil.prepareScriptVariables(variables, objectResolver, functions, contextDescription, prismContext, task, result); diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/LazyXPathVariableResolver.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/LazyXPathVariableResolver.java deleted file mode 100644 index cbbf11c20ec..00000000000 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/LazyXPathVariableResolver.java +++ /dev/null @@ -1,239 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.evolveum.midpoint.model.common.expression.script.xpath; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.List; - -import javax.xml.namespace.QName; -import javax.xml.xpath.XPathVariableResolver; - -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import com.evolveum.midpoint.prism.ItemDefinition; -import com.evolveum.midpoint.prism.Itemable; -import com.evolveum.midpoint.prism.Objectable; -import com.evolveum.midpoint.prism.PrismContext; -import com.evolveum.midpoint.prism.PrismObject; -import com.evolveum.midpoint.prism.PrismProperty; -import com.evolveum.midpoint.prism.PrismPropertyValue; -import com.evolveum.midpoint.prism.PrismValue; -import com.evolveum.midpoint.prism.path.ItemPath; -import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; -import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; -import com.evolveum.midpoint.schema.constants.SchemaConstants; -import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.util.DebugDumpable; -import com.evolveum.midpoint.util.exception.ObjectNotFoundException; -import com.evolveum.midpoint.util.exception.SchemaException; -import com.evolveum.midpoint.util.exception.TunnelException; -import com.evolveum.midpoint.util.logging.Trace; -import com.evolveum.midpoint.util.logging.TraceManager; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; - -/** - * XPath variable resolver that stores variables in the map and supports lazy - * resolution of objects. - * - * @author Igor Farinic - * @author Radovan Semancik - */ -public class LazyXPathVariableResolver implements XPathVariableResolver { - - private static final QName FAKE_VARIABLE_QNAME = new QName(SchemaConstants.NS_C, "fakeVar"); - - private ExpressionVariables variables; - private ObjectResolver objectResolver; - private String contextDescription; - private OperationResult result; - private PrismContext prismContext; - - private static final Trace LOGGER = TraceManager.getTrace(LazyXPathVariableResolver.class); - - public LazyXPathVariableResolver(ExpressionVariables variables, ObjectResolver objectResolver, - String contextDescription, PrismContext prismContext, OperationResult result) { - this.variables = variables; - this.objectResolver = objectResolver; - this.contextDescription = contextDescription; - this.result = result; - this.prismContext = prismContext; - } - - @Override - public Object resolveVariable(QName name) { - if (variables == null) { - return null; - } - - if (name != null && (name.getNamespaceURI() == null || name.getNamespaceURI().isEmpty())) { - LOGGER.warn("Using variable without a namespace ("+name+"), possible namespace problem (e.g. missing namespace prefix declaration) in "+contextDescription); - } - - // Note: null is a legal variable name here. It corresponds to the root node - Object variableValue = variables.get(name); - - if (variableValue == null) { - // TODO: warning ??? - return null; - } - - QName type = null; - - // Attempt to resolve object reference - if (objectResolver != null && variableValue instanceof ObjectReferenceType) { - ObjectReferenceType ref = (ObjectReferenceType)variableValue; - if (ref.getOid() == null) { - SchemaException newEx = new SchemaException("Null OID in reference in variable "+name+" in "+contextDescription, name); - throw new TunnelException(newEx); - } else { - type = ref.getType(); - try { - - variableValue = objectResolver.resolve(ref, ObjectType.class, null, contextDescription, null, result); // TODO task - - } catch (ObjectNotFoundException e) { - ObjectNotFoundException newEx = new ObjectNotFoundException("Object not found during variable "+name+" resolution in "+contextDescription+": "+e.getMessage(),e, ref.getOid()); - // We have no other practical way how to handle the error - throw new TunnelException(newEx); - } catch (SchemaException e) { - ExpressionSyntaxException newEx = new ExpressionSyntaxException("Schema error during variable "+name+" resolution in "+contextDescription+": "+e.getMessage(), e, name); - throw new TunnelException(newEx); - } - } - } - - try { - return convertToXml(variableValue, name, prismContext, contextDescription); - } catch (SchemaException e) { - throw new TunnelException(e); - } - } - - // May return primitive types or DOM Node - public static Object convertToXml(Object variableValue, QName variableName, final PrismContext prismContext, String contextDescription) throws SchemaException { - - try { - if (variableValue instanceof Objectable) { - variableValue = ((Objectable)variableValue).asPrismObject(); - } - - if (variableValue instanceof PrismObject) { - PrismObject prismObject = (PrismObject)variableValue; - variableValue = prismObject.getPrismContext().domSerializer().serialize(prismObject); - - } else if (variableValue instanceof PrismProperty) { - PrismProperty prismProperty = (PrismProperty)variableValue; - final List elementList = new ArrayList<>(); - for (PrismPropertyValue value: prismProperty.getValues()) { - Element valueElement = prismContext.domSerializer().serialize(value, prismProperty.getElementName()); - elementList.add(valueElement); - } - NodeList nodeList = new AdHocNodeList(elementList); - variableValue = nodeList; - - } else if (variableValue instanceof PrismValue) { - PrismValue pval = (PrismValue)variableValue; - if (pval.getParent() == null) { - // Set a fake parent to allow serialization - pval.setParent(new AdHocItemable(prismContext)); - } - variableValue = prismContext.domSerializer().serialize(pval, variableName); - } - - if (!((variableValue instanceof Node)||variableValue instanceof NodeList) - && !(variableValue.getClass().getPackage().getName().startsWith("java."))) { - throw new SchemaException("Unable to convert value of variable "+variableName+" to XML, still got "+variableValue.getClass().getName()+":"+variableValue+" value at the end"); - } - - // DEBUG hack -// if (LOGGER.isDebugEnabled()) { -// LOGGER.trace("VAR "+variableName+" - "+variableValue.getClass().getName()+":"); -// if (variableValue instanceof Node) { -// LOGGER.trace(DOMUtil.serializeDOMToString((Node)variableValue)); -// } else { -// LOGGER.trace(PrettyPrinter.prettyPrint(variableValue)); -// } -// } - - return variableValue; - - } catch (SchemaException e) { - if (variableValue != null && variableValue instanceof DebugDumpable) { - LOGGER.trace("Value of variable {}:\n{}", variableName, ((DebugDumpable)variableValue).debugDump()); - } - throw new SchemaException(e.getMessage() + " while processing variable "+variableName+" with value "+variableValue - +" in "+contextDescription, e); - } catch (RuntimeException e) { - if (variableValue != null && variableValue instanceof DebugDumpable) { - LOGGER.trace("Value of variable {}:\n{}", variableName, ((DebugDumpable)variableValue).debugDump()); - } - throw new RuntimeException(e.getClass().getName()+ ": "+e.getMessage() + " while processing variable "+variableName - +" with value "+variableValue+" in "+contextDescription, e); - } - } - - private static class AdHocNodeList implements NodeList, Serializable { - private final List elementList; - - public AdHocNodeList(List elementList) { - this.elementList = elementList; - } - - @Override - public Node item(int index) { - return elementList.get(index); - } - - @Override - public int getLength() { - return elementList.size(); - } - } - - private static class AdHocItemable implements Itemable, Serializable { - private transient final PrismContext prismContext; // might be a problem ... but XPath is not supported anyway - - public AdHocItemable(PrismContext prismContext) { - this.prismContext = prismContext; - } - - @Override - public PrismContext getPrismContext() { - return prismContext; - } - - @Override - public ItemPath getPath() { - return null; - } - - @Override - public QName getElementName() { - return FAKE_VARIABLE_QNAME; - } - - @Override - public ItemDefinition getDefinition() { - return null; - } - } -} diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/MidPointNamespaceContext.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/MidPointNamespaceContext.java deleted file mode 100644 index d1692bc9bd6..00000000000 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/MidPointNamespaceContext.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.evolveum.midpoint.model.common.expression.script.xpath; - -import java.util.HashMap; -import java.util.Iterator; -import java.util.Map; -import javax.xml.*; -import javax.xml.namespace.NamespaceContext; - -/** - * Used to register namespaces for prefixes for JAXP - * - * @see NamespaceContext - * - * @author Igor Farinic - */ - -public class MidPointNamespaceContext implements NamespaceContext { - - private Map map = new HashMap<>(); - - public MidPointNamespaceContext(Map map) { - this.map = map; - } - - @Override - public String getNamespaceURI(String prefix) { - if (prefix == null) - throw new IllegalArgumentException("Null prefix"); - - String namespace = (String) map.get(prefix); - if (null != namespace) { - return namespace; - } - - return XMLConstants.NULL_NS_URI; - } - - // This method isn't necessary for XPath processing. - @Override - public String getPrefix(String uri) { - throw new UnsupportedOperationException(); - } - - // This method isn't necessary for XPath processing either. - @Override - public Iterator getPrefixes(String uri) { - throw new UnsupportedOperationException(); - } - -} diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionResolver.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionResolver.java deleted file mode 100644 index 0e538669efa..00000000000 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionResolver.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.evolveum.midpoint.model.common.expression.script.xpath; - -import java.util.Collection; - -import javax.xml.namespace.QName; -import javax.xml.xpath.XPathFunction; -import javax.xml.xpath.XPathFunctionResolver; - -import com.evolveum.midpoint.model.common.expression.functions.FunctionLibrary; -import com.evolveum.midpoint.schema.constants.MidPointConstants; -import com.evolveum.midpoint.util.logging.Trace; -import com.evolveum.midpoint.util.logging.TraceManager; -import org.apache.commons.lang.StringUtils; - -/** - * @author semancik - * - */ -public class ReflectionXPathFunctionResolver implements XPathFunctionResolver { - - private static final Object LOG_FUNCTION_NAME = "logDebug"; - - public static final Trace LOGGER = TraceManager.getTrace(ReflectionXPathFunctionResolver.class); - - private Collection functions; - - public ReflectionXPathFunctionResolver(Collection functions) { - super(); - this.functions = functions; - } - - /* (non-Javadoc) - * @see javax.xml.xpath.XPathFunctionResolver#resolveFunction(javax.xml.namespace.QName, int) - */ - @Override - public XPathFunction resolveFunction(QName functionQName, int arity) { - boolean enableDebug = false; - String namespace = functionQName.getNamespaceURI(); - if (StringUtils.isEmpty(namespace)) { - namespace = MidPointConstants.NS_FUNC_BASIC; - enableDebug = true; - } else if (namespace.equals(MidPointConstants.NS_FUNC_BASIC)) { - enableDebug = true; - } - - FunctionLibrary lib = findLibrary(namespace); - if (lib == null) { - LOGGER.trace("Unknown namespace for function {} function with {} arguments", functionQName, arity); - return null; - } - - Object functionObject = null; - if (lib.getXmlFunctions() != null) { - functionObject = lib.getXmlFunctions(); - } else { - functionObject = lib.getGenericFunctions(); - } - - String functionName = functionQName.getLocalPart(); - - LOGGER.trace("Resolving to {} function with {} arguments", functionName, arity); - ReflectionXPathFunctionWrapper xPathFunction = new ReflectionXPathFunctionWrapper(functionObject, functionName, - arity, enableDebug); - return xPathFunction; - } - - private FunctionLibrary findLibrary(String namespace) { - for (FunctionLibrary lib: functions) { - if (lib.getNamespace().equals(namespace)) { - return lib; - } - } - return null; - } - -} diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionWrapper.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionWrapper.java deleted file mode 100644 index d3a1622b3ee..00000000000 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/ReflectionXPathFunctionWrapper.java +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.evolveum.midpoint.model.common.expression.script.xpath; - -import java.lang.reflect.InvocationTargetException; -import java.util.List; - -import javax.xml.xpath.XPathFunction; -import javax.xml.xpath.XPathFunctionException; - -import com.evolveum.midpoint.model.common.expression.functions.LogExpressionFunctions; -import com.evolveum.midpoint.util.ReflectionUtil; -import com.evolveum.midpoint.util.logging.Trace; -import com.evolveum.midpoint.util.logging.TraceManager; - -/** - * @author semancik - * - */ -public class ReflectionXPathFunctionWrapper implements XPathFunction { - -private static final Object LOG_FUNCTION_NAME = "logDebug"; - - public static final Trace LOGGER = TraceManager.getTrace(ReflectionXPathFunctionWrapper.class); - - private Object functionObject; - private String functionName; - private int arity; - private boolean enableDebug; - - ReflectionXPathFunctionWrapper(Object functionObject, String functionName, int arity, boolean enableDebug) { - super(); - this.functionObject = functionObject; - this.functionName = functionName; - this.arity = arity; - this.enableDebug = enableDebug; - } - - /* (non-Javadoc) - * @see javax.xml.xpath.XPathFunction#evaluate(java.util.List) - */ - @Override - public Object evaluate(List argList) throws XPathFunctionException { - if (enableDebug && LOG_FUNCTION_NAME.equals(functionName)) { - LogExpressionFunctions.LOGGER.debug("{}", ReflectionUtil.debugDumpArgList(argList)); - return null; - } - - try { - return ReflectionUtil.invokeMethod(functionObject, functionName, argList); - } catch (IllegalArgumentException e) { - throw new XPathFunctionException(e); - } catch (IllegalAccessException e) { - throw new XPathFunctionException(e); - } catch (InvocationTargetException e) { - throw new XPathFunctionException(e); - } catch (NoSuchMethodException e) { - LOGGER.error("Cannot find {} function with {} arguments: {}", new Object[]{functionName, arity, e}); - throw new XPathFunctionException(e); - } - - } - -} diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathExpressionCodeHolder.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathExpressionCodeHolder.java deleted file mode 100644 index 8ca67d9c134..00000000000 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathExpressionCodeHolder.java +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.evolveum.midpoint.model.common.expression.script.xpath; - -import java.util.Map; - -import com.evolveum.midpoint.prism.marshaller.TrivialItemPathParser; - -/** - * @author Radovan Semancik - * - */ -public class XPathExpressionCodeHolder { - - private String expression; // TODO think about this one! (there's a problem with namespaces now) - - public XPathExpressionCodeHolder(String expression) { - if (expression == null) { - throw new IllegalArgumentException("Attempt to create "+XPathExpressionCodeHolder.class.getSimpleName()+" with null DOM element"); - } - this.expression = expression; - } - -// public NodeList getExpression() { -// return dom.getChildNodes(); -// } - - public String getFullExpressionAsString() { - return expression; -// NodeList childNodes = dom.getChildNodes(); -// StringBuilder sb = new StringBuilder(); -// for (int i = 0; i < childNodes.getLength(); i++) { -// Node childNode = childNodes.item(i); -// if (childNode.getNodeType() == Node.TEXT_NODE || childNode.getNodeType() == Node.CDATA_SECTION_NODE) { -// sb.append(childNode.getNodeValue()); -// } else if (childNode.getNodeType() == Node.COMMENT_NODE) { -// // Silently ignore -// } else { -// // TODO: throw exception -// } -// } -// -// return sb.toString(); - } - - public String getExpressionAsString() { - - String stringExpression = getFullExpressionAsString(); - - // try to strip namespace declarations - TrivialItemPathParser parser = TrivialItemPathParser.parse(stringExpression); - stringExpression = parser.getPureItemPathString(); - - return stringExpression; - } - - public String lookupNamespaceUri(String prefix) { - // not available any more [pm] -// if (prefix == null || prefix.isEmpty()) { -// return dom.lookupNamespaceURI(null); -// } else { -// return dom.lookupNamespaceURI(prefix); -// } - return null; - } - - public Map getNamespaceMap() { - - Map namespaceMap = null; - - // Try to process XPath namespace declarations first - - String stringExpression = getFullExpressionAsString(); - - // try to strip namespace declarations - TrivialItemPathParser parser = TrivialItemPathParser.parse(stringExpression); - namespaceMap = parser.getNamespaceMap(); - - // this isn't available any more [pm] -// Node node = dom; -// while (node != null) { -// NamedNodeMap attributes = node.getAttributes(); -// if (attributes != null) { -// for (int i = 0; i < attributes.getLength(); i++) { -// Node attribute = attributes.item(i); -// if (attribute.getNamespaceURI() != null && attribute.getNamespaceURI().equals("http://www.w3.org/2000/xmlns/")) { -// String localName = attribute.getLocalName(); -// if (attribute.getPrefix() == null && localName.equals("xmlns")) { -// if (namespaceMap.get("") == null) { -// namespaceMap.put("", attribute.getNodeValue()); -// } -// } else { -// if (namespaceMap.get(localName) == null) { -// namespaceMap.put(localName, attribute.getNodeValue()); -// } -// } -// } -// } -// } -// node = node.getParentNode(); -// } - return namespaceMap; - } - -} diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathScriptEvaluator.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathScriptEvaluator.java deleted file mode 100644 index 6845d6036fe..00000000000 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/script/xpath/XPathScriptEvaluator.java +++ /dev/null @@ -1,421 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.evolveum.midpoint.model.common.expression.script.xpath; - -import com.evolveum.midpoint.model.common.expression.functions.FunctionLibrary; -import com.evolveum.midpoint.model.common.expression.script.ScriptEvaluator; -import com.evolveum.midpoint.prism.ItemDefinition; -import com.evolveum.midpoint.prism.PrismConstants; -import com.evolveum.midpoint.prism.PrismContext; -import com.evolveum.midpoint.prism.PrismPropertyValue; -import com.evolveum.midpoint.prism.PrismValue; -import com.evolveum.midpoint.prism.polystring.PolyString; -import com.evolveum.midpoint.prism.util.PrismUtil; -import com.evolveum.midpoint.prism.xml.XmlTypeConverter; -import com.evolveum.midpoint.prism.xml.XsdTypeMapper; -import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; -import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; -import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ExceptionUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.task.api.Task; -import com.evolveum.midpoint.util.DOMUtil; -import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; -import com.evolveum.midpoint.util.exception.ObjectNotFoundException; -import com.evolveum.midpoint.util.exception.SchemaException; -import com.evolveum.midpoint.util.exception.SystemException; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionReturnTypeType; -import com.evolveum.prism.xml.ns._public.types_3.PolyStringType; - -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; - -import javax.xml.namespace.QName; -import javax.xml.xpath.*; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; -import java.util.function.Function; - -/** - * @author Radovan Semancik - */ -public class XPathScriptEvaluator implements ScriptEvaluator { - - public static String XPATH_LANGUAGE_URL = "http://www.w3.org/TR/xpath/"; - - private XPathFactory factory = XPathFactory.newInstance(); - - private PrismContext prismContext; - - public XPathScriptEvaluator(PrismContext prismContext) { - this.prismContext = prismContext; - } - - @Override - public List evaluate(ScriptExpressionEvaluatorType expressionType, - ExpressionVariables variables, ItemDefinition outputDefinition, - Function additionalConvertor, - ScriptExpressionReturnTypeType suggestedReturnType, - ObjectResolver objectResolver, Collection functions, - String contextDescription, Task task, OperationResult result) throws ExpressionEvaluationException, - ObjectNotFoundException, ExpressionSyntaxException { - - String codeString = expressionType.getCode(); - if (codeString == null) { - throw new ExpressionEvaluationException("No script code in " + contextDescription); - } - - Class type = null; - - if (outputDefinition != null) { - QName xsdReturnType = outputDefinition.getTypeName(); - type = XsdTypeMapper.toJavaType(xsdReturnType); // may return null if unknown - } - if (type == null) { - type = (Class) Element.class; // actually, if outputDefinition is null, the return value is of no interest for us - } - - QName returnType = determineRerturnType(type, expressionType, outputDefinition, suggestedReturnType); - - Object evaluatedExpression = evaluate(returnType, codeString, variables, objectResolver, functions, - contextDescription, result); - - List propertyValues; - - boolean scalar = !outputDefinition.isMultiValue(); - if (expressionType.getReturnType() != null) { - scalar = isScalar(expressionType.getReturnType()); - } else if (suggestedReturnType != null) { - scalar = isScalar(suggestedReturnType); - } - - if (scalar) { - if (evaluatedExpression instanceof NodeList) { - NodeList evaluatedExpressionNodeList = (NodeList)evaluatedExpression; - if (evaluatedExpressionNodeList.getLength() > 1) { - throw new ExpressionEvaluationException("Expected scalar expression result but got a list result with "+evaluatedExpressionNodeList.getLength()+" elements in "+contextDescription); - } - if (evaluatedExpressionNodeList.getLength() == 0) { - evaluatedExpression = null; - } else { - evaluatedExpression = evaluatedExpressionNodeList.item(0); - } - } - propertyValues = new ArrayList<>(1); - V pval = convertScalar(type, returnType, evaluatedExpression, contextDescription); - if (pval instanceof PrismPropertyValue && !isNothing(((PrismPropertyValue)pval).getValue())) { - propertyValues.add(pval); - } - } else { - if (!(evaluatedExpression instanceof NodeList)) { - throw new IllegalStateException("The expression " + contextDescription + " resulted in " + evaluatedExpression.getClass().getName() + " while exprecting NodeList in "+contextDescription); - } - propertyValues = convertList(type, (NodeList) evaluatedExpression, contextDescription); - } - - return (List) PrismValue.cloneCollection(propertyValues); - } - - private boolean isScalar(ScriptExpressionReturnTypeType returnType) { - if (returnType == ScriptExpressionReturnTypeType.SCALAR) { - return true; - } else { - return false; - } - } - - private Object evaluate(QName returnType, String code, ExpressionVariables variables, ObjectResolver objectResolver, - Collection functions, - String contextDescription, OperationResult result) - throws ExpressionEvaluationException, ObjectNotFoundException, ExpressionSyntaxException { - - XPathExpressionCodeHolder codeHolder = new XPathExpressionCodeHolder(code); - //System.out.println("code " + code); - XPath xpath = factory.newXPath(); - XPathVariableResolver variableResolver = new LazyXPathVariableResolver(variables, objectResolver, - contextDescription, prismContext, result); - xpath.setXPathVariableResolver(variableResolver); - xpath.setNamespaceContext(new MidPointNamespaceContext(codeHolder.getNamespaceMap())); - xpath.setXPathFunctionResolver(getFunctionResolver(functions)); - - XPathExpression expr; - try { - - expr = xpath.compile(codeHolder.getExpressionAsString()); - - } catch (Exception e) { - Throwable originalException = ExceptionUtil.lookForTunneledException(e); - if (originalException != null && originalException instanceof ObjectNotFoundException) { - throw (ObjectNotFoundException) originalException; - } - if (originalException != null && originalException instanceof ExpressionSyntaxException) { - throw (ExpressionSyntaxException) originalException; - } - if (e instanceof XPathExpressionException) { - throw createExpressionEvaluationException(e, contextDescription); - } - if (e instanceof RuntimeException) { - throw (RuntimeException) e; - } - throw new SystemException(e.getMessage(), e); - } - - Object rootNode; - try { - rootNode = determineRootNode(variableResolver, contextDescription); - } catch (SchemaException e) { - throw new ExpressionSyntaxException(e.getMessage(), e); - } - Object evaluatedExpression; - - try { - - evaluatedExpression = expr.evaluate(rootNode, returnType); - - } catch (Exception e) { - Throwable originalException = ExceptionUtil.lookForTunneledException(e); - if (originalException != null && originalException instanceof ObjectNotFoundException) { - throw (ObjectNotFoundException) originalException; - } - if (originalException != null && originalException instanceof ExpressionSyntaxException) { - throw (ExpressionSyntaxException) originalException; - } - if (e instanceof XPathExpressionException) { - throw createExpressionEvaluationException(e, contextDescription); - } - if (e instanceof RuntimeException) { - throw (RuntimeException) e; - } - throw new SystemException(e.getMessage(), e); - } - - if (evaluatedExpression == null) { - return null; - } - - return evaluatedExpression; - } - - - private ExpressionEvaluationException createExpressionEvaluationException(Exception e, String contextDescription) { - return new ExpressionEvaluationException(lookForMessage(e) + " in " + contextDescription, e); - } - - public static String lookForMessage(Throwable e) { - // the net.sf.saxon.trans.XPathException lies. It has meaningless message. skip it. - if (e instanceof net.sf.saxon.trans.XPathException && e.getCause() != null) { - return lookForMessage(e.getCause()); - } - if (e.getMessage() != null) { - return e.getMessage(); - } - if (e.getCause() != null) { - return lookForMessage(e.getCause()); - } - return null; - } - - /** - * Kind of convenience magic. Try few obvious variables and set them as the root node - * for evaluation. This allow to use "fullName" instead of "$user/fullName". - */ - private Object determineRootNode(XPathVariableResolver variableResolver, String contextDescription) throws SchemaException { - Object rootNode = variableResolver.resolveVariable(null); - if (rootNode == null) { - // Add empty document instead of null so the expressions don't die with exception. - // This is necessary e.g. on deletes in sync when there may be nothing to evaluate. - return DOMUtil.getDocument(); - } else { - return LazyXPathVariableResolver.convertToXml(rootNode, null, prismContext, contextDescription); - } - } - - private QName determineRerturnType(Class type, ScriptExpressionEvaluatorType expressionType, - ItemDefinition outputDefinition, ScriptExpressionReturnTypeType suggestedReturnType) throws ExpressionEvaluationException { - - if (expressionType.getReturnType() == ScriptExpressionReturnTypeType.LIST || suggestedReturnType == ScriptExpressionReturnTypeType.LIST) { - return XPathConstants.NODESET; - } - - if (expressionType.getReturnType() == ScriptExpressionReturnTypeType.SCALAR) { - return toXPathReturnType(outputDefinition.getTypeName()); - } - - if (suggestedReturnType == ScriptExpressionReturnTypeType.LIST) { - return XPathConstants.NODESET; - } - - if (suggestedReturnType == ScriptExpressionReturnTypeType.SCALAR) { - return toXPathReturnType(outputDefinition.getTypeName()); - } - - if (outputDefinition.isMultiValue()) { - return XPathConstants.NODESET; - } else { - return toXPathReturnType(outputDefinition.getTypeName()); - } - } - - private QName toXPathReturnType(QName xsdTypeName) throws ExpressionEvaluationException { - if (xsdTypeName.equals(DOMUtil.XSD_STRING)) { - return XPathConstants.STRING; - } - if (xsdTypeName.equals(DOMUtil.XSD_FLOAT)) { - return XPathConstants.NUMBER; - } - if (xsdTypeName.equals(DOMUtil.XSD_DOUBLE)) { - return XPathConstants.NUMBER; - } - if (xsdTypeName.equals(DOMUtil.XSD_INT)) { - return XPathConstants.NUMBER; - } - if (xsdTypeName.equals(DOMUtil.XSD_INTEGER)) { - return XPathConstants.NUMBER; - } - if (xsdTypeName.equals(DOMUtil.XSD_LONG)) { - return XPathConstants.NUMBER; - } - if (xsdTypeName.equals(DOMUtil.XSD_BOOLEAN)) { - return XPathConstants.BOOLEAN; - } - if (xsdTypeName.equals(DOMUtil.XSD_DATETIME)) { - return XPathConstants.STRING; - } - if (xsdTypeName.equals(PolyStringType.COMPLEX_TYPE)) { - return XPathConstants.STRING; - } - throw new ExpressionEvaluationException("Unsupported return type " + xsdTypeName); - } - - - /* - if (type.equals(String.class)) - { - return XPathConstants.STRING; - } - if (type.equals(Double.class) || type.equals(double.class)) { - return XPathConstants.NUMBER; - } - if (type.equals(Integer.class) || type.equals(int.class)) { - return XPathConstants.NUMBER; - } - if (type.equals(Long.class) || type.equals(long.class)) { - return XPathConstants.NUMBER; - } - if (type.equals(Boolean.class) || type.equals(boolean.class)) { - return XPathConstants.BOOLEAN; - } - if (type.equals(NodeList.class)) { - if (expressionType.getReturnType() == ScriptExpressionReturnTypeType.SCALAR) { - // FIXME: is this OK? - return XPathConstants.STRING; - } else { - return XPathConstants.NODESET; - } - } - if (type.equals(Node.class)) { - return XPathConstants.NODE; - } - if (type.equals(PolyString.class) || type.equals(PolyStringType.class)) { - return XPathConstants.STRING; - } - throw new ExpressionEvaluationException("Unsupported return type " + type); - } -*/ - private V convertScalar(Class type, QName returnType, Object value, - String contextDescription) throws ExpressionEvaluationException { - if (value instanceof ObjectReferenceType){ - return (V) ((ObjectReferenceType) value).asReferenceValue(); - } - - if (type.isAssignableFrom(value.getClass())) { - return (V) new PrismPropertyValue<>((T) value); - } - try { - T resultValue = null; - if (value instanceof String) { - resultValue = XmlTypeConverter.toJavaValue((String) value, type); - } else if (value instanceof Boolean) { - resultValue = (T)value; - } else if (value instanceof Element) { - resultValue = XmlTypeConverter.convertValueElementAsScalar((Element) value, type); - } else { - throw new ExpressionEvaluationException("Unexpected scalar return type " + value.getClass().getName()); - } - if (returnType.equals(PrismConstants.POLYSTRING_TYPE_QNAME) && resultValue instanceof String) { - resultValue = (T) new PolyString((String)resultValue); - } - PrismUtil.recomputeRealValue(resultValue, prismContext); - - return (V) new PrismPropertyValue<>(resultValue); - } catch (SchemaException e) { - throw new ExpressionEvaluationException("Error converting result of " - + contextDescription + ": " + e.getMessage(), e); - } catch (IllegalArgumentException e) { - throw new ExpressionEvaluationException("Error converting result of " - + contextDescription + ": " + e.getMessage(), e); - } - } - - private List convertList(Class type, NodeList valueNodes, String contextDescription) throws - ExpressionEvaluationException { - List values = new ArrayList<>(); - if (valueNodes == null) { - return values; - } - - try { - List list = XmlTypeConverter.convertValueElementAsList(valueNodes, type); - for (T item : list) { - if (item instanceof ObjectReferenceType){ - values.add((V)((ObjectReferenceType) item).asReferenceValue()); - } - if (isNothing(item)) { - continue; - } - values.add((V) new PrismPropertyValue<>(item)); - } - return values; - } catch (SchemaException e) { - throw new ExpressionEvaluationException("Error converting return value of " + contextDescription + ": " + e.getMessage(), e); - } catch (IllegalArgumentException e) { - throw new ExpressionEvaluationException("Error converting return value of " + contextDescription + ": " + e.getMessage(), e); - } - } - - private boolean isNothing(T value) { - return value == null || ((value instanceof String) && ((String) value).isEmpty()); - } - - private XPathFunctionResolver getFunctionResolver(Collection functions) { - return new ReflectionXPathFunctionResolver(functions); - } - - @Override - public String getLanguageName() { - return "XPath 2.0"; - } - - @Override - public String getLanguageUrl() { - return XPATH_LANGUAGE_URL; - } - -} diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingFactory.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingFactory.java index 9e61c2bb4e1..638823b91ee 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingFactory.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingFactory.java @@ -21,9 +21,9 @@ import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.crypto.Protector; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.MappingType; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingImpl.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingImpl.java index d676e00a1da..aa71cce90d3 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingImpl.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingImpl.java @@ -41,6 +41,7 @@ import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; import com.evolveum.midpoint.prism.delta.ItemDelta; import com.evolveum.midpoint.prism.path.ItemPath; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.Expression; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; @@ -56,7 +57,6 @@ import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.SchemaDebugUtil; import com.evolveum.midpoint.security.api.SecurityContextManager; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.DOMUtil; import com.evolveum.midpoint.util.DebugDumpable; @@ -720,14 +720,14 @@ private boolean computeConditionResult(Collection> b return ExpressionUtil.computeConditionResult(booleanPropertyValues); } - public Boolean evaluateTimeConstraintValid(Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + public Boolean evaluateTimeConstraintValid(Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (timeConstraintValid == null) { parseTimeConstraints(task, result); } return timeConstraintValid; } - private void parseTimeConstraints(Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + private void parseTimeConstraints(Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MappingTimeDeclarationType timeFromType = mappingType.getTimeFrom(); MappingTimeDeclarationType timeToType = mappingType.getTimeTo(); if (timeFromType == null && timeToType == null) { @@ -778,7 +778,7 @@ private void parseTimeConstraints(Task task, OperationResult result) throws Sche } } - private XMLGregorianCalendar parseTime(MappingTimeDeclarationType timeType, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + private XMLGregorianCalendar parseTime(MappingTimeDeclarationType timeType, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (timeType == null) { return null; } @@ -805,7 +805,7 @@ private XMLGregorianCalendar parseTime(MappingTimeDeclarationType timeType, Task return time; } - private XMLGregorianCalendar parseTimeSource(VariableBindingDefinitionType sourceType, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + private XMLGregorianCalendar parseTimeSource(VariableBindingDefinitionType sourceType, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { ItemPathType itemPathType = sourceType.getPath(); if (itemPathType == null) { throw new SchemaException("No path in source definition in "+getMappingContextDescription()); diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/AbstractValuePolicyOriginResolver.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/AbstractValuePolicyOriginResolver.java index ec777d8f3cd..e6298d172c5 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/AbstractValuePolicyOriginResolver.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/AbstractValuePolicyOriginResolver.java @@ -18,12 +18,12 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.prism.query.builder.QueryBuilder; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.GetOperationOptions; import com.evolveum.midpoint.schema.ResourceShadowDiscriminator; import com.evolveum.midpoint.schema.ResultHandler; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ShadowUtil; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.Holder; @@ -99,7 +99,7 @@ private void handleObject(ResultHandler handler, Opera handler.handle((PrismObject) getObject(), result); } - private

void handlePersonas(ResultHandler

handler, String contextDescription, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException { + private

void handlePersonas(ResultHandler

handler, String contextDescription, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { PrismObject object = getObject(); if (!object.canRepresent(UserType.class)) { return; @@ -110,7 +110,7 @@ private

void handlePersonas(ResultHandler

handler, Str } } - private

void handleProjections(ResultHandler

handler, ProhibitedValueItemType prohibitedValueItemType, String contextDescription, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException { + private

void handleProjections(ResultHandler

handler, ProhibitedValueItemType prohibitedValueItemType, String contextDescription, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { PrismObject object = getObject(); // Not very efficient. We will usually read the shadows again, as they are already in model context. // It will also work only for the items that are stored in shadow (usually not attributes, unless caching is enabled). diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/ShadowValuePolicyOriginResolver.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/ShadowValuePolicyOriginResolver.java index 9975d508101..f0e6d8f54d5 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/ShadowValuePolicyOriginResolver.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/ShadowValuePolicyOriginResolver.java @@ -18,7 +18,7 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.prism.query.builder.QueryBuilder; -import com.evolveum.midpoint.schema.util.ObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType; import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; diff --git a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/UserValuePolicyOriginResolver.java b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/UserValuePolicyOriginResolver.java index cb9e93947d7..8a376c09f4c 100644 --- a/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/UserValuePolicyOriginResolver.java +++ b/model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/UserValuePolicyOriginResolver.java @@ -18,7 +18,7 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.prism.query.builder.QueryBuilder; -import com.evolveum.midpoint.schema.util.ObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; /** diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/ExpressionTestUtil.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/ExpressionTestUtil.java index 9b3ca70c242..fd38f625f7b 100644 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/ExpressionTestUtil.java +++ b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/ExpressionTestUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017 Evolveum + * Copyright (c) 2013-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,6 +23,7 @@ import org.apache.commons.configuration.BaseConfiguration; import org.apache.commons.configuration.Configuration; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.evaluator.AsIsExpressionEvaluatorFactory; import com.evolveum.midpoint.repo.common.expression.evaluator.LiteralExpressionEvaluatorFactory; @@ -35,11 +36,9 @@ import com.evolveum.midpoint.model.common.expression.script.ScriptExpressionEvaluatorFactory; import com.evolveum.midpoint.model.common.expression.script.ScriptExpressionFactory; import com.evolveum.midpoint.model.common.expression.script.jsr223.Jsr223ScriptEvaluator; -import com.evolveum.midpoint.model.common.expression.script.xpath.XPathScriptEvaluator; import com.evolveum.midpoint.model.common.stringpolicy.ValuePolicyProcessor; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.crypto.ProtectorImpl; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.test.util.MidPointTestConstants; @@ -98,8 +97,6 @@ public static ExpressionFactory createInitializedExpressionFactory(ObjectResolve ScriptExpressionFactory scriptExpressionFactory = new ScriptExpressionFactory(prismContext, protector, repositoryService); scriptExpressionFactory.setObjectResolver(resolver); scriptExpressionFactory.setFunctions(functions); - XPathScriptEvaluator xpathEvaluator = new XPathScriptEvaluator(prismContext); - scriptExpressionFactory.registerEvaluator(XPathScriptEvaluator.XPATH_LANGUAGE_URL, xpathEvaluator); Jsr223ScriptEvaluator groovyEvaluator = new Jsr223ScriptEvaluator("Groovy", prismContext, protector, LocalizationTestUtil.getLocalizationService()); scriptExpressionFactory.registerEvaluator(groovyEvaluator.getLanguageUrl(), groovyEvaluator); ScriptExpressionEvaluatorFactory scriptExpressionEvaluatorFactory = new ScriptExpressionEvaluatorFactory(scriptExpressionFactory, securityContextManager); diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpression.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpression.java index 0f7a3892dea..6aa58e29a72 100644 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpression.java +++ b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpression.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017 Evolveum + * Copyright (c) 2013-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,6 +21,8 @@ import java.io.File; import java.io.IOException; +import com.evolveum.midpoint.repo.common.DirectoryFileObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.Expression; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; @@ -40,8 +42,6 @@ import com.evolveum.midpoint.schema.internals.InternalCounters; import com.evolveum.midpoint.schema.internals.InternalMonitor; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.test.util.DirectoryFileObjectResolver; import com.evolveum.midpoint.test.util.MidPointTestConstants; import com.evolveum.midpoint.test.util.TestUtil; import com.evolveum.midpoint.util.DOMUtil; diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpressionUtil.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpressionUtil.java index 6c24e43111a..c27cdc5c5ac 100644 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpressionUtil.java +++ b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/TestExpressionUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -51,8 +51,12 @@ import com.evolveum.midpoint.test.util.MidPointTestConstants; import com.evolveum.midpoint.util.DOMUtil; import com.evolveum.midpoint.util.PrettyPrinter; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; /** @@ -187,17 +191,17 @@ public void testResolvePathPolyStringOdoNorm() throws Exception { } - private T resolvePath(String path, final String TEST_NAME) throws SchemaException, ObjectNotFoundException, IOException { + private T resolvePath(String path, final String TEST_NAME) throws SchemaException, ObjectNotFoundException, IOException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { ExpressionVariables variables = createVariables(); return resolvePath(path, variables, TEST_NAME); } - private T resolvePathOdo(String path, final String TEST_NAME) throws SchemaException, ObjectNotFoundException, IOException { + private T resolvePathOdo(String path, final String TEST_NAME) throws SchemaException, ObjectNotFoundException, IOException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { ExpressionVariables variables = createVariablesOdo(); return resolvePath(path, variables, TEST_NAME); } - private T resolvePath(String path, ExpressionVariables variables, final String TEST_NAME) throws SchemaException, ObjectNotFoundException { + private T resolvePath(String path, ExpressionVariables variables, final String TEST_NAME) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = new OperationResult(TestExpressionUtil.class.getName() + "." + TEST_NAME); ItemPath itemPath = toItemPath(path); diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/AbstractScriptTest.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/AbstractScriptTest.java index 125f437f585..1284ce28e42 100644 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/AbstractScriptTest.java +++ b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/AbstractScriptTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,6 +44,8 @@ import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.crypto.ProtectorImpl; import com.evolveum.midpoint.prism.util.PrismTestUtil; +import com.evolveum.midpoint.repo.common.DirectoryFileObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.MidPointPrismContextFactory; @@ -51,14 +53,15 @@ import com.evolveum.midpoint.schema.constants.SchemaConstants; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.test.util.DirectoryFileObjectResolver; import com.evolveum.midpoint.test.util.TestUtil; import com.evolveum.midpoint.util.DOMUtil; import com.evolveum.midpoint.util.PrettyPrinter; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; @@ -254,7 +257,7 @@ private ScriptExpressionEvaluatorType parseScriptType(String fileName) throws Sc } private List> evaluateExpression(ScriptExpressionEvaluatorType scriptType, ItemDefinition outputDefinition, - ExpressionVariables variables, String shortDesc, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + ExpressionVariables variables, String shortDesc, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { ScriptExpression scriptExpression = createScriptExpression(scriptType, outputDefinition, shortDesc); List> resultValues = scriptExpression.evaluate(variables, null, false, shortDesc, null, result); if (resultValues != null) { @@ -276,7 +279,7 @@ private ScriptExpression createScriptExpression(ScriptExpressionEvaluatorType ex } private List> evaluateExpression(ScriptExpressionEvaluatorType scriptType, QName typeName, boolean scalar, - ExpressionVariables variables, String shortDesc, OperationResult opResult) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + ExpressionVariables variables, String shortDesc, OperationResult opResult) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { ItemDefinition outputDefinition = new PrismPropertyDefinitionImpl(PROPERTY_NAME, typeName, PrismTestUtil.getPrismContext()); if (!scalar) { ((ItemDefinitionImpl) outputDefinition).setMaxOccurs(-1); @@ -285,7 +288,7 @@ private List> evaluateExpression(ScriptExpressionEvalu } private PrismPropertyValue evaluateExpressionScalar(ScriptExpressionEvaluatorType scriptType, QName typeName, - ExpressionVariables variables, String shortDesc, OperationResult opResult) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + ExpressionVariables variables, String shortDesc, OperationResult opResult) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { List> expressionResultList = evaluateExpression(scriptType, typeName, true, variables, shortDesc, opResult); return asScalar(expressionResultList, shortDesc); } @@ -300,25 +303,25 @@ private PrismPropertyValue asScalar(List> expressio return expressionResultList.iterator().next(); } - protected void evaluateAndAssertStringScalarExpresssion(String fileName, String testName, ExpressionVariables variables, String expectedValue) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException { + protected void evaluateAndAssertStringScalarExpresssion(String fileName, String testName, ExpressionVariables variables, String expectedValue) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { List> expressionResultList = evaluateStringExpresssion(fileName, testName, variables, true); PrismPropertyValue expressionResult = asScalar(expressionResultList, testName); assertNotNull("Expression "+testName+" resulted in null value (expected '"+expectedValue+"')", expressionResult); assertEquals("Expression "+testName+" resulted in wrong value", expectedValue, expressionResult.getValue()); } - private void evaluateAndAssertStringListExpresssion(String fileName, String testName, ExpressionVariables variables, String... expectedValues) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException { + private void evaluateAndAssertStringListExpresssion(String fileName, String testName, ExpressionVariables variables, String... expectedValues) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { List> expressionResultList = evaluateStringExpresssion(fileName, testName, variables, true); TestUtil.assertSetEquals("Expression "+testName+" resulted in wrong values", PrismPropertyValue.getValues(expressionResultList), expectedValues); } - protected void evaluateAndAssertBooleanScalarExpresssion(String fileName, String testName, ExpressionVariables variables, Boolean expectedValue) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException { + protected void evaluateAndAssertBooleanScalarExpresssion(String fileName, String testName, ExpressionVariables variables, Boolean expectedValue) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { List> expressionResultList = evaluateBooleanExpresssion(fileName, testName, variables, true); PrismPropertyValue expressionResult = asScalar(expressionResultList, testName); assertNotNull("Expression "+testName+" resulted in null value (expected '"+expectedValue+"')", expressionResult); assertEquals("Expression "+testName+" resulted in wrong value", expectedValue, expressionResult.getValue()); } - private List> evaluateStringExpresssion(String fileName, String testName, ExpressionVariables variables, boolean scalar) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException { + private List> evaluateStringExpresssion(String fileName, String testName, ExpressionVariables variables, boolean scalar) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { displayTestTitle(testName); ScriptExpressionEvaluatorType scriptType = parseScriptType(fileName); OperationResult opResult = new OperationResult(testName); @@ -326,7 +329,7 @@ private List> evaluateStringExpresssion(String fileNa return evaluateExpression(scriptType, DOMUtil.XSD_STRING, true, variables, testName, opResult); } - private List> evaluateBooleanExpresssion(String fileName, String testName, ExpressionVariables variables, boolean scalar) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException { + private List> evaluateBooleanExpresssion(String fileName, String testName, ExpressionVariables variables, boolean scalar) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { displayTestTitle(testName); ScriptExpressionEvaluatorType scriptType = parseScriptType(fileName); OperationResult opResult = new OperationResult(testName); diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestScriptCaching.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestScriptCaching.java index 3bb86f3761d..2d2a8198aff 100644 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestScriptCaching.java +++ b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestScriptCaching.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,6 +44,8 @@ import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.crypto.ProtectorImpl; import com.evolveum.midpoint.prism.util.PrismTestUtil; +import com.evolveum.midpoint.repo.common.DirectoryFileObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.MidPointPrismContextFactory; @@ -51,14 +53,15 @@ import com.evolveum.midpoint.schema.internals.InternalCounters; import com.evolveum.midpoint.schema.internals.InternalMonitor; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.test.util.DirectoryFileObjectResolver; import com.evolveum.midpoint.test.util.TestUtil; import com.evolveum.midpoint.util.DOMUtil; import com.evolveum.midpoint.util.PrettyPrinter; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; /** @@ -139,7 +142,7 @@ private void assertScriptMonitor(int expCompilations, int expExecutions, String assertEquals("Unexpected number of script executions after "+desc, expExecutions, InternalMonitor.getCount(InternalCounters.SCRIPT_EXECUTION_COUNT)); } - private long executeScript(String filname, String expectedResult, String desc) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException { + private long executeScript(String filname, String expectedResult, String desc) throws SchemaException, IOException, JAXBException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { // GIVEN OperationResult result = new OperationResult(desc); ScriptExpressionEvaluatorType scriptType = parseScriptType(filname); diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestXPathExpressions.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestXPathExpressions.java deleted file mode 100644 index 63aae973e52..00000000000 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/expression/script/TestXPathExpressions.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 2010-2013 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.evolveum.midpoint.model.common.expression.script; - -import com.evolveum.midpoint.model.common.expression.script.xpath.XPathScriptEvaluator; -import com.evolveum.midpoint.prism.PrismContext; -import com.evolveum.midpoint.prism.crypto.Protector; - -import java.io.File; - -/** - * @author Radovan Semancik - */ -public class TestXPathExpressions extends AbstractScriptTest { - - @Override - protected ScriptEvaluator createEvaluator(PrismContext prismContext, Protector protector) { - return new XPathScriptEvaluator(prismContext); - } - - @Override - protected File getTestDir() { - return new File(BASE_TEST_DIR, "xpath"); - } - - @Override - protected boolean supportsRootNode() { - return true; - } - -} diff --git a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/mapping/MappingTestEvaluator.java b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/mapping/MappingTestEvaluator.java index 33127fb85c4..63b61bea7cc 100644 --- a/model/model-common/src/test/java/com/evolveum/midpoint/model/common/mapping/MappingTestEvaluator.java +++ b/model/model-common/src/test/java/com/evolveum/midpoint/model/common/mapping/MappingTestEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,6 +28,8 @@ import org.xml.sax.SAXException; +import com.evolveum.midpoint.repo.common.DirectoryFileObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.ObjectDeltaObject; import com.evolveum.midpoint.repo.common.expression.Source; @@ -52,8 +54,6 @@ import com.evolveum.midpoint.schema.constants.MidPointConstants; import com.evolveum.midpoint.schema.constants.SchemaConstants; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.test.util.DirectoryFileObjectResolver; import com.evolveum.midpoint.test.util.MidPointTestConstants; import com.evolveum.midpoint.test.util.TestUtil; import com.evolveum.midpoint.util.PrettyPrinter; diff --git a/model/model-common/src/test/resources/expression/xpath/expression-func-concatname.xml b/model/model-common/src/test/resources/expression/xpath/expression-func-concatname.xml deleted file mode 100644 index e0b646befe8..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-func-concatname.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-func.xml b/model/model-common/src/test/resources/expression/xpath/expression-func.xml deleted file mode 100644 index ac801e40a70..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-func.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-list.xml b/model/model-common/src/test/resources/expression/xpath/expression-list.xml deleted file mode 100644 index 664651e0fdd..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-list.xml +++ /dev/null @@ -1,27 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-objectref-variables-polystring.xml b/model/model-common/src/test/resources/expression/xpath/expression-objectref-variables-polystring.xml deleted file mode 100644 index d9498d0906a..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-objectref-variables-polystring.xml +++ /dev/null @@ -1,34 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-objectref-variables.xml b/model/model-common/src/test/resources/expression/xpath/expression-objectref-variables.xml deleted file mode 100644 index eec8bda4444..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-objectref-variables.xml +++ /dev/null @@ -1,36 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-root-node.xml b/model/model-common/src/test/resources/expression/xpath/expression-root-node.xml deleted file mode 100644 index d60efe9fe34..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-root-node.xml +++ /dev/null @@ -1,26 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-simple.xml b/model/model-common/src/test/resources/expression/xpath/expression-simple.xml deleted file mode 100644 index 32ac1bf5918..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-simple.xml +++ /dev/null @@ -1,23 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-string-variables.xml b/model/model-common/src/test/resources/expression/xpath/expression-string-variables.xml deleted file mode 100644 index 84b1ff6ec3e..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-string-variables.xml +++ /dev/null @@ -1,27 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship-path.xml b/model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship-path.xml deleted file mode 100644 index a7ebb126633..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship-path.xml +++ /dev/null @@ -1,28 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship.xml b/model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship.xml deleted file mode 100644 index 1a9f3e7673b..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-user-extension-ship.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-user-given-name.xml b/model/model-common/src/test/resources/expression/xpath/expression-user-given-name.xml deleted file mode 100644 index e2a7a82d640..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-user-given-name.xml +++ /dev/null @@ -1,26 +0,0 @@ - - - - diff --git a/model/model-common/src/test/resources/expression/xpath/expression-user-stringify-full-name.xml b/model/model-common/src/test/resources/expression/xpath/expression-user-stringify-full-name.xml deleted file mode 100644 index a7d5bb39818..00000000000 --- a/model/model-common/src/test/resources/expression/xpath/expression-user-stringify-full-name.xml +++ /dev/null @@ -1,27 +0,0 @@ - - - - diff --git a/model/model-common/testng-unit.xml b/model/model-common/testng-unit.xml index 3bd7feff2d5..b3eb36e6bb8 100644 --- a/model/model-common/testng-unit.xml +++ b/model/model-common/testng-unit.xml @@ -1,6 +1,6 @@ - diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelCrudService.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelCrudService.java index 21ed436e308..42a7e5ab569 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelCrudService.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelCrudService.java @@ -33,8 +33,7 @@ import org.springframework.stereotype.Component; import com.evolveum.midpoint.model.api.ModelExecuteOptions; -import com.evolveum.midpoint.model.impl.controller.ModelImplUtils; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.delta.ChangeType; @@ -182,7 +181,7 @@ public void notifyChange(ResourceObjectShadowChangeDescriptionType changeDescrip } Collection> deltas = new ArrayList<>(); deltas.add(delta); - Utils.encrypt(deltas, protector, null, parentResult); + ModelImplUtils.encrypt(deltas, protector, null, parentResult); eventDescription.setDelta(delta); eventDescription.setSourceChannel(changeDescription.getChannel()); @@ -261,7 +260,7 @@ public String addObject(PrismObject object, ModelExecu OperationResult result = parentResult.createSubresult(ADD_OBJECT); result.addParam(OperationResult.PARAM_OBJECT, object); - Utils.resolveReferences(object, repository, false, false, EvaluationTimeType.IMPORT, true, prismContext, result); + ModelImplUtils.resolveReferences(object, repository, false, false, EvaluationTimeType.IMPORT, true, prismContext, result); String oid; RepositoryCache.enter(); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelObjectResolver.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelObjectResolver.java index b7c68f5281d..fbf071d38e4 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelObjectResolver.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelObjectResolver.java @@ -36,12 +36,12 @@ import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.provisioning.api.ProvisioningService; import com.evolveum.midpoint.repo.api.RepositoryService; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.GetOperationOptions; import com.evolveum.midpoint.schema.ResultHandler; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.constants.ObjectTypes; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.CommonException; import com.evolveum.midpoint.util.exception.CommunicationException; @@ -82,7 +82,7 @@ public class ModelObjectResolver implements ObjectResolver { @Override public O resolve(ObjectReferenceType ref, Class expectedType, Collection> options, - String contextDescription, Object task, OperationResult result) throws ObjectNotFoundException, SchemaException { + String contextDescription, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { String oid = ref.getOid(); Class typeClass = null; QName typeQName = ref.getType(); @@ -92,19 +92,7 @@ public O resolve(ObjectReferenceType ref, Class expect if (typeClass != null && expectedType.isAssignableFrom(typeClass)) { expectedType = (Class) typeClass; } - try { - return getObject(expectedType, oid, options, (Task) task, result); - } catch (SystemException ex) { - throw ex; - } catch (ObjectNotFoundException ex) { - throw ex; - } catch (CommonException ex) { - LoggingUtils.logException(LOGGER, "Error resolving object with oid {}", ex, oid); - // Add to result only a short version of the error, the details will be in subresults - result.recordFatalError( - "Couldn't get object with oid '" + oid + "': "+ex.getErrorTypeMessage(), ex); - throw new SystemException("Error resolving object with oid '" + oid + "': "+ex.getMessage(), ex); - } + return getObject(expectedType, oid, options, task, result); } public PrismObject resolve(PrismReferenceValue refVal, String string, Task task, OperationResult result) throws ObjectNotFoundException { @@ -143,6 +131,7 @@ public T getObjectSimple(Class clazz, String oid, GetO } } + @Override public T getObject(Class clazz, String oid, Collection> options, Task task, OperationResult result) throws ObjectNotFoundException, CommunicationException, SchemaException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { T objectType = null; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/MappingDiagEvaluator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/MappingDiagEvaluator.java index e16912bb84e..40b7c4e4803 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/MappingDiagEvaluator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/MappingDiagEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -122,7 +122,7 @@ private PrismObjectDefinition createTargetContext(MappingEvaluationRequestTyp } private ObjectDeltaObject createSourceContext(MappingEvaluationRequestType request, Task task, - OperationResult result) throws SchemaException, ObjectNotFoundException { + OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (request.getSourceContext() == null) { return null; } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java index b5a4ca77ad4..bbbb0a4ed38 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java @@ -30,7 +30,7 @@ import com.evolveum.midpoint.model.impl.lens.*; import com.evolveum.midpoint.model.impl.scripting.ExecutionContext; import com.evolveum.midpoint.model.impl.scripting.ScriptingExpressionEvaluator; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.delta.ChangeType; @@ -211,7 +211,7 @@ public PrismObject getObject(Class clazz, String oi ObjectReferenceType ref = new ObjectReferenceType(); ref.setOid(oid); ref.setType(ObjectTypes.getObjectType(clazz).getTypeQName()); - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); // Special-purpose code to hunt down read-write resource fetch from GUI. // Normally the code is not active. It is too brutal. Just for MID-3424. @@ -362,13 +362,13 @@ public Collection> executeChanges(fin // 3) for MODIFY operation: filters contained in deltas -> these have to be treated here, because if OID is missing from such a delta, the change would be rejected by the repository if (ModelExecuteOptions.isReevaluateSearchFilters(options)) { for (ObjectDelta delta : deltas) { - Utils.resolveReferences(delta, cacheRepositoryService, false, true, EvaluationTimeType.IMPORT, true, prismContext, result); + ModelImplUtils.resolveReferences(delta, cacheRepositoryService, false, true, EvaluationTimeType.IMPORT, true, prismContext, result); } } else if (ModelExecuteOptions.isIsImport(options)) { // if plain import is requested, we simply evaluate filters in ADD operation (and we do not force reevaluation if OID is already set) for (ObjectDelta delta : deltas) { if (delta.isAdd()) { - Utils.resolveReferences(delta.getObjectToAdd(), cacheRepositoryService, false, false, EvaluationTimeType.IMPORT, true, prismContext, result); + ModelImplUtils.resolveReferences(delta.getObjectToAdd(), cacheRepositoryService, false, false, EvaluationTimeType.IMPORT, true, prismContext, result); } } } @@ -376,7 +376,7 @@ public Collection> executeChanges(fin // But before that we need to make sure that we have proper definition, otherwise we // might miss some encryptable data in dynamic schemas applyDefinitions(deltas, options, task, result); - Utils.encrypt(deltas, protector, options, result); + ModelImplUtils.encrypt(deltas, protector, options, result); if (LOGGER.isTraceEnabled()) { LOGGER.trace("MODEL.executeChanges(\n deltas:\n{}\n options:{}", DebugUtil.debugDump(deltas, 2), options); @@ -394,7 +394,7 @@ public Collection> executeChanges(fin // Go directly to repository AuditEventRecord auditRecord = new AuditEventRecord(AuditEventType.EXECUTE_CHANGES_RAW, AuditEventStage.REQUEST); auditRecord.addDeltas(ObjectDeltaOperation.cloneDeltaCollection(deltas)); - auditRecord.setTarget(Utils.determineAuditTarget(deltas)); + auditRecord.setTarget(ModelImplUtils.determineAuditTarget(deltas)); // we don't know auxiliary information (resource, objectName) at this moment -- so we do nothing auditService.audit(auditRecord, task); try { @@ -458,7 +458,7 @@ public Collection> executeChanges(fin } try { if (ObjectTypes.isClassManagedByProvisioning(delta.getObjectTypeClass())) { - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); provisioning.deleteObject(delta.getObjectTypeClass(), delta.getOid(), ProvisioningOperationOptions.createRaw(), null, task, result1); } else { @@ -648,7 +648,7 @@ private void reevaluateSearchFilters(Class objectTypeC try { PrismObject storedObject = cacheRepositoryService.getObject(objectTypeClass, oid, null, result); PrismObject updatedObject = storedObject.clone(); - Utils.resolveReferences(updatedObject, cacheRepositoryService, false, true, EvaluationTimeType.IMPORT, true, prismContext, result); + ModelImplUtils.resolveReferences(updatedObject, cacheRepositoryService, false, true, EvaluationTimeType.IMPORT, true, prismContext, result); ObjectDelta delta = storedObject.diff(updatedObject); if (LOGGER.isTraceEnabled()) { LOGGER.trace("reevaluateSearchFilters found delta: {}", delta.debugDump()); @@ -686,7 +686,7 @@ public void recompute(Class type, String oid, ModelExe try { - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); PrismObject focus = objectResolver.getObject(type, oid, null, task, result).asPrismContainer(); LOGGER.debug("Recomputing {}", focus); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelImplUtils.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelImplUtils.java deleted file mode 100644 index 58b6add158c..00000000000 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelImplUtils.java +++ /dev/null @@ -1,186 +0,0 @@ -/* - * Copyright (c) 2010-2018 Evolveum - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.evolveum.midpoint.model.impl.controller; - -import com.evolveum.midpoint.model.api.ModelAuthorizationAction; -import com.evolveum.midpoint.model.impl.lens.LensContext; -import com.evolveum.midpoint.prism.PrismObject; -import com.evolveum.midpoint.prism.delta.ObjectDelta; -import com.evolveum.midpoint.prism.query.ObjectPaging; -import com.evolveum.midpoint.schema.constants.ObjectTypes; -import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.FocusTypeUtil; -import com.evolveum.midpoint.util.exception.ConfigurationException; -import com.evolveum.midpoint.util.exception.SystemException; -import com.evolveum.midpoint.util.logging.LoggingUtils; -import com.evolveum.midpoint.util.logging.Trace; -import com.evolveum.midpoint.util.logging.TraceManager; -import com.evolveum.midpoint.xml.ns._public.common.common_3.*; -import org.jetbrains.annotations.NotNull; - -import javax.xml.namespace.QName; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; - -/** - * - * @author lazyman - * - */ -public class ModelImplUtils { - - private static final Trace LOGGER = TraceManager.getTrace(ModelImplUtils.class); - - public static void validatePaging(ObjectPaging paging) { - if (paging == null) { - return; - } - - if (paging.getMaxSize() != null && paging.getMaxSize().longValue() < 0) { - throw new IllegalArgumentException("Paging max size must be more than 0."); - } - if (paging.getOffset() != null && paging.getOffset().longValue() < 0) { - throw new IllegalArgumentException("Paging offset index must be more than 0."); - } - } - - public static void recordFatalError(OperationResult result, Throwable e) { - recordFatalError(result, e.getMessage(), e); - } - - public static void recordFatalError(OperationResult result, String message, Throwable e) { - // Do not log at ERROR level. This is too harsh. Especially in object not found case. - // What model considers an error may be just a normal situation for the code is using model API. - // If this is really an error then it should be logged by the invoking code. - LoggingUtils.logExceptionOnDebugLevel(LOGGER, message, e); - result.recordFatalError(message, e); - result.cleanupResult(e); - } - - public static void recordPartialError(OperationResult result, Throwable e) { - recordPartialError(result, e.getMessage(), e); - } - - public static void recordPartialError(OperationResult result, String message, Throwable e) { - // Do not log at ERROR level. This is too harsh. Especially in object not found case. - // What model considers an error may be just a normal situation for the code is using model API. - // If this is really an error then it should be logged by the invoking code. - LoggingUtils.logExceptionOnDebugLevel(LOGGER, message, e); - result.recordPartialError(message, e); - result.cleanupResult(e); - } - - public static String getOperationUrlFromDelta(ObjectDelta delta) { - if (delta == null) { - return null; - } - if (delta.isAdd()) { - return ModelAuthorizationAction.ADD.getUrl(); - } - if (delta.isModify()) { - return ModelAuthorizationAction.MODIFY.getUrl(); - } - if (delta.isDelete()) { - return ModelAuthorizationAction.DELETE.getUrl(); - } - throw new IllegalArgumentException("Unknown delta type "+delta); - } - - - // from the most to least appropriate - @NotNull - public static List getApplicablePolicies( - Class objectClass, List objectSubtypes, SystemConfigurationType systemConfigurationType) - throws ConfigurationException { - List rv = new ArrayList<>(); - List typeNoSubtype = new ArrayList<>(); - List typeWithSubtype = new ArrayList<>(); - List noTypeNoSubtype = new ArrayList<>(); - List noTypeWithSubtype = new ArrayList<>(); - List all = new ArrayList<>(); - - all.addAll(systemConfigurationType.getDefaultObjectPolicyConfiguration()); - all.addAll(systemConfigurationType.getObjectTemplate()); // deprecated - if (objectClass == UserType.class) { - // Deprecated method to specify user template. For compatibility only - ObjectReferenceType templateRef = systemConfigurationType.getDefaultUserTemplateRef(); - if (templateRef != null) { - all.add(new ObjectPolicyConfigurationType().objectTemplateRef(templateRef.clone())); - } - } - - for (ObjectPolicyConfigurationType aPolicyConfigurationType: all) { - QName typeQName = aPolicyConfigurationType.getType(); - if (typeQName != null) { - ObjectTypes objectType = ObjectTypes.getObjectTypeFromTypeQName(typeQName); - if (objectType == null) { - throw new ConfigurationException( - "Unknown type " + typeQName + " in default object policy definition or object template definition in system configuration"); - } - if (objectType.getClassDefinition() == objectClass) { - String aSubType = aPolicyConfigurationType.getSubtype(); - if (aSubType == null) { - typeNoSubtype.add(aPolicyConfigurationType); - } else if (objectSubtypes != null && objectSubtypes.contains(aSubType)) { - typeWithSubtype.add(aPolicyConfigurationType); - } - } - } else { - String aSubType = aPolicyConfigurationType.getSubtype(); - if (aSubType == null) { - noTypeNoSubtype.add(aPolicyConfigurationType); - } else if (objectSubtypes != null && objectSubtypes.contains(aSubType)) { - noTypeWithSubtype.add(aPolicyConfigurationType); - } - } - } - rv.addAll(typeWithSubtype); - rv.addAll(typeNoSubtype); - rv.addAll(noTypeWithSubtype); - rv.addAll(noTypeNoSubtype); - return rv; - } - - @NotNull - public static List getApplicablePolicies(LensContext context) { - PrismObject config = context.getSystemConfiguration(); - if (config == null) { - return Collections.emptyList(); - } - PrismObject object = context.getFocusContext() != null ? context.getFocusContext().getObjectAny() : null; - List subTypes = FocusTypeUtil.determineSubTypes(object); - List relevantPolicies; - try { - relevantPolicies = ModelImplUtils.getApplicablePolicies(context.getFocusContext().getObjectTypeClass(), subTypes, - config.asObjectable()); - } catch (ConfigurationException e) { - throw new SystemException("Couldn't get relevant object policies", e); - } - LOGGER.trace("Relevant policies: {}", relevantPolicies); - return relevantPolicies; - } - - public static ConflictResolutionType getConflictResolution(LensContext context) { - for (ObjectPolicyConfigurationType p : ModelImplUtils.getApplicablePolicies(context)) { - if (p.getConflictResolution() != null) { - return p.getConflictResolution(); - } - } - return null; - } - -} diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java index c108dcac4ec..a8f5055c248 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java @@ -79,6 +79,7 @@ import com.evolveum.midpoint.model.impl.lens.projector.MappingEvaluator; import com.evolveum.midpoint.model.impl.lens.projector.Projector; import com.evolveum.midpoint.model.impl.security.SecurityHelper; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.model.impl.visualizer.Visualizer; import com.evolveum.midpoint.prism.crypto.EncryptionException; import com.evolveum.midpoint.prism.crypto.Protector; @@ -693,18 +694,18 @@ public boolean canSearch(Class r @Override public AuthenticationsPolicyType getAuthenticationPolicy(PrismObject user, Task task, - OperationResult parentResult) throws ObjectNotFoundException, SchemaException { + OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { // TODO: check for user membership in an organization (later versions) - OperationResult result = parentResult.createMinorSubresult(GET_AUTHENTICATIONS_POLICY); - return resolvePolicyTypeFromSecurityPolicy(AuthenticationsPolicyType.class, SecurityPolicyType.F_AUTHENTICATION, user, task, result); + OperationResult result = parentResult.createMinorSubresult(GET_AUTHENTICATIONS_POLICY); + return resolvePolicyTypeFromSecurityPolicy(AuthenticationsPolicyType.class, SecurityPolicyType.F_AUTHENTICATION, user, task, result); } @Override @Deprecated public RegistrationsPolicyType getRegistrationPolicy(PrismObject user, Task task, OperationResult parentResult) - throws ObjectNotFoundException, SchemaException { + throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { // TODO: check for user membership in an organization (later versions) OperationResult result = parentResult.createMinorSubresult(GET_REGISTRATIONS_POLICY); @@ -714,7 +715,7 @@ public RegistrationsPolicyType getRegistrationPolicy(PrismObject user, @Override public RegistrationsPolicyType getFlowPolicy(PrismObject user, Task task, OperationResult parentResult) - throws ObjectNotFoundException, SchemaException { + throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { // TODO: check for user membership in an organization (later versions) OperationResult result = parentResult.createMinorSubresult(GET_REGISTRATIONS_POLICY); return resolvePolicyTypeFromSecurityPolicy(RegistrationsPolicyType.class, SecurityPolicyType.F_FLOW, user, task, @@ -723,16 +724,14 @@ public RegistrationsPolicyType getFlowPolicy(PrismObject user, Task ta @Override - public CredentialsPolicyType getCredentialsPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException { + public CredentialsPolicyType getCredentialsPolicy(PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { // TODO: check for user membership in an organization (later versions) - OperationResult result = parentResult.createMinorSubresult(GET_CREDENTIALS_POLICY); - return resolvePolicyTypeFromSecurityPolicy(CredentialsPolicyType.class, SecurityPolicyType.F_CREDENTIALS, user, task, result); - - + OperationResult result = parentResult.createMinorSubresult(GET_CREDENTIALS_POLICY); + return resolvePolicyTypeFromSecurityPolicy(CredentialsPolicyType.class, SecurityPolicyType.F_CREDENTIALS, user, task, result); } - private C resolvePolicyTypeFromSecurityPolicy(Class type, QName path, PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException { + private C resolvePolicyTypeFromSecurityPolicy(Class type, QName path, PrismObject user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { SecurityPolicyType securityPolicyType = getSecurityPolicy(user, task, parentResult); if (securityPolicyType == null) { @@ -748,23 +747,24 @@ private C resolvePolicyTypeFromSecurityPolicy(Class user, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException { + public SecurityPolicyType getSecurityPolicy(PrismObject user, Task task, OperationResult parentResult) + throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = parentResult.createMinorSubresult(GET_SECURITY_POLICY); try { - PrismObject systemConfiguration = systemObjectCache.getSystemConfiguration(result); - if (systemConfiguration == null) { - result.recordNotApplicableIfUnknown(); - return null; - } - - SecurityPolicyType securityPolicyType = securityHelper.locateSecurityPolicy(user, systemConfiguration, task, result); - if (securityPolicyType == null) { - result.recordNotApplicableIfUnknown(); - return null; - } - - return securityPolicyType; - }catch (SchemaException e) { + PrismObject systemConfiguration = systemObjectCache.getSystemConfiguration(result); + if (systemConfiguration == null) { + result.recordNotApplicableIfUnknown(); + return null; + } + + SecurityPolicyType securityPolicyType = securityHelper.locateSecurityPolicy(user, systemConfiguration, task, result); + if (securityPolicyType == null) { + result.recordNotApplicableIfUnknown(); + return null; + } + + return securityPolicyType; + } catch (Throwable e) { result.recordFatalError(e); throw e; } @@ -1124,7 +1124,7 @@ private void generateValue(PrismObject object, ValuePo } private ValuePolicyType resolveValuePolicy(PolicyItemDefinitionType policyItemDefinition, ValuePolicyType defaultPolicy, - Task task, OperationResult result) throws ObjectNotFoundException, SchemaException { + Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (policyItemDefinition.getValuePolicyRef() != null) { LOGGER.trace("Trying to resolve value policy {} for policy item definition", policyItemDefinition); return objectResolver.resolve(policyItemDefinition.getValuePolicyRef(), ValuePolicyType.class, null, @@ -1669,11 +1669,11 @@ public void clearCaches() { } @Override - public void refreshPrincipal(String oid) throws ObjectNotFoundException, SchemaException { + public void refreshPrincipal(String oid) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { try { MidPointPrincipal principal = userProfileService.getPrincipalByOid(oid); securityContextManager.setupPreAuthenticatedSecurityContext(principal); - } catch (ObjectNotFoundException | SchemaException e) { + } catch (Throwable e) { LOGGER.error("Cannot refresh authentication for user identified with" + oid); throw e; } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/ExpressionHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/ExpressionHandler.java index ab86140984a..b4e0e0b574d 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/ExpressionHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/ExpressionHandler.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,7 +19,6 @@ import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; -import com.evolveum.midpoint.model.common.expression.script.xpath.XPathScriptEvaluator; import com.evolveum.midpoint.model.impl.ModelObjectResolver; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismPropertyDefinition; @@ -67,8 +66,6 @@ public class ExpressionHandler { @Autowired(required = true) private PrismContext prismContext; - private XPathScriptEvaluator xpathEvaluator = null; - public String evaluateExpression(ShadowType shadow, ExpressionType expressionType, String shortDesc, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { Validate.notNull(shadow, "Resource object shadow must not be null."); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ImportAccountsFromResourceTaskHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ImportAccountsFromResourceTaskHandler.java index e8367d3b24d..9d3dcec3e88 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ImportAccountsFromResourceTaskHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ImportAccountsFromResourceTaskHandler.java @@ -32,7 +32,7 @@ import com.evolveum.midpoint.model.impl.ModelConstants; import com.evolveum.midpoint.model.impl.sync.SynchronizeAccountResultHandler; import com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeModelTaskHandler; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.provisioning.api.ChangeNotificationDispatcher; import com.evolveum.midpoint.provisioning.api.ProvisioningService; @@ -241,9 +241,9 @@ private ObjectClassComplexTypeDefinition determineObjectClassDefinition(Resource } if (shadowToImport != null) { - objectClass = Utils.determineObjectClass(refinedSchema, shadowToImport); + objectClass = ModelImplUtils.determineObjectClass(refinedSchema, shadowToImport); } else { - objectClass = Utils.determineObjectClass(refinedSchema, coordinatorTask); + objectClass = ModelImplUtils.determineObjectClass(refinedSchema, coordinatorTask); } if (objectClass == null) { LOGGER.error("Import: No objectclass specified and no default can be determined."); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ObjectImporter.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ObjectImporter.java index 9f2a9e8c7a3..aeea21e416e 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ObjectImporter.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/importer/ObjectImporter.java @@ -23,7 +23,7 @@ import com.evolveum.midpoint.model.api.ModelExecuteOptions; import com.evolveum.midpoint.model.api.ModelService; import com.evolveum.midpoint.model.impl.migrator.Migrator; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.crypto.EncryptionException; import com.evolveum.midpoint.prism.crypto.Protector; @@ -204,7 +204,7 @@ private EventResult importParsedObject(PrismObject pri object = migrator.migrate(object); - Utils.resolveReferences(object, repository, + ModelImplUtils.resolveReferences(object, repository, (options == null || options.isReferentialIntegrity() == null) ? false : options.isReferentialIntegrity(), false, EvaluationTimeType.IMPORT, false, prismContext, objectResult); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/integrity/ShadowIntegrityCheckResultHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/integrity/ShadowIntegrityCheckResultHandler.java index ebea14237c3..3712b4b8565 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/integrity/ShadowIntegrityCheckResultHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/integrity/ShadowIntegrityCheckResultHandler.java @@ -22,7 +22,7 @@ import com.evolveum.midpoint.model.common.SystemObjectCache; import com.evolveum.midpoint.model.impl.sync.SynchronizationContext; import com.evolveum.midpoint.model.impl.sync.SynchronizationService; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.delta.ChangeType; import com.evolveum.midpoint.prism.delta.ItemDelta; @@ -209,7 +209,7 @@ public ShadowIntegrityCheckResultHandler(Task coordinatorTask, String taskOperat } try { - dryRun = Utils.isDryRun(coordinatorTask); + dryRun = ModelImplUtils.isDryRun(coordinatorTask); } catch (SchemaException e) { throw new SystemException("Couldn't get dryRun flag from task " + coordinatorTask); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AbstractConstruction.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AbstractConstruction.java index 10f9b367e18..472adacafa2 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AbstractConstruction.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AbstractConstruction.java @@ -20,8 +20,8 @@ import com.evolveum.midpoint.prism.OriginType; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.delta.PlusMinusZero; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ObjectDeltaObject; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.util.DebugDumpable; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java index 847c7a1e34f..2c8b463019e 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java @@ -27,6 +27,7 @@ import com.evolveum.midpoint.common.ActivationComputer; import com.evolveum.midpoint.model.api.ModelExecuteOptions; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.repo.common.expression.ItemDeltaItem; @@ -42,7 +43,7 @@ import com.evolveum.midpoint.model.impl.expr.ExpressionEnvironment; import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; import com.evolveum.midpoint.model.impl.lens.projector.MappingEvaluator; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.delta.PlusMinusZero; import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; @@ -60,7 +61,6 @@ import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.FocusTypeUtil; import com.evolveum.midpoint.schema.util.LifecycleUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.security.api.Authorization; import com.evolveum.midpoint.task.api.Task; @@ -704,11 +704,11 @@ private List> resolveTargetsFromFilter(Cla ModelExpressionThreadLocalHolder.pushExpressionEnvironment(new ExpressionEnvironment<>(lensContext, null, ctx.task, ctx.result)); try { PrismObject systemConfiguration = systemObjectCache.getSystemConfiguration(ctx.result); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(segment.source, null, null, systemConfiguration.asObjectable()); + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(segment.source, null, null, systemConfiguration.asObjectable()); variables.addVariableDefinition(ExpressionConstants.VAR_SOURCE, segment.getOrderOneObject()); AssignmentPathVariables assignmentPathVariables = LensUtil.computeAssignmentPathVariables(ctx.assignmentPath); if (assignmentPathVariables != null) { - Utils.addAssignmentPathVariables(assignmentPathVariables, variables); + ModelImplUtils.addAssignmentPathVariables(assignmentPathVariables, variables); } ObjectFilter origFilter = QueryConvertor.parseFilter(filter, targetClass, prismContext); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/ChangeExecutor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/ChangeExecutor.java index 3afabe96eef..b3de8c25cbd 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/ChangeExecutor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/ChangeExecutor.java @@ -42,7 +42,7 @@ import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; import com.evolveum.midpoint.model.impl.lens.projector.credentials.CredentialsProcessor; import com.evolveum.midpoint.model.impl.lens.projector.focus.FocusConstraintsChecker; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.crypto.EncryptionException; import com.evolveum.midpoint.prism.path.ItemPath; @@ -346,7 +346,7 @@ public boolean executeChanges(LensContext context, Tas updateLinks(focusContext, projCtx, shadowAfterModification, task, subResult); } - Utils.handleConnectorErrorCriticality(projCtx.getResource(), e); + ModelImplUtils.handleConnectorErrorCriticality(projCtx.getResource(), e, subResult); } catch (ObjectAlreadyExistsException e) { @@ -856,7 +856,7 @@ private void updateSituationInShadow(Task task, projectionCtx.hasFullShadow(), now); try { - Utils.setRequestee(task, focusContext); + ModelImplUtils.setRequestee(task, focusContext); ProvisioningOperationOptions options = ProvisioningOperationOptions.createCompletePostponed(false); options.setDoNotDiscovery(true); provisioning.modifyObject(ShadowType.class, projectionOid, syncSituationDeltas, null, options, task, result); @@ -873,7 +873,7 @@ private void updateSituationInShadow(Task task, result.recordFatalError(ex); throw new SystemException(ex.getMessage(), ex); } finally { - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); } // if everything is OK, add result of the situation modification to the // parent result @@ -1451,9 +1451,9 @@ private String addProvisioningObjec scripts = prepareScripts(object, context, objectContext, ProvisioningOperationTypeType.ADD, resource, task, result); } - Utils.setRequestee(task, context); + ModelImplUtils.setRequestee(task, context); String oid = provisioning.addObject(object, scripts, options, task, result); - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); return oid; } @@ -1480,9 +1480,9 @@ private PrismObject deleteProvis scripts = prepareScripts(shadowToModify, context, objectContext, ProvisioningOperationTypeType.DELETE, resource, task, result); } - Utils.setRequestee(task, context); + ModelImplUtils.setRequestee(task, context); PrismObject objectAfterModification = provisioning.deleteObject(objectTypeClass, oid, options, scripts, task, result); - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); return objectAfterModification; } @@ -1514,10 +1514,10 @@ private String modifyProvisioningOb scripts = prepareScripts(shadowToModify, context, objectContext, ProvisioningOperationTypeType.MODIFY, resource, task, result); } - Utils.setRequestee(task, context); + ModelImplUtils.setRequestee(task, context); String changedOid = provisioning.modifyObject(objectTypeClass, oid, modifications, scripts, options, task, result); - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); return changedOid; } @@ -1563,7 +1563,7 @@ private OperationProvisioningScript ResourceShadowDiscriminator discr = ((LensProjectionContext) objectContext) .getResourceShadowDiscriminator(); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(user, shadow, discr, + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(user, shadow, discr, resource.asPrismObject(), context.getSystemConfiguration(), objectContext); ModelExpressionThreadLocalHolder.pushExpressionEnvironment(new ExpressionEnvironment<>(context, (LensProjectionContext) objectContext, task, result)); try { @@ -1751,7 +1751,7 @@ private Object executeProvisioningS shadow = (PrismObject) projContext.getObjectCurrent(); } - ExpressionVariables variables = Utils.getDefaultExpressionVariables(user, shadow, + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(user, shadow, projContext.getResourceShadowDiscriminator(), resource.asPrismObject(), context.getSystemConfiguration(), projContext); Object scriptResult = null; @@ -1761,9 +1761,9 @@ private Object executeProvisioningS projContext.getResourceShadowDiscriminator(), operation, order, variables, context, projContext, task, parentResult); for (OperationProvisioningScriptType script : evaluatedScript.getScript()) { - Utils.setRequestee(task, context); + ModelImplUtils.setRequestee(task, context); scriptResult = provisioning.executeScript(resource.getOid(), script, task, parentResult); - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); } } finally { ModelExpressionThreadLocalHolder.popExpressionEnvironment(); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Clockwork.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Clockwork.java index cf3f5b48cd9..e14051f55b0 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Clockwork.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Clockwork.java @@ -37,12 +37,11 @@ import com.evolveum.midpoint.model.common.expression.script.ScriptExpression; import com.evolveum.midpoint.model.common.expression.script.ScriptExpressionFactory; import com.evolveum.midpoint.model.impl.ModelObjectResolver; -import com.evolveum.midpoint.model.impl.controller.ModelImplUtils; import com.evolveum.midpoint.model.impl.lens.projector.ContextLoader; import com.evolveum.midpoint.model.impl.lens.projector.Projector; import com.evolveum.midpoint.model.impl.lens.projector.focus.FocusConstraintsChecker; import com.evolveum.midpoint.model.impl.sync.RecomputeTaskHandler; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.delta.*; import com.evolveum.midpoint.prism.delta.builder.DeltaBuilder; @@ -130,8 +129,6 @@ public class Clockwork { private static final Trace LOGGER = TraceManager.getTrace(Clockwork.class); - // This is ugly - // TODO: cleanup @Autowired private Projector projector; @Autowired private ContextLoader contextLoader; @Autowired private ChangeExecutor changeExecutor; @@ -480,7 +477,7 @@ public HookOperationMode click(LensContext context, Ta return invokeHooks(context, task, result); } catch (CommunicationException | ConfigurationException | ExpressionEvaluationException | ObjectNotFoundException | - PolicyViolationException | SchemaException | SecurityViolationException | RuntimeException | + PolicyViolationException | SchemaException | SecurityViolationException | RuntimeException | Error | ObjectAlreadyExistsException | PreconditionViolationException e) { processClockworkException(context, e, task, result); throw e; @@ -493,9 +490,9 @@ public HookOperationMode click(LensContext context, Ta * @return * - ERROR, if any hook reported error; otherwise returns * - BACKGROUND, if any hook reported switching to background; otherwise - * - FOREGROUND (if all hooks reported finishing on foreground) + * - FOREGROUND (if all hooks reported finishing on foreground) */ - private HookOperationMode invokeHooks(LensContext context, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException { + private HookOperationMode invokeHooks(LensContext context, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException { // TODO: following two parts should be merged together in later versions // Execute configured scripting hooks @@ -553,6 +550,15 @@ private HookOperationMode invokeHooks(LensContext context, Task task, OperationR } catch (SchemaException e) { LOGGER.error("Evaluation of {} failed: {}", shortDesc, e.getMessage(), e); throw new SchemaException("Evaluation of "+shortDesc+" failed: "+e.getMessage(), e); + } catch (CommunicationException e) { + LOGGER.error("Evaluation of {} failed: {}", shortDesc, e.getMessage(), e); + throw new CommunicationException("Evaluation of "+shortDesc+" failed: "+e.getMessage(), e); + } catch (ConfigurationException e) { + LOGGER.error("Evaluation of {} failed: {}", shortDesc, e.getMessage(), e); + throw new ConfigurationException("Evaluation of "+shortDesc+" failed: "+e.getMessage(), e); + } catch (SecurityViolationException e) { + LOGGER.error("Evaluation of {} failed: {}", shortDesc, e.getMessage(), e); + throw new SecurityViolationException("Evaluation of "+shortDesc+" failed: "+e.getMessage(), e); } } } @@ -579,7 +585,7 @@ private HookOperationMode invokeHooks(LensContext context, Task task, OperationR private void evaluateScriptingHook(LensContext context, HookType hookType, ScriptExpressionEvaluatorType scriptExpressionEvaluatorType, String shortDesc, Task task, OperationResult result) - throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { LOGGER.trace("Evaluating {}", shortDesc); // TODO: it would be nice to cache this @@ -596,7 +602,7 @@ private void evaluateScriptingHook(LensContext context, HookType hookType, } variables.addVariableDefinition(ExpressionConstants.VAR_FOCUS, focus); - Utils.evaluateScript(scriptExpression, context, variables, false, shortDesc, task, result); + ModelImplUtils.evaluateScript(scriptExpression, context, variables, false, shortDesc, task, result); LOGGER.trace("Finished evaluation of {}", shortDesc); } @@ -1036,7 +1042,7 @@ private void auditFinalExecution(LensContext context, auditEvent(context, AuditEventStage.EXECUTION, null, true, task, result); } - private void processClockworkException(LensContext context, Exception e, Task task, OperationResult result) + private void processClockworkException(LensContext context, Throwable e, Task task, OperationResult result) throws SchemaException, ObjectAlreadyExistsException, ObjectNotFoundException { LOGGER.trace("Processing clockwork exception {}", e.toString()); result.recordFatalError(e); @@ -1100,7 +1106,7 @@ private void auditEvent(LensContext context, AuditEven checkNamesArePresent(clonedDeltas, primaryObject); auditRecord.addDeltas(clonedDeltas); if (auditRecord.getTarget() == null) { - auditRecord.setTarget(Utils.determineAuditTargetDeltaOps(clonedDeltas)); + auditRecord.setTarget(ModelImplUtils.determineAuditTargetDeltaOps(clonedDeltas)); } } else if (stage == AuditEventStage.EXECUTION) { auditRecord.setOutcome(result.getComputeStatus()); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Construction.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Construction.java index b88ee643855..a2b9fc57cb5 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Construction.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/Construction.java @@ -31,7 +31,7 @@ import com.evolveum.midpoint.model.common.mapping.MappingImpl; import com.evolveum.midpoint.model.common.mapping.MappingFactory; import com.evolveum.midpoint.model.impl.lens.projector.MappingEvaluator; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.ItemDefinition; import com.evolveum.midpoint.prism.OriginType; import com.evolveum.midpoint.prism.PrismContainerDefinition; @@ -238,12 +238,12 @@ private ResourceType resolveTarget(String sourceDescription, Task task, Operatio throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException { // SearchFilterType filter = targetRef.getFilter(); - ExpressionVariables variables = Utils + ExpressionVariables variables = ModelImplUtils .getDefaultExpressionVariables(getFocusOdo().getNewObject().asObjectable(), null, null, null); if (assignmentPathVariables == null) { assignmentPathVariables = LensUtil.computeAssignmentPathVariables(getAssignmentPath()); } - Utils.addAssignmentPathVariables(assignmentPathVariables, variables); + ModelImplUtils.addAssignmentPathVariables(assignmentPathVariables, variables); LOGGER.info("Expression variables for filter evaluation: {}", variables); ObjectFilter origFilter = QueryConvertor.parseFilter(getConstructionType().getResourceRef().getFilter(), diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensOwnerResolver.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensOwnerResolver.java index 519808f6e4d..dab38386930 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensOwnerResolver.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensOwnerResolver.java @@ -21,8 +21,8 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.prism.query.builder.QueryBuilder; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.OwnerResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.CommunicationException; @@ -64,7 +64,7 @@ public LensOwnerResolver(LensContext context, ObjectResolver objectResolver, } @Override - public PrismObject resolveOwner(PrismObject object) { + public PrismObject resolveOwner(PrismObject object) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (object == null) { return null; } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensUtil.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensUtil.java index e00a5547a7b..a5fc6ab5ac1 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensUtil.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensUtil.java @@ -35,7 +35,6 @@ import com.evolveum.midpoint.model.api.context.EvaluatedPolicyRule; import com.evolveum.midpoint.model.api.context.EvaluatedPolicyRuleTrigger; import com.evolveum.midpoint.model.common.mapping.PrismValueDeltaSetTripleProducer; -import com.evolveum.midpoint.model.impl.util.Utils; import com.evolveum.midpoint.prism.polystring.PolyString; import com.evolveum.midpoint.prism.query.ObjectFilter; import com.evolveum.midpoint.prism.query.ObjectQuery; @@ -61,6 +60,7 @@ import com.evolveum.midpoint.model.common.mapping.MappingImpl; import com.evolveum.midpoint.model.impl.expr.ExpressionEnvironment; import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.delta.ItemDelta; import com.evolveum.midpoint.prism.delta.ObjectDelta; @@ -69,6 +69,7 @@ import com.evolveum.midpoint.prism.marshaller.QueryConvertor; import com.evolveum.midpoint.prism.path.ItemPath; import com.evolveum.midpoint.provisioning.api.ProvisioningService; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.Expression; import com.evolveum.midpoint.repo.common.expression.ExpressionEvaluationContext; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; @@ -121,14 +122,11 @@ public static ResourceType getResourceReadOnly(LensContex public static ResourceType getResourceReadOnly(LensContext context, String resourceOid, ObjectResolver objectResolver, Task task, OperationResult result) throws ObjectNotFoundException, - CommunicationException, SchemaException, ConfigurationException, SecurityViolationException { + CommunicationException, SchemaException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { ResourceType resourceType = context.getResource(resourceOid); if (resourceType == null) { - ObjectReferenceType ref = new ObjectReferenceType(); - ref.setType(ResourceType.COMPLEX_TYPE); - ref.setOid(resourceOid); Collection> options = SelectorOptions.createCollection(GetOperationOptions.createReadOnly()); - resourceType = objectResolver.resolve(ref, ResourceType.class, options, "resource fetch in lens", task, result); + resourceType = objectResolver.getObject(ResourceType.class, resourceOid, options, task, result); context.rememberResource(resourceType); } return resourceType; @@ -720,7 +718,7 @@ private static void mergeExtensionContainers(Item MappingImpl.Builder addAssignmentPathVariables(MappingImpl.Builder builder, AssignmentPathVariables assignmentPathVariables) { ExpressionVariables expressionVariables = new ExpressionVariables(); - Utils.addAssignmentPathVariables(assignmentPathVariables, expressionVariables); + ModelImplUtils.addAssignmentPathVariables(assignmentPathVariables, expressionVariables); return builder.addVariableDefinitions(expressionVariables.getMap()); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/PersonaProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/PersonaProcessor.java index 274c57a7152..d020dab0c57 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/PersonaProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/PersonaProcessor.java @@ -27,6 +27,7 @@ import org.springframework.stereotype.Component; import com.evolveum.midpoint.common.Clock; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ObjectDeltaObject; import com.evolveum.midpoint.model.api.hooks.HookOperationMode; import com.evolveum.midpoint.model.impl.lens.projector.ComplexConstructionConsumer; @@ -46,7 +47,6 @@ import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.FocusTypeUtil; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.DebugUtil; import com.evolveum.midpoint.util.HumanReadableDescribable; @@ -223,7 +223,7 @@ public void after(PersonaKey key, String desc, } - public List readExistingPersonas(LensContext context, Task task, OperationResult result) { + public List readExistingPersonas(LensContext context, Task task, OperationResult result) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { LensFocusContext focusContext = context.getFocusContext(); PrismObject focus = focusContext.getObjectNew(); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ActivationProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ActivationProcessor.java index 4017cee44c4..c4ec97bc14f 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ActivationProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ActivationProcessor.java @@ -26,7 +26,7 @@ import com.evolveum.midpoint.model.impl.lens.LensProjectionContext; import com.evolveum.midpoint.model.impl.lens.LensUtil; import com.evolveum.midpoint.model.impl.lens.SynchronizationIntent; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.delta.ObjectDelta; import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; @@ -654,7 +654,7 @@ private void evaluateOutboundMapping(final LensContext< MappingInitializer,PrismPropertyDefinition> internalInitializer = builder -> { - builder.addVariableDefinitions(Utils.getDefaultExpressionVariables(context, projCtx).getMap()); + builder.addVariableDefinitions(ModelImplUtils.getDefaultExpressionVariables(context, projCtx).getMap()); builder.originType(OriginType.OUTBOUND); builder.originObject(projCtx.getResource()); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ContextLoader.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ContextLoader.java index 29b1d9cc657..b5570ff5ed8 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ContextLoader.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ContextLoader.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -36,7 +36,6 @@ import com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision; import com.evolveum.midpoint.model.api.util.ModelUtils; import com.evolveum.midpoint.model.common.SystemObjectCache; -import com.evolveum.midpoint.model.impl.controller.ModelImplUtils; import com.evolveum.midpoint.model.impl.lens.ClockworkMedic; import com.evolveum.midpoint.model.impl.lens.LensContext; import com.evolveum.midpoint.model.impl.lens.LensElementContext; @@ -46,6 +45,7 @@ import com.evolveum.midpoint.model.impl.lens.LensUtil; import com.evolveum.midpoint.model.impl.lens.SynchronizationIntent; import com.evolveum.midpoint.model.impl.security.SecurityHelper; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.PrismReference; @@ -401,7 +401,7 @@ private void setPrimaryDeltaOldValue(LensElementContext void loadFromSystemConfig(LensContext context, Task task, OperationResult result) - throws ObjectNotFoundException, SchemaException, ConfigurationException, ExpressionEvaluationException, PolicyViolationException { + throws ObjectNotFoundException, SchemaException, ConfigurationException, ExpressionEvaluationException, PolicyViolationException, CommunicationException, SecurityViolationException { PrismObject systemConfiguration = systemObjectCache.getSystemConfiguration(result); if (systemConfiguration == null) { // This happens in some tests. And also during first startup. @@ -1125,7 +1125,7 @@ private void finishLoadOfProjectionContext(LensContext throw e; } } else { - if (ExceptionUtil.isSelected(errorSelector, e, true)) { + if (CriticalityType.FATAL.equals(ExceptionUtil.getCriticality(errorSelector, e, CriticalityType.FATAL))) { throw e; } else { return; @@ -1391,7 +1391,7 @@ private void applyAttributesToGet(LensProjectionContext projCtx, Collection void reloadSecurityPolicyIfNeeded(LensContext context, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, - SchemaException, PolicyViolationException { + SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException { LensFocusContext focusContext = context.getFocusContext(); if (focusContext == null) { return; @@ -1408,14 +1408,14 @@ public void reloadSecurityPolicyIfNeeded(LensContext c public void loadSecurityPolicy(LensContext context, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, - SchemaException, PolicyViolationException { + SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException { loadSecurityPolicy(context, false, task, result); } @SuppressWarnings("unchecked") private void loadSecurityPolicy(LensContext context, boolean forceReload, Task task, OperationResult result) throws ExpressionEvaluationException, ObjectNotFoundException, - SchemaException, PolicyViolationException { + SchemaException, PolicyViolationException, CommunicationException, ConfigurationException, SecurityViolationException { LensFocusContext focusContext = context.getFocusContext(); if (focusContext == null) { return; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/MappingEvaluator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/MappingEvaluator.java index e078cfad155..7b1bb9b77eb 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/MappingEvaluator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/MappingEvaluator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2017 Evolveum + * Copyright (c) 2013-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ import com.evolveum.midpoint.model.impl.lens.LensUtil; import com.evolveum.midpoint.model.impl.lens.projector.credentials.CredentialsProcessor; import com.evolveum.midpoint.model.impl.trigger.RecomputeTriggerHandler; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.Item; import com.evolveum.midpoint.prism.ItemDefinition; import com.evolveum.midpoint.prism.OriginType; @@ -152,7 +152,7 @@ public void evaluateOutboundMapping(final LensContext,PrismPropertyDefinition> internalInitializer = builder -> { - builder.addVariableDefinitions(Utils.getDefaultExpressionVariables(context, projCtx).getMap()); + builder.addVariableDefinitions(ModelImplUtils.getDefaultExpressionVariables(context, projCtx).getMap()); builder.originType(OriginType.OUTBOUND); builder.originObject(projCtx.getResource()); @@ -587,7 +587,7 @@ private boolean hasNoValue(Item aPrioriTargetItem) { public MappingImpl createFocusMapping(final MappingFactory mappingFactory, final LensContext context, final MappingType mappingType, ObjectType originObject, ObjectDeltaObject focusOdo, AssignmentPathVariables assignmentPathVariables, PrismObject configuration, - XMLGregorianCalendar now, String contextDesc, Task task, OperationResult result) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException { + XMLGregorianCalendar now, String contextDesc, Task task, OperationResult result) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { Integer iteration = null; String iterationToken = null; if (focusOdo.getNewObject() != null) { @@ -607,7 +607,7 @@ public context, final MappingType mappingType, ObjectType originObject, ObjectDeltaObject focusOdo, Source defaultSource, PrismObject defaultTargetObject, AssignmentPathVariables assignmentPathVariables, Integer iteration, String iterationToken, PrismObject configuration, - XMLGregorianCalendar now, String contextDesc, final Task task, OperationResult result) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException { + XMLGregorianCalendar now, String contextDesc, final Task task, OperationResult result) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { if (!MappingImpl.isApplicableToChannel(mappingType, context.getChannel())) { LOGGER.trace("Mapping {} not applicable to channel {}, skipping.", mappingType, context.getChannel()); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ProjectionValuesProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ProjectionValuesProcessor.java index 5e41be1ef10..7a43a3db49f 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ProjectionValuesProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/ProjectionValuesProcessor.java @@ -21,6 +21,8 @@ import java.util.Iterator; import com.evolveum.midpoint.model.impl.sync.SynchronizationService; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; + import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; @@ -36,7 +38,6 @@ import com.evolveum.midpoint.model.impl.lens.LensUtil; import com.evolveum.midpoint.model.impl.lens.projector.focus.AssignmentProcessor; import com.evolveum.midpoint.model.impl.sync.CorrelationConfirmationEvaluator; -import com.evolveum.midpoint.model.impl.util.Utils; import com.evolveum.midpoint.prism.OriginType; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; @@ -510,7 +511,7 @@ private String formatIterationToken(LensContext contex private ExpressionVariables createExpressionVariables(LensContext context, LensProjectionContext projectionContext) { - return Utils.getDefaultExpressionVariables(context.getFocusContext().getObjectNew(), projectionContext.getObjectNew(), + return ModelImplUtils.getDefaultExpressionVariables(context.getFocusContext().getObjectNew(), projectionContext.getObjectNew(), projectionContext.getResourceShadowDiscriminator(), projectionContext.getResource().asPrismObject(), context.getSystemConfiguration(), projectionContext); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/Projector.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/Projector.java index 710adf74521..9741a57086c 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/Projector.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/Projector.java @@ -38,7 +38,7 @@ import com.evolveum.midpoint.model.impl.lens.projector.credentials.ProjectionCredentialsProcessor; import com.evolveum.midpoint.model.impl.lens.projector.focus.AssignmentProcessor; import com.evolveum.midpoint.model.impl.lens.projector.focus.FocusProcessor; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.xml.XmlTypeConverter; import com.evolveum.midpoint.repo.api.PreconditionViolationException; import com.evolveum.midpoint.schema.ResourceShadowDiscriminator; @@ -412,9 +412,8 @@ private void projectProjection(LensContext context, Le } catch (ObjectNotFoundException | CommunicationException | SchemaException | ConfigurationException | SecurityViolationException | PolicyViolationException | ExpressionEvaluationException | ObjectAlreadyExistsException | RuntimeException | Error e) { - result.recordFatalError(e); - - Utils.handleConnectorErrorCriticality(projectionContext.getResource(), e); + projectionContext.setSynchronizationPolicyDecision(SynchronizationPolicyDecision.BROKEN); + ModelImplUtils.handleConnectorErrorCriticality(projectionContext.getResource(), e, result); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentProcessor.java index 3f02ae656c2..119282701ae 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentProcessor.java @@ -27,6 +27,7 @@ import com.evolveum.midpoint.model.impl.lens.projector.ConstructionProcessor; import com.evolveum.midpoint.model.impl.lens.projector.MappingEvaluator; import com.evolveum.midpoint.model.impl.lens.projector.policy.PolicyRuleProcessor; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.xml.ns._public.common.common_3.*; import org.jetbrains.annotations.NotNull; import org.springframework.beans.factory.annotation.Autowired; @@ -34,13 +35,13 @@ import org.springframework.stereotype.Component; import com.evolveum.midpoint.common.ActivationComputer; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ObjectDeltaObject; import com.evolveum.midpoint.model.api.ModelExecuteOptions; import com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision; import com.evolveum.midpoint.model.common.SystemObjectCache; import com.evolveum.midpoint.model.common.mapping.MappingImpl; import com.evolveum.midpoint.model.common.mapping.MappingFactory; -import com.evolveum.midpoint.model.impl.controller.ModelImplUtils; import com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator; import com.evolveum.midpoint.model.impl.lens.Construction; import com.evolveum.midpoint.model.impl.lens.ConstructionPack; @@ -76,7 +77,6 @@ import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.result.OperationResultStatus; import com.evolveum.midpoint.schema.util.FocusTypeUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.schema.util.SchemaDebugUtil; import com.evolveum.midpoint.task.api.Task; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentTripleEvaluator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentTripleEvaluator.java index 82dfaf7793a..2c6b0730007 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentTripleEvaluator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AssignmentTripleEvaluator.java @@ -18,10 +18,10 @@ import com.evolveum.midpoint.common.ActivationComputer; import com.evolveum.midpoint.model.api.ModelExecuteOptions; import com.evolveum.midpoint.model.api.context.SynchronizationPolicyDecision; -import com.evolveum.midpoint.model.impl.controller.ModelImplUtils; import com.evolveum.midpoint.model.impl.lens.*; import com.evolveum.midpoint.model.impl.lens.projector.SmartAssignmentCollection; import com.evolveum.midpoint.model.impl.lens.projector.SmartAssignmentElement; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContainer; import com.evolveum.midpoint.prism.PrismContainerDefinition; import com.evolveum.midpoint.prism.PrismContainerValue; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/FocusProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/FocusProcessor.java index dd00077901e..eb259f33524 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/FocusProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/FocusProcessor.java @@ -26,6 +26,7 @@ import com.evolveum.midpoint.model.api.context.ModelState; import com.evolveum.midpoint.model.impl.lens.projector.policy.PolicyRuleEnforcer; import com.evolveum.midpoint.model.impl.lens.projector.policy.PolicyRuleProcessor; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.schema.SchemaProcessorUtil; import com.evolveum.midpoint.util.exception.NoFocusNameSchemaException; @@ -47,7 +48,6 @@ import com.evolveum.midpoint.model.impl.lens.OperationalDataManager; import com.evolveum.midpoint.model.impl.lens.projector.MappingEvaluator; import com.evolveum.midpoint.model.impl.lens.projector.credentials.CredentialsProcessor; -import com.evolveum.midpoint.model.impl.util.Utils; import com.evolveum.midpoint.prism.delta.ContainerDelta; import com.evolveum.midpoint.prism.delta.DeltaSetTriple; import com.evolveum.midpoint.prism.delta.ObjectDelta; @@ -159,7 +159,7 @@ private void processFocusFocus(LensContext context, Str ObjectPolicyConfigurationType objectPolicyConfigurationType = focusContext.getObjectPolicyConfigurationType(); applyObjectPolicyConstraints(focusContext, objectPolicyConfigurationType); - ExpressionVariables variablesPreIteration = Utils.getDefaultExpressionVariables(focusContext.getObjectNew(), + ExpressionVariables variablesPreIteration = ModelImplUtils.getDefaultExpressionVariables(focusContext.getObjectNew(), null, null, null, context.getSystemConfiguration(), focusContext); if (iterationToken == null) { iterationToken = LensUtil.formatIterationToken(context, focusContext, @@ -324,7 +324,7 @@ private void processFocusFocus(LensContext context, Str checker.check(previewObjectNew, result); if (checker.isSatisfiesConstraints()) { LOGGER.trace("Current focus satisfies uniqueness constraints. Iteration {}, token '{}'", iteration, iterationToken); - ExpressionVariables variablesPostIteration = Utils.getDefaultExpressionVariables(focusContext.getObjectNew(), + ExpressionVariables variablesPostIteration = ModelImplUtils.getDefaultExpressionVariables(focusContext.getObjectNew(), null, null, null, context.getSystemConfiguration(), focusContext); if (LensUtil.evaluateIterationCondition(context, focusContext, iterationSpecificationType, iteration, iterationToken, false, expressionFactory, variablesPostIteration, diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/InboundProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/InboundProcessor.java index b730fc61df8..48e3449525e 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/InboundProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/InboundProcessor.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -735,7 +735,7 @@ private vo ItemDelta attributeAPrioriDelta, PrismObject focusNew, VariableProducer variableProducer, Map>> mappingsToTarget, - Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, ConfigurationException { + Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, ConfigurationException, CommunicationException, SecurityViolationException, ExpressionEvaluationException { if (oldAccountProperty != null && oldAccountProperty.hasRaw()) { throw new SystemException("Property "+oldAccountProperty+" has raw parsing state, such property cannot be used in inbound expressions"); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/ObjectTemplateProcessor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/ObjectTemplateProcessor.java index d1f5f2a7aa5..886d2ffc15b 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/ObjectTemplateProcessor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/ObjectTemplateProcessor.java @@ -255,7 +255,7 @@ public Collection> pro } @NotNull - private Map collectItemDefinitionsFromTemplate(ObjectTemplateType objectTemplateType, String contextDesc, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + private Map collectItemDefinitionsFromTemplate(ObjectTemplateType objectTemplateType, String contextDesc, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Map definitions = new HashMap<>(); if (objectTemplateType == null) { return definitions; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/VariablesUtil.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/VariablesUtil.java index d6a06c23591..62c297fdc41 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/VariablesUtil.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/VariablesUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,12 +23,12 @@ import com.evolveum.midpoint.prism.path.ItemPath; import com.evolveum.midpoint.prism.util.CloneUtil; import com.evolveum.midpoint.prism.xml.XsdTypeMapper; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.*; import com.evolveum.midpoint.schema.SchemaConstantsGenerated; import com.evolveum.midpoint.schema.constants.ExpressionConstants; import com.evolveum.midpoint.schema.constants.SchemaConstants; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.MiscUtil; import com.evolveum.midpoint.util.QNameUtil; @@ -115,7 +115,7 @@ private static void addDerivedVariables(HashMap resultingVariabl private static Object variableFromPathExpression(HashMap resultingVariables, JAXBElement expressionEvaluator, VariableResolutionContext ctx, String shortDesc, OperationResult result) - throws SchemaException, ObjectNotFoundException { + throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (!(expressionEvaluator.getValue() instanceof ItemPathType)) { throw new IllegalArgumentException("Path expression: expected ItemPathType but got " + expressionEvaluator.getValue()); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ModifyExecutor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ModifyExecutor.java index 3207b6555cd..75383a2e8e3 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ModifyExecutor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ModifyExecutor.java @@ -18,10 +18,10 @@ import com.evolveum.midpoint.model.api.ModelExecuteOptions; import com.evolveum.midpoint.model.impl.scripting.PipelineData; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.model.impl.scripting.ExecutionContext; import com.evolveum.midpoint.model.api.ScriptExecutionException; import com.evolveum.midpoint.model.api.PipelineItem; -import com.evolveum.midpoint.model.impl.util.Utils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.prism.delta.ObjectDelta; import com.evolveum.midpoint.schema.DeltaConvertor; @@ -86,7 +86,7 @@ public PipelineData execute(ActionExpressionType expression, PipelineData input, // repository, it should be perhaps resolved at that time. But again, it is a lot of work and it does // not cover bulk actions which are not part of a task. // We consider this solution to be adequate for now. - Utils.resolveReferences(delta, cacheRepositoryService, false, false, EvaluationTimeType.IMPORT, true, prismContext, result); + ModelImplUtils.resolveReferences(delta, cacheRepositoryService, false, false, EvaluationTimeType.IMPORT, true, prismContext, result); operationsHelper.applyDelta(delta, executionOptions, dryRun, context, result); operationsHelper.recordEnd(context, objectType, started, null); } catch (Throwable ex) { diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ScriptExecutor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ScriptExecutor.java index 958ac84dc6e..409b11f3a96 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ScriptExecutor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ScriptExecutor.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import com.evolveum.midpoint.model.common.expression.script.ScriptExpressionFactory; import com.evolveum.midpoint.model.impl.scripting.ExecutionContext; import com.evolveum.midpoint.model.impl.scripting.PipelineData; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.ExpressionSyntaxException; @@ -31,9 +31,12 @@ import com.evolveum.midpoint.schema.constants.ExpressionConstants; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.util.QNameUtil; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ScriptExpressionEvaluatorType; import com.evolveum.midpoint.xml.ns._public.model.scripting_3.ActionExpressionType; @@ -198,14 +201,14 @@ private ItemDefinition getItemDefinition(String itemUri) throws ScriptExecuti private Object executeScript(ScriptExpression scriptExpression, Object input, Map externalVariables, ExecutionContext context, OperationResult result) - throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { + throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { ExpressionVariables variables = new ExpressionVariables(); variables.addVariableDefinition(ExpressionConstants.VAR_INPUT, input); variables.addVariableDefinition(ExpressionConstants.VAR_PRISM_CONTEXT, prismContext); ExpressionUtil.addActorVariable(variables, securityContextManager); externalVariables.forEach((k, v) -> variables.addVariableDefinition(new QName(NS_C, k), cloneIfNecessary(k, v))); - List rv = Utils.evaluateScript(scriptExpression, null, variables, true, "in '"+NAME+"' action", context.getTask(), result); + List rv = ModelImplUtils.evaluateScript(scriptExpression, null, variables, true, "in '"+NAME+"' action", context.getTask(), result); if (rv == null || rv.size() == 0) { return null; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java index be328b790d0..1f8bf074e53 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2016-2017 Evolveum + * Copyright (c) 2016-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -46,8 +46,12 @@ import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.xml.XmlTypeConverter; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.*; @@ -254,6 +258,18 @@ private MidPointPrincipal getAndCheckPrincipal(ConnectionEnvironment connEnv, St } catch (SchemaException e) { recordAuthenticationFailure(enteredUsername, connEnv, "schema error"); throw new AccessDeniedException("web.security.provider.invalid"); + } catch (CommunicationException e) { + recordAuthenticationFailure(enteredUsername, connEnv, "communication error"); + throw new AccessDeniedException("web.security.provider.invalid"); + } catch (ConfigurationException e) { + recordAuthenticationFailure(enteredUsername, connEnv, "configuration error"); + throw new AccessDeniedException("web.security.provider.invalid"); + } catch (SecurityViolationException e) { + recordAuthenticationFailure(enteredUsername, connEnv, "security violation"); + throw new AccessDeniedException("web.security.provider.invalid"); + } catch (ExpressionEvaluationException e) { + recordAuthenticationFailure(enteredUsername, connEnv, "expression error"); + throw new AccessDeniedException("web.security.provider.invalid"); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestAuthenticator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestAuthenticator.java index 4455118a435..6ba219287e2 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestAuthenticator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -161,7 +161,7 @@ private boolean authorizeUser(UserType user, PrismObject proxyUser, St private void authenticateUser(PrismObject user, String enteredUsername, ConnectionEnvironment connEnv, ContainerRequestContext requestCtx) { try { securityContextManager.setupPreAuthenticatedSecurityContext(user); - } catch (SchemaException e) { + } catch (SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { securityHelper.auditLoginFailure(enteredUsername, user.asObjectable(), connEnv, "Schema error: "+e.getMessage()); requestCtx.abortWith(Response.status(Status.BAD_REQUEST).build()); // return false; diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestSecurityQuestionsAuthenticator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestSecurityQuestionsAuthenticator.java index 2cd3e517c21..4b8a6eddff7 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestSecurityQuestionsAuthenticator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/MidpointRestSecurityQuestionsAuthenticator.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -201,7 +201,7 @@ public List run() { try { SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("rest_sec_q_auth", "REST", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"))); securityPolicyType = modelInteractionService.getSecurityPolicy(user, task, result); - } catch (ObjectNotFoundException | SchemaException e) { + } catch (ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { return null; } finally { SecurityContextHolder.getContext().setAuthentication(null); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java index 1c23f66e975..6d5e5dba932 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2015-2017 Evolveum + * Copyright (c) 2015-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -46,8 +46,12 @@ import com.evolveum.midpoint.security.api.ConnectionEnvironment; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.task.api.TaskManager; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialPolicyType; @@ -56,7 +60,6 @@ import com.evolveum.midpoint.xml.ns._public.common.common_3.NodeType; import com.evolveum.midpoint.xml.ns._public.common.common_3.NonceCredentialsPolicyType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordCredentialsPolicyType; import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordLifeTimeType; import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType; @@ -185,7 +188,7 @@ public SOAPMessage getSOAPMessage(SoapMessage msg) { * returned security policy. */ public SecurityPolicyType locateSecurityPolicy(PrismObject user, PrismObject systemConfiguration, - Task task, OperationResult result) throws SchemaException { + Task task, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { SecurityPolicyType focusSecurityPolicy = locateFocusSecurityPolicy(user, systemConfiguration, task, result); if (focusSecurityPolicy != null) { @@ -223,7 +226,7 @@ public SecurityPolicyType locateFocusSecurityPolicy(PrismO return null; } - public SecurityPolicyType locateGlobalSecurityPolicy(PrismObject user, PrismObject systemConfiguration, Task task, OperationResult result) { + public SecurityPolicyType locateGlobalSecurityPolicy(PrismObject user, PrismObject systemConfiguration, Task task, OperationResult result) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (systemConfiguration == null) { return null; } @@ -243,7 +246,7 @@ public SecurityPolicyType locateGlobalSecurityPolicy(Prism return null; } - public SecurityPolicyType locateGlobalPasswordPolicy(SystemConfigurationType systemConfiguration, Task task, OperationResult result) { + public SecurityPolicyType locateGlobalPasswordPolicy(SystemConfigurationType systemConfiguration, Task task, OperationResult result) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (systemConfiguration != null) { SecurityPolicyType globalPasswordPolicy = resolveGlobalPasswordPolicy(null, systemConfiguration, task, result); if (globalPasswordPolicy != null) { @@ -254,7 +257,7 @@ public SecurityPolicyType locateGlobalPasswordPolicy(SystemConfigurationType sys return null; } - private SecurityPolicyType resolveGlobalSecurityPolicy(PrismObject user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) { + private SecurityPolicyType resolveGlobalSecurityPolicy(PrismObject user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { ObjectReferenceType globalSecurityPolicyRef = systemConfiguration.getGlobalSecurityPolicyRef(); if (globalSecurityPolicyRef != null) { try { @@ -273,7 +276,7 @@ private SecurityPolicyType resolveGlobalSecurityPolicy(Pri return null; } - private SecurityPolicyType resolveGlobalPasswordPolicy(PrismObject user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) { + private SecurityPolicyType resolveGlobalPasswordPolicy(PrismObject user, SystemConfigurationType systemConfiguration, Task task, OperationResult result) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { ObjectReferenceType globalPasswordPolicyRef = systemConfiguration.getGlobalPasswordPolicyRef(); if (globalPasswordPolicyRef != null) { try { @@ -355,7 +358,7 @@ private ValuePolicyType postProcessCredentialPolicy(SecurityPolicyType securityP ValuePolicyType valuePolicyType; try { valuePolicyType = objectResolver.resolve(valuePolicyRef, ValuePolicyType.class, null, credShortDesc + " in " + securityPolicyType, task, result); - } catch (ObjectNotFoundException | SchemaException e) { + } catch (ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { LOGGER.warn("{} {} referenced from {} was not found", credShortDesc, valuePolicyRef.getOid(), securityPolicyType); return null; } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SpringAuthenticationInjectorInterceptor.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SpringAuthenticationInjectorInterceptor.java index c78527a1418..4204fb0e4ff 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SpringAuthenticationInjectorInterceptor.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SpringAuthenticationInjectorInterceptor.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -140,15 +140,19 @@ public void handleMessage(SoapMessage message) throws Fault { throw createFault(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION); } - MidPointPrincipal principal; + MidPointPrincipal principal = null; try { principal = userDetailsService.getPrincipal(username); } catch (SchemaException e) { - LOGGER.debug("Access to web service denied for user '{}': schema error: {}", - username, e.getMessage(), e); - message.put(SecurityHelper.CONTEXTUAL_PROPERTY_AUDITED_NAME, true); - securityHelper.auditLoginFailure(username, null, connEnv, "Schema error: "+e.getMessage()); - throw new Fault(e); + handlePrincipalException(message, username, connEnv, "Schema error", e); + } catch (CommunicationException e) { + handlePrincipalException(message, username, connEnv, "Communication error", e); + } catch (ConfigurationException e) { + handlePrincipalException(message, username, connEnv, "Configuration error", e); + } catch (SecurityViolationException e) { + handlePrincipalException(message, username, connEnv, "Security violation", e); + } catch (ExpressionEvaluationException e) { + handlePrincipalException(message, username, connEnv, "Expression error", e); } LOGGER.trace("Principal: {}", principal); if (principal == null) { @@ -230,7 +234,15 @@ public void handleMessage(SoapMessage message) throws Fault { LOGGER.debug("Access to web service allowed for user '{}'", username); } - private Fault createFault(ErrorCode code) { + private void handlePrincipalException(SoapMessage message, String username, ConnectionEnvironment connEnv, String errorDesc, Exception e) { + LOGGER.debug("Access to web service denied for user '{}': {}: {}", + username, errorDesc, e.getMessage(), e); + message.put(SecurityHelper.CONTEXTUAL_PROPERTY_AUDITED_NAME, true); + securityHelper.auditLoginFailure(username, null, connEnv, errorDesc + ": " + e.getMessage()); + throw new Fault(e); + } + + private Fault createFault(ErrorCode code) { return new Fault(new WSSecurityException(code), code.getQName()); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/UserProfileServiceImpl.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/UserProfileServiceImpl.java index ac93007c5a6..ce2d1795bdf 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/UserProfileServiceImpl.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/UserProfileServiceImpl.java @@ -19,6 +19,7 @@ import com.evolveum.midpoint.common.ActivationComputer; import com.evolveum.midpoint.common.Clock; import com.evolveum.midpoint.repo.cache.RepositoryCache; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ItemDeltaItem; import com.evolveum.midpoint.repo.common.expression.ObjectDeltaObject; import com.evolveum.midpoint.model.api.context.EvaluatedAssignment; @@ -52,7 +53,6 @@ import com.evolveum.midpoint.schema.util.FocusTypeUtil; import com.evolveum.midpoint.schema.util.LifecycleUtil; import com.evolveum.midpoint.schema.util.ObjectQueryUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.security.api.Authorization; import com.evolveum.midpoint.security.api.AuthorizationTransformer; @@ -125,7 +125,7 @@ public void setMessageSource(MessageSource messageSource) { } @Override - public MidPointPrincipal getPrincipal(String username) throws ObjectNotFoundException, SchemaException { + public MidPointPrincipal getPrincipal(String username) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = new OperationResult(OPERATION_GET_PRINCIPAL); PrismObject user; try { @@ -146,19 +146,19 @@ public MidPointPrincipal getPrincipal(String username) throws ObjectNotFoundExce } @Override - public MidPointPrincipal getPrincipalByOid(String oid) throws ObjectNotFoundException, SchemaException { + public MidPointPrincipal getPrincipalByOid(String oid) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = new OperationResult(OPERATION_GET_PRINCIPAL); return getPrincipal(getUserByOid(oid, result).asPrismObject()); } @Override - public MidPointPrincipal getPrincipal(PrismObject user) throws SchemaException { + public MidPointPrincipal getPrincipal(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { OperationResult result = new OperationResult(OPERATION_GET_PRINCIPAL); return getPrincipal(user, null, result); } @Override - public MidPointPrincipal getPrincipal(PrismObject user, AuthorizationTransformer authorizationTransformer, OperationResult result) throws SchemaException { + public MidPointPrincipal getPrincipal(PrismObject user, AuthorizationTransformer authorizationTransformer, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (user == null) { return null; } @@ -218,7 +218,7 @@ private PrismObject findByUsername(String username, OperationResult re return list.get(0); } - private void initializePrincipalFromAssignments(MidPointPrincipal principal, PrismObject systemConfiguration, AuthorizationTransformer authorizationTransformer) throws SchemaException { + private void initializePrincipalFromAssignments(MidPointPrincipal principal, PrismObject systemConfiguration, AuthorizationTransformer authorizationTransformer) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { UserType userType = principal.getUser(); Collection authorizations = principal.getAuthorities(); @@ -431,7 +431,7 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx return getPrincipal(username); } catch (ObjectNotFoundException e) { throw new UsernameNotFoundException(e.getMessage(), e); - } catch (SchemaException e) { + } catch (SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { throw new SystemException(e.getMessage(), e); } } @@ -443,7 +443,7 @@ public UserDetails mapUserFromContext(DirContextOperations ctx, String username, return getPrincipal(username); } catch (ObjectNotFoundException e) { throw new UsernameNotFoundException("UserProfileServiceImpl.unknownUser", e); - } catch (SchemaException e) { + } catch (SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { throw new SystemException(e.getMessage(), e); } } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/CorrelationConfirmationEvaluator.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/CorrelationConfirmationEvaluator.java index 16200b13374..e3f8bd192bb 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/CorrelationConfirmationEvaluator.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/CorrelationConfirmationEvaluator.java @@ -26,6 +26,7 @@ import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.*; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import org.apache.commons.lang.Validate; @@ -33,7 +34,6 @@ import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; -import com.evolveum.midpoint.model.impl.util.Utils; import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; import com.evolveum.midpoint.prism.match.MatchingRuleRegistry; import com.evolveum.midpoint.prism.query.ObjectQuery; @@ -148,7 +148,7 @@ private boolean satisfyCondition(ShadowType currentShadow, ConditionalSearchFilt } ExpressionType condition = conditionalFilter.getCondition(); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(null,currentShadow, resourceType, configurationType); + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(null,currentShadow, resourceType, configurationType); ItemDefinition outputDefinition = new PrismPropertyDefinitionImpl( ExpressionConstants.OUTPUT_ELEMENT_NAME, DOMUtil.XSD_BOOLEAN, prismContext); @@ -360,7 +360,7 @@ private ObjectQuery updateFilterWithAccountValues(ShadowType currentShadow, Reso private ObjectQuery evaluateQueryExpressions(ObjectQuery query, ShadowType currentShadow, ResourceType resource, SystemConfigurationType configuration, String shortDesc, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException { - ExpressionVariables variables = Utils.getDefaultExpressionVariables(null, currentShadow, resource, configuration); + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(null, currentShadow, resource, configuration); return ExpressionUtil.evaluateQueryExpressions(query, variables, expressionFactory, prismContext, shortDesc, task, result); } @@ -372,7 +372,7 @@ public boolean evaluateConfirmationExpression(Class foc Validate.notNull(expressionType, "Expression must not be null."); Validate.notNull(result, "Operation result must not be null."); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(user, shadow, resource, configuration); + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(user, shadow, resource, configuration); String shortDesc = "confirmation expression for "+resource.asPrismObject(); PrismPropertyDefinition outputDefinition = new PrismPropertyDefinitionImpl<>(ExpressionConstants.OUTPUT_ELEMENT_NAME, diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/LiveSyncTaskHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/LiveSyncTaskHandler.java index 5379ef2870d..2c6828a1e60 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/LiveSyncTaskHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/LiveSyncTaskHandler.java @@ -18,7 +18,7 @@ import com.evolveum.midpoint.common.refinery.RefinedResourceSchema; import com.evolveum.midpoint.common.refinery.RefinedResourceSchemaImpl; import com.evolveum.midpoint.model.impl.ModelConstants; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.provisioning.api.ProvisioningService; import com.evolveum.midpoint.schema.ResourceShadowDiscriminator; @@ -155,7 +155,7 @@ public TaskRunResult run(Task task) { ObjectClassComplexTypeDefinition objectClass; try { - objectClass = Utils.determineObjectClass(refinedSchema, task); + objectClass = ModelImplUtils.determineObjectClass(refinedSchema, task); } catch (SchemaException e) { LOGGER.error("Live Sync: schema error: {}", e.getMessage()); opResult.recordFatalError(e); @@ -177,7 +177,7 @@ public TaskRunResult run(Task task) { // This will detect the changes and notify model about them. // It will use extension of task to store synchronization state - Utils.clearRequestee(task); + ModelImplUtils.clearRequestee(task); changesProcessed = provisioningService.synchronize(coords, task, opResult); } catch (ObjectNotFoundException ex) { diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/RecomputeTaskHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/RecomputeTaskHandler.java index 57f34a8586b..5761b656eb8 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/RecomputeTaskHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/RecomputeTaskHandler.java @@ -27,7 +27,7 @@ import com.evolveum.midpoint.model.impl.lens.ContextFactory; import com.evolveum.midpoint.model.impl.lens.LensContext; import com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeModelTaskHandler; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.query.ObjectQuery; @@ -109,7 +109,7 @@ protected boolean handleObject(PrismObject object, Task workerTask, O } private ModelExecuteOptions getOptions(Task coordinatorTask) throws SchemaException { - ModelExecuteOptions modelExecuteOptions = Utils.getModelExecuteOptions(coordinatorTask); + ModelExecuteOptions modelExecuteOptions = ModelImplUtils.getModelExecuteOptions(coordinatorTask); if (modelExecuteOptions == null) { // Make reconcile the default (for compatibility). If there are no options // then assume reconcile. diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/ReconciliationTaskHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/ReconciliationTaskHandler.java index 4e25793a162..4142b6b5481 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/ReconciliationTaskHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/ReconciliationTaskHandler.java @@ -25,7 +25,7 @@ import com.evolveum.midpoint.common.refinery.RefinedResourceSchemaImpl; import com.evolveum.midpoint.model.api.ModelPublicConstants; import com.evolveum.midpoint.model.impl.ModelConstants; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.delta.ChangeType; @@ -189,7 +189,7 @@ public TaskWorkBucketProcessingResult run(Task localCoordinatorTask, WorkBucketT resource = provisioningService.getObject(ResourceType.class, resourceOid, null, localCoordinatorTask, opResult); RefinedResourceSchema refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resource, LayerType.MODEL, prismContext); - objectclassDef = Utils.determineObjectClass(refinedSchema, localCoordinatorTask); + objectclassDef = ModelImplUtils.determineObjectClass(refinedSchema, localCoordinatorTask); } catch (ObjectNotFoundException ex) { // This is bad. The resource does not exist. Permanent problem. @@ -635,7 +635,7 @@ private PrismObject reconcileShadow(PrismObject shadow, OperationResult opResult = new OperationResult(OperationConstants.RECONCILIATION+".shadowReconciliation.object"); try { Collection> options = null; - if (Utils.isDryRun(task)) { + if (ModelImplUtils.isDryRun(task)) { options = SelectorOptions.createCollection(GetOperationOptions.createDoNotDiscovery()); } else { options = SelectorOptions.createCollection(GetOperationOptions.createForceRefresh()); @@ -667,7 +667,7 @@ private void reactShadowGone(PrismObject shadow, PrismObject void notifyChange(ResourceObjectShadowChangeDescrip if (LOGGER.isTraceEnabled()) { LOGGER.trace("Synchronization is enabled, focus class: {}, found applicable policy: {}", - syncCtx.getFocusClass(), Utils.getPolicyDesc(obejctSynchronization)); + syncCtx.getFocusClass(), ModelImplUtils.getPolicyDesc(obejctSynchronization)); } setupSituation(syncCtx, eventInfo, change, task, subResult); @@ -310,7 +310,7 @@ private ObjectSynchronizationDiscriminatorType evaluateSyn } ExpressionType classificationExpression = synchronizationSorterType.getExpression(); String desc = "syncrhonization divider type "; - ExpressionVariables variables = Utils.getDefaultExpressionVariables(null, syncCtx.getApplicableShadow(), null, + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(null, syncCtx.getApplicableShadow(), null, syncCtx.getResource(), syncCtx.getSystemConfiguration(), null); variables.addVariableDefinition(ExpressionConstants.VAR_CHANNEL, syncCtx.getChanel()); try { @@ -338,7 +338,7 @@ private Boolean evaluateSynchronizationPolicyCondition(ObjectSynchronizationType } ExpressionType conditionExpressionType = synchronizationPolicy.getCondition(); String desc = "condition in object synchronization " + synchronizationPolicy.getName(); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(null, currentShadow, null, + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(null, currentShadow, null, resource, configuration, null); try { ModelExpressionThreadLocalHolder.pushExpressionEnvironment(new ExpressionEnvironment<>(task, result)); @@ -485,7 +485,7 @@ private boolean isProtected(PrismObject shadow) { private boolean checkDryRunAndUnrelatedChange(SynchronizationContext syncCtx, SynchronizationEventInformation eventInfo, ResourceObjectShadowChangeDescription change, XMLGregorianCalendar now, Task task, OperationResult subResult) throws SchemaException { - if (change.isUnrelatedChange() || Utils.isDryRun(task)) { + if (change.isUnrelatedChange() || ModelImplUtils.isDryRun(task)) { if (syncCtx.getApplicableShadow() == null) { throw new IllegalStateException("No current nor old shadow present: " + change); } diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationServiceUtils.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationServiceUtils.java index 22281501784..995eb809487 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationServiceUtils.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationServiceUtils.java @@ -12,7 +12,7 @@ import com.evolveum.midpoint.common.refinery.RefinedResourceSchemaImpl; import com.evolveum.midpoint.model.impl.expr.ExpressionEnvironment; import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.PrismPropertyValue; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; @@ -94,7 +94,7 @@ private static Boolean evaluateSynchronizationPolicyCondit } ExpressionType conditionExpressionType = synchronizationPolicy.getCondition(); String desc = "condition in object synchronization " + synchronizationPolicy.getName(); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(null, syncCtx.getApplicableShadow(), null, + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(null, syncCtx.getApplicableShadow(), null, syncCtx.getResource(), syncCtx.getSystemConfiguration(), null); try { ModelExpressionThreadLocalHolder.pushExpressionEnvironment(new ExpressionEnvironment<>(syncCtx.getTask(), syncCtx.getResult())); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizeAccountResultHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizeAccountResultHandler.java index 8abe5ada4cb..bcc09b41748 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizeAccountResultHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizeAccountResultHandler.java @@ -18,7 +18,7 @@ import javax.xml.namespace.QName; import com.evolveum.midpoint.model.impl.importer.ImportAccountsFromResourceTaskHandler; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.delta.ChangeType; import com.evolveum.midpoint.prism.delta.ObjectDelta; @@ -194,7 +194,7 @@ protected boolean handleObjectInternal(PrismObject accountShadow, Ta } // Invoke the change notification - Utils.clearRequestee(workerTask); + ModelImplUtils.clearRequestee(workerTask); objectChangeListener.notifyChange(change, workerTask, result); // No exception thrown here. The error is indicated in the result. Will be processed by superclass. diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/AbstractSearchIterativeModelTaskHandler.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/AbstractSearchIterativeModelTaskHandler.java index ed1e98f3c01..3d0d795df08 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/AbstractSearchIterativeModelTaskHandler.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/AbstractSearchIterativeModelTaskHandler.java @@ -81,7 +81,7 @@ protected ObjectQuery preProcessQuery(ObjectQuery query, Task coordinatorTask, O // TODO consider which variables should go here (there's no focus, shadow, resource - only configuration) if (ExpressionUtil.hasExpressions(query.getFilter())) { PrismObject configuration = systemObjectCache.getSystemConfiguration(opResult); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(null, null, null, + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(null, null, null, configuration != null ? configuration.asObjectable() : null); try { ExpressionEnvironment env = new ExpressionEnvironment<>(coordinatorTask, opResult); diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/Utils.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/ModelImplUtils.java similarity index 54% rename from model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/Utils.java rename to model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/ModelImplUtils.java index 632cce5ce7d..36830ace458 100644 --- a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/Utils.java +++ b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/ModelImplUtils.java @@ -13,30 +13,46 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package com.evolveum.midpoint.model.impl.util; import com.evolveum.midpoint.common.crypto.CryptoUtil; -import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.common.refinery.RefinedObjectClassDefinition; import com.evolveum.midpoint.common.refinery.RefinedResourceSchema; +import com.evolveum.midpoint.model.api.ModelAuthorizationAction; import com.evolveum.midpoint.model.api.ModelExecuteOptions; import com.evolveum.midpoint.model.common.expression.script.ScriptExpression; import com.evolveum.midpoint.model.impl.ModelConstants; import com.evolveum.midpoint.model.impl.expr.ExpressionEnvironment; import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; import com.evolveum.midpoint.model.impl.importer.ObjectImporter; -import com.evolveum.midpoint.model.impl.lens.*; -import com.evolveum.midpoint.prism.*; +import com.evolveum.midpoint.model.impl.lens.AssignmentPathVariables; +import com.evolveum.midpoint.model.impl.lens.LensContext; +import com.evolveum.midpoint.model.impl.lens.LensElementContext; +import com.evolveum.midpoint.model.impl.lens.LensFocusContext; +import com.evolveum.midpoint.model.impl.lens.LensProjectionContext; +import com.evolveum.midpoint.model.impl.lens.LensUtil; +import com.evolveum.midpoint.prism.PrismContext; +import com.evolveum.midpoint.prism.PrismObject; +import com.evolveum.midpoint.prism.PrismObjectDefinition; +import com.evolveum.midpoint.prism.PrismProperty; +import com.evolveum.midpoint.prism.PrismReferenceDefinition; +import com.evolveum.midpoint.prism.PrismReferenceValue; +import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.Visitor; import com.evolveum.midpoint.prism.crypto.EncryptionException; import com.evolveum.midpoint.prism.crypto.Protector; import com.evolveum.midpoint.prism.delta.ItemDelta; import com.evolveum.midpoint.prism.delta.ObjectDelta; import com.evolveum.midpoint.prism.marshaller.QueryConvertor; -import com.evolveum.midpoint.prism.query.*; +import com.evolveum.midpoint.prism.query.FullTextFilter; +import com.evolveum.midpoint.prism.query.InOidFilter; +import com.evolveum.midpoint.prism.query.ObjectFilter; +import com.evolveum.midpoint.prism.query.ObjectPaging; +import com.evolveum.midpoint.prism.query.ObjectQuery; +import com.evolveum.midpoint.prism.query.ValueFilter; import com.evolveum.midpoint.repo.api.PreconditionViolationException; import com.evolveum.midpoint.repo.api.RepositoryService; +import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; import com.evolveum.midpoint.schema.ObjectDeltaOperation; import com.evolveum.midpoint.schema.ResourceShadowDiscriminator; import com.evolveum.midpoint.schema.constants.ExpressionConstants; @@ -45,6 +61,7 @@ import com.evolveum.midpoint.schema.processor.ObjectClassComplexTypeDefinition; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.ExceptionUtil; +import com.evolveum.midpoint.schema.util.FocusTypeUtil; import com.evolveum.midpoint.schema.util.ResourceTypeUtil; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.Handler; @@ -57,6 +74,7 @@ import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.exception.SystemException; +import com.evolveum.midpoint.util.logging.LoggingUtils; import com.evolveum.midpoint.util.logging.Trace; import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.*; @@ -71,17 +89,158 @@ import javax.xml.namespace.QName; import java.util.ArrayList; import java.util.Collection; +import java.util.Collections; import java.util.List; /** + * * @author lazyman - * @author semancik + * */ -public final class Utils { +public class ModelImplUtils { + + private static final String OPERATION_RESOLVE_REFERENCE = ObjectImporter.class.getName() + ".resolveReference"; + + private static final Trace LOGGER = TraceManager.getTrace(ModelImplUtils.class); + + public static void validatePaging(ObjectPaging paging) { + if (paging == null) { + return; + } + + if (paging.getMaxSize() != null && paging.getMaxSize().longValue() < 0) { + throw new IllegalArgumentException("Paging max size must be more than 0."); + } + if (paging.getOffset() != null && paging.getOffset().longValue() < 0) { + throw new IllegalArgumentException("Paging offset index must be more than 0."); + } + } + + public static void recordFatalError(OperationResult result, Throwable e) { + recordFatalError(result, e.getMessage(), e); + } + + public static void recordFatalError(OperationResult result, String message, Throwable e) { + // Do not log at ERROR level. This is too harsh. Especially in object not found case. + // What model considers an error may be just a normal situation for the code is using model API. + // If this is really an error then it should be logged by the invoking code. + LoggingUtils.logExceptionOnDebugLevel(LOGGER, message, e); + result.recordFatalError(message, e); + result.cleanupResult(e); + } + + public static void recordPartialError(OperationResult result, Throwable e) { + recordPartialError(result, e.getMessage(), e); + } + + public static void recordPartialError(OperationResult result, String message, Throwable e) { + // Do not log at ERROR level. This is too harsh. Especially in object not found case. + // What model considers an error may be just a normal situation for the code is using model API. + // If this is really an error then it should be logged by the invoking code. + LoggingUtils.logExceptionOnDebugLevel(LOGGER, message, e); + result.recordPartialError(message, e); + result.cleanupResult(e); + } + + public static String getOperationUrlFromDelta(ObjectDelta delta) { + if (delta == null) { + return null; + } + if (delta.isAdd()) { + return ModelAuthorizationAction.ADD.getUrl(); + } + if (delta.isModify()) { + return ModelAuthorizationAction.MODIFY.getUrl(); + } + if (delta.isDelete()) { + return ModelAuthorizationAction.DELETE.getUrl(); + } + throw new IllegalArgumentException("Unknown delta type "+delta); + } + + + // from the most to least appropriate + @NotNull + public static List getApplicablePolicies( + Class objectClass, List objectSubtypes, SystemConfigurationType systemConfigurationType) + throws ConfigurationException { + List rv = new ArrayList<>(); + List typeNoSubtype = new ArrayList<>(); + List typeWithSubtype = new ArrayList<>(); + List noTypeNoSubtype = new ArrayList<>(); + List noTypeWithSubtype = new ArrayList<>(); + List all = new ArrayList<>(); + + all.addAll(systemConfigurationType.getDefaultObjectPolicyConfiguration()); + all.addAll(systemConfigurationType.getObjectTemplate()); // deprecated + if (objectClass == UserType.class) { + // Deprecated method to specify user template. For compatibility only + ObjectReferenceType templateRef = systemConfigurationType.getDefaultUserTemplateRef(); + if (templateRef != null) { + all.add(new ObjectPolicyConfigurationType().objectTemplateRef(templateRef.clone())); + } + } + + for (ObjectPolicyConfigurationType aPolicyConfigurationType: all) { + QName typeQName = aPolicyConfigurationType.getType(); + if (typeQName != null) { + ObjectTypes objectType = ObjectTypes.getObjectTypeFromTypeQName(typeQName); + if (objectType == null) { + throw new ConfigurationException( + "Unknown type " + typeQName + " in default object policy definition or object template definition in system configuration"); + } + if (objectType.getClassDefinition() == objectClass) { + String aSubType = aPolicyConfigurationType.getSubtype(); + if (aSubType == null) { + typeNoSubtype.add(aPolicyConfigurationType); + } else if (objectSubtypes != null && objectSubtypes.contains(aSubType)) { + typeWithSubtype.add(aPolicyConfigurationType); + } + } + } else { + String aSubType = aPolicyConfigurationType.getSubtype(); + if (aSubType == null) { + noTypeNoSubtype.add(aPolicyConfigurationType); + } else if (objectSubtypes != null && objectSubtypes.contains(aSubType)) { + noTypeWithSubtype.add(aPolicyConfigurationType); + } + } + } + rv.addAll(typeWithSubtype); + rv.addAll(typeNoSubtype); + rv.addAll(noTypeWithSubtype); + rv.addAll(noTypeNoSubtype); + return rv; + } + + @NotNull + public static List getApplicablePolicies(LensContext context) { + PrismObject config = context.getSystemConfiguration(); + if (config == null) { + return Collections.emptyList(); + } + PrismObject object = context.getFocusContext() != null ? context.getFocusContext().getObjectAny() : null; + List subTypes = FocusTypeUtil.determineSubTypes(object); + List relevantPolicies; + try { + relevantPolicies = ModelImplUtils.getApplicablePolicies(context.getFocusContext().getObjectTypeClass(), subTypes, + config.asObjectable()); + } catch (ConfigurationException e) { + throw new SystemException("Couldn't get relevant object policies", e); + } + LOGGER.trace("Relevant policies: {}", relevantPolicies); + return relevantPolicies; + } + + public static ConflictResolutionType getConflictResolution(LensContext context) { + for (ObjectPolicyConfigurationType p : ModelImplUtils.getApplicablePolicies(context)) { + if (p.getConflictResolution() != null) { + return p.getConflictResolution(); + } + } + return null; + } - private static final Trace LOGGER = TraceManager.getTrace(Utils.class); - private static final String OPERATION_RESOLVE_REFERENCE = ObjectImporter.class.getName() - + ".resolveReference"; @Deprecated // use RepositoryService.objectSearchIterative instead public static void searchIterative(RepositoryService repositoryService, Class type, ObjectQuery query, @@ -95,8 +254,8 @@ public static void searchIterative(RepositoryService repo List> objects = repositoryService.searchObjects(type, myQuery, null, opResult); for (PrismObject object: objects) { if (!handler.handle(object)) { - return; - } + return; + } } cont = objects.size() == blockSize; myPaging.setOffset(myPaging.getOffset() + blockSize); @@ -117,7 +276,7 @@ public static void resolveReferences(PrismObject objec boolean enforceReferentialIntegrity, boolean forceFilterReevaluation, EvaluationTimeType resolutionTime, boolean throwExceptionOnFailure, PrismContext prismContext, OperationResult result) { - + Visitor visitor = visitable -> { if (!(visitable instanceof PrismReferenceValue)) { return; @@ -132,12 +291,12 @@ public static void resolveReferences(PrismObject objec * Resolves references contained in ADD and REPLACE value sets for item modifications in a given ObjectDelta. * (specially treats collisions with values to be deleted) */ - + public static void resolveReferences(ObjectDelta objectDelta, RepositoryService repository, boolean enforceReferentialIntegrity, boolean forceFilterReevaluation, EvaluationTimeType resolutionTime, boolean throwExceptionOnFailure, PrismContext prismContext, OperationResult result) { - + Visitor visitor = visitable -> { if (!(visitable instanceof PrismReferenceValue)) { return; @@ -147,7 +306,7 @@ public static void resolveReferences(ObjectDelta objec }; // We could use objectDelta.accept(visitor), but we want to visit only values to add and replace // (NOT values to delete! - otherwise very strange effects could result) - + // Another problem is that it is possible that one of valuesToAdd became (after resolving) // a value that is meant do be deleted. The result would be deletion of that value; definitely // not what we would want or expect. So we have to check whether a value that was not among @@ -163,38 +322,38 @@ public static void resolveReferences(ObjectDelta objec } // see description in caller - private static void applyVisitorToValues(Collection values, ItemDelta delta, Visitor visitor) { + static void applyVisitorToValues(Collection values, ItemDelta delta, Visitor visitor) { Collection valuesToDelete = delta.getValuesToDelete(); if (valuesToDelete == null) { - valuesToDelete = new ArrayList<>(0); // just to simplify the code below - } + valuesToDelete = new ArrayList<>(0); // just to simplify the code below + } if (values != null) { - for (PrismValue pval : values) { - boolean isToBeDeleted = valuesToDelete.contains(pval); - pval.accept(visitor); - if (!isToBeDeleted && valuesToDelete.contains(pval)) { - // value becomes 'to be deleted' -> we remove it from toBeDeleted list - delta.removeValueToDelete(pval); - } - } - } - } - - private static void resolveRef(PrismReferenceValue refVal, RepositoryService repository, + for (PrismValue pval : values) { + boolean isToBeDeleted = valuesToDelete.contains(pval); + pval.accept(visitor); + if (!isToBeDeleted && valuesToDelete.contains(pval)) { + // value becomes 'to be deleted' -> we remove it from toBeDeleted list + delta.removeValueToDelete(pval); + } + } + } + } + + static void resolveRef(PrismReferenceValue refVal, RepositoryService repository, boolean enforceReferentialIntegrity, boolean forceFilterReevaluation, EvaluationTimeType evaluationTimeType, PrismContext prismContext, String contextDesc, boolean throwExceptionOnFailure, OperationResult parentResult) { String refName = refVal.getParent() != null ? refVal.getParent().getElementName().toString() : "(unnamed)"; - + if ((refVal.getResolutionTime() != null && refVal.getResolutionTime() != evaluationTimeType) || (refVal.getResolutionTime() == null && evaluationTimeType != EvaluationTimeType.IMPORT)) { LOGGER.trace("Skipping resolution of reference {} in {} because the resolutionTime is set to {}", refName, contextDesc, refVal.getResolutionTime()); return; } - + OperationResult result = parentResult.createMinorSubresult(OPERATION_RESOLVE_REFERENCE); result.addContext(OperationResult.CONTEXT_ITEM, refName); - + QName typeQName = null; if (refVal.getTargetType() != null) { typeQName = refVal.getTargetType(); @@ -215,7 +374,7 @@ private static void resolveRef(PrismReferenceValue refVal, RepositoryService rep } } SearchFilterType filter = refVal.getFilter(); - + if (!StringUtils.isBlank(refVal.getOid()) && (!forceFilterReevaluation || filter == null)) { // We have OID (and "force filter reevaluation" is not requested or not possible) if (filter != null) { @@ -256,7 +415,7 @@ private static void resolveRef(PrismReferenceValue refVal, RepositoryService rep parentResult.computeStatus(); return; } - + if (filter == null) { if (refVal.getObject() != null) { LOGGER.trace("Skipping resolution of reference {} in {} because the object is present and the filter is not", refName, contextDesc); @@ -280,7 +439,7 @@ private static void resolveRef(PrismReferenceValue refVal, RepositoryService rep LOGGER.error("Failed to convert object filter from filter because of: "+ ex.getMessage() + "; filter: " + filter.debugDump(), ex); throw new SystemException("Failed to convert object filter from filter. Reason: " + ex.getMessage(), ex); } - + LOGGER.trace("Resolving using filter {}", objFilter.debugDump()); List> objects; QName objectType = refVal.getTargetType(); @@ -292,16 +451,16 @@ private static void resolveRef(PrismReferenceValue refVal, RepositoryService rep } return; } - + if (containExpression(objFilter)){ result.recordSuccessIfUnknown(); return; } - + try { ObjectQuery query = ObjectQuery.createObjectQuery(objFilter); objects = (List)repository.searchObjects(type, query, null, result); - + } catch (SchemaException e) { // This is unexpected, but may happen. Record fatal error String message = "Repository schema error during resolution of reference " + refName; @@ -358,109 +517,109 @@ private static boolean containExpression(ObjectFilter filter){ return false; } - public static ObjectClassComplexTypeDefinition determineObjectClass(RefinedResourceSchema refinedSchema, Task task) throws SchemaException { - - QName objectclass = null; - PrismProperty objectclassProperty = task.getExtensionProperty(ModelConstants.OBJECTCLASS_PROPERTY_NAME); - if (objectclassProperty != null) { - objectclass = objectclassProperty.getValue().getValue(); - } - - ShadowKindType kind = null; - PrismProperty kindProperty = task.getExtensionProperty(ModelConstants.KIND_PROPERTY_NAME); - if (kindProperty != null) { - kind = kindProperty.getValue().getValue(); - } - - String intent = null; - PrismProperty intentProperty = task.getExtensionProperty(ModelConstants.INTENT_PROPERTY_NAME); - if (intentProperty != null) { - intent = intentProperty.getValue().getValue(); - } - - return determineObjectClassInternal(refinedSchema, objectclass, kind, intent, task); - } + public static ObjectClassComplexTypeDefinition determineObjectClass(RefinedResourceSchema refinedSchema, Task task) throws SchemaException { + + QName objectclass = null; + PrismProperty objectclassProperty = task.getExtensionProperty(ModelConstants.OBJECTCLASS_PROPERTY_NAME); + if (objectclassProperty != null) { + objectclass = objectclassProperty.getValue().getValue(); + } + + ShadowKindType kind = null; + PrismProperty kindProperty = task.getExtensionProperty(ModelConstants.KIND_PROPERTY_NAME); + if (kindProperty != null) { + kind = kindProperty.getValue().getValue(); + } + + String intent = null; + PrismProperty intentProperty = task.getExtensionProperty(ModelConstants.INTENT_PROPERTY_NAME); + if (intentProperty != null) { + intent = intentProperty.getValue().getValue(); + } + + return determineObjectClassInternal(refinedSchema, objectclass, kind, intent, task); + } - public static ObjectClassComplexTypeDefinition determineObjectClass(RefinedResourceSchema refinedSchema, PrismObject shadow) throws SchemaException { - ShadowType s = shadow.asObjectable(); - return determineObjectClassInternal(refinedSchema, s.getObjectClass(), s.getKind(), s.getIntent(), s); - } + public static ObjectClassComplexTypeDefinition determineObjectClass(RefinedResourceSchema refinedSchema, PrismObject shadow) throws SchemaException { + ShadowType s = shadow.asObjectable(); + return determineObjectClassInternal(refinedSchema, s.getObjectClass(), s.getKind(), s.getIntent(), s); + } - private static ObjectClassComplexTypeDefinition determineObjectClassInternal( - RefinedResourceSchema refinedSchema, QName objectclass, ShadowKindType kind, String intent, Object source) throws SchemaException { + private static ObjectClassComplexTypeDefinition determineObjectClassInternal( + RefinedResourceSchema refinedSchema, QName objectclass, ShadowKindType kind, String intent, Object source) throws SchemaException { - if (kind == null && intent == null && objectclass != null) { - // Return generic object class definition from resource schema. No kind/intent means that we want - // to process all kinds and intents in the object class. - ObjectClassComplexTypeDefinition objectClassDefinition = refinedSchema.getOriginalResourceSchema().findObjectClassDefinition(objectclass); - if (objectClassDefinition == null) { - throw new SchemaException("No object class "+objectclass+" in the schema for "+source); - } - return objectClassDefinition; - } - - RefinedObjectClassDefinition refinedObjectClassDefinition; - - if (kind != null) { - refinedObjectClassDefinition = refinedSchema.getRefinedDefinition(kind, intent); - LOGGER.trace("Determined refined object class {} by using kind={}, intent={}", - new Object[]{refinedObjectClassDefinition, kind, intent}); - } else if (objectclass != null) { - refinedObjectClassDefinition = refinedSchema.getRefinedDefinition(objectclass); - LOGGER.trace("Determined refined object class {} by using objectClass={}", - new Object[]{refinedObjectClassDefinition, objectclass}); - } else { - if (LOGGER.isTraceEnabled()) { - LOGGER.debug("No kind or objectclass specified in {}, assuming null object class", source); - } - refinedObjectClassDefinition = null; + if (kind == null && intent == null && objectclass != null) { + // Return generic object class definition from resource schema. No kind/intent means that we want + // to process all kinds and intents in the object class. + ObjectClassComplexTypeDefinition objectClassDefinition = refinedSchema.getOriginalResourceSchema().findObjectClassDefinition(objectclass); + if (objectClassDefinition == null) { + throw new SchemaException("No object class "+objectclass+" in the schema for "+source); + } + return objectClassDefinition; + } + + RefinedObjectClassDefinition refinedObjectClassDefinition; + + if (kind != null) { + refinedObjectClassDefinition = refinedSchema.getRefinedDefinition(kind, intent); + LOGGER.trace("Determined refined object class {} by using kind={}, intent={}", + new Object[]{refinedObjectClassDefinition, kind, intent}); + } else if (objectclass != null) { + refinedObjectClassDefinition = refinedSchema.getRefinedDefinition(objectclass); + LOGGER.trace("Determined refined object class {} by using objectClass={}", + new Object[]{refinedObjectClassDefinition, objectclass}); + } else { + if (LOGGER.isTraceEnabled()) { + LOGGER.debug("No kind or objectclass specified in {}, assuming null object class", source); } - - return refinedObjectClassDefinition; + refinedObjectClassDefinition = null; } + + return refinedObjectClassDefinition; + } - public static void encrypt(Collection> deltas, Protector protector, ModelExecuteOptions options, - OperationResult result) { - // Encrypt values even before we log anything. We want to avoid showing unencrypted values in the logfiles - if (!ModelExecuteOptions.isNoCrypt(options)) { - for(ObjectDelta delta: deltas) { - try { - CryptoUtil.encryptValues(protector, delta); - } catch (EncryptionException e) { - result.recordFatalError(e); - throw new SystemException(e.getMessage(), e); - } + public static void encrypt(Collection> deltas, Protector protector, ModelExecuteOptions options, + OperationResult result) { + // Encrypt values even before we log anything. We want to avoid showing unencrypted values in the logfiles + if (!ModelExecuteOptions.isNoCrypt(options)) { + for(ObjectDelta delta: deltas) { + try { + CryptoUtil.encryptValues(protector, delta); + } catch (EncryptionException e) { + result.recordFatalError(e); + throw new SystemException(e.getMessage(), e); } } } + } - public static void setRequestee(Task task, LensContext context) { - PrismObject object; - if (context != null && context.getFocusContext() != null - && UserType.class.isAssignableFrom(context.getFocusContext().getObjectTypeClass())) { - object = context.getFocusContext().getObjectAny(); - } else { - object = null; - } - setRequestee(task, object); - } - - public static void setRequestee(Task task, LensFocusContext context) { - setRequestee(task, context.getLensContext()); - } - - public static void setRequestee(Task task, PrismObject object) { - LOGGER.trace("setting requestee in {} to {}", task, object); - if (task != null) { - task.setRequesteeTransient(object); - } - } - - public static void clearRequestee(Task task) { - setRequestee(task, (PrismObject) null); - } - - public static boolean isDryRun(Task task) throws SchemaException { + public static void setRequestee(Task task, LensContext context) { + PrismObject object; + if (context != null && context.getFocusContext() != null + && UserType.class.isAssignableFrom(context.getFocusContext().getObjectTypeClass())) { + object = context.getFocusContext().getObjectAny(); + } else { + object = null; + } + setRequestee(task, object); + } + + public static void setRequestee(Task task, LensFocusContext context) { + setRequestee(task, context.getLensContext()); + } + + public static void setRequestee(Task task, PrismObject object) { + LOGGER.trace("setting requestee in {} to {}", task, object); + if (task != null) { + task.setRequesteeTransient(object); + } + } + + public static void clearRequestee(Task task) { + setRequestee(task, (PrismObject) null); + } + + public static boolean isDryRun(Task task) throws SchemaException { Boolean dryRun = isDryRunInternal(task); if (dryRun == null && task.isLightweightAsynchronousTask() && task.getParentForLightweightAsynchronousTask() != null) { dryRun = isDryRunInternal(task.getParentForLightweightAsynchronousTask()); @@ -468,12 +627,12 @@ public static boolean isDryRun(Task task) throws SchemaException { return dryRun != null ? dryRun : Boolean.FALSE; } - private static Boolean isDryRunInternal(Task task) throws SchemaException{ - Validate.notNull(task, "Task must not be null."); - if (task.getExtension() == null) { - return null; - } - PrismProperty item = task.getExtensionProperty(SchemaConstants.MODEL_EXTENSION_DRY_RUN); + static Boolean isDryRunInternal(Task task) throws SchemaException{ + Validate.notNull(task, "Task must not be null."); + if (task.getExtension() == null) { + return null; + } + PrismProperty item = task.getExtensionProperty(SchemaConstants.MODEL_EXTENSION_DRY_RUN); if (item == null || item.isEmpty()) { return null; } @@ -481,15 +640,15 @@ private static Boolean isDryRunInternal(Task task) throws SchemaException{ throw new SchemaException("Unexpected number of values for option 'dry run'."); } return item.getValues().iterator().next().getValue(); - } - - public static ModelExecuteOptions getModelExecuteOptions(Task task) throws SchemaException { - Validate.notNull(task, "Task must not be null."); - if (task.getExtension() == null) { - return null; - } - //LOGGER.info("Task:\n{}",task.debugDump(1)); - PrismProperty item = task.getExtensionProperty(SchemaConstants.C_MODEL_EXECUTE_OPTIONS); + } + + public static ModelExecuteOptions getModelExecuteOptions(Task task) throws SchemaException { + Validate.notNull(task, "Task must not be null."); + if (task.getExtension() == null) { + return null; + } + //LOGGER.info("Task:\n{}",task.debugDump(1)); + PrismProperty item = task.getExtensionProperty(SchemaConstants.C_MODEL_EXECUTE_OPTIONS); if (item == null || item.isEmpty()) { return null; } @@ -505,7 +664,7 @@ public static ModelExecuteOptions getModelExecuteOptions(Task task) throws Schem ModelExecuteOptions modelExecuteOptions = ModelExecuteOptions.fromModelExecutionOptionsType(modelExecuteOptionsType); //LOGGER.info("modelExecuteOptions: {}",modelExecuteOptions); return modelExecuteOptions; - } + } public static ExpressionVariables getDefaultExpressionVariables(@NotNull LensContext context, @Nullable LensProjectionContext projCtx) throws SchemaException { ExpressionVariables variables = new ExpressionVariables(); @@ -519,66 +678,66 @@ public static ExpressionVariables getDefaultExpressionVariables(@NotNull LensCon variables.addVariableDefinition(ExpressionConstants.VAR_ACCOUNT, projCtx.getObjectDeltaObject()); variables.addVariableDefinition(ExpressionConstants.VAR_RESOURCE, projCtx.getResource()); } - + variables.addVariableDefinition(ExpressionConstants.VAR_OPERATION, projCtx.getOperation().getValue()); variables.addVariableDefinition(ExpressionConstants.VAR_ITERATION, LensUtil.getIterationVariableValue(projCtx)); variables.addVariableDefinition(ExpressionConstants.VAR_ITERATION_TOKEN, LensUtil.getIterationTokenVariableValue(projCtx)); - + variables.addVariableDefinition(ExpressionConstants.VAR_CONFIGURATION, context.getSystemConfiguration()); return variables; } - public static ExpressionVariables getDefaultExpressionVariables(ObjectType focusType, - ShadowType shadowType, ResourceType resourceType, SystemConfigurationType configurationType) { - PrismObject focus = null; - if (focusType != null) { - focus = focusType.asPrismObject(); - } - PrismObject shadow = null; - if (shadowType != null) { - shadow = shadowType.asPrismObject(); - } - PrismObject resource = null; - if (resourceType != null) { - resource = resourceType.asPrismObject(); - } - PrismObject configuration = null; - if (configurationType != null) { - configuration = configurationType.asPrismObject(); - } + public static ExpressionVariables getDefaultExpressionVariables(ObjectType focusType, + ShadowType shadowType, ResourceType resourceType, SystemConfigurationType configurationType) { + PrismObject focus = null; + if (focusType != null) { + focus = focusType.asPrismObject(); + } + PrismObject shadow = null; + if (shadowType != null) { + shadow = shadowType.asPrismObject(); + } + PrismObject resource = null; + if (resourceType != null) { + resource = resourceType.asPrismObject(); + } + PrismObject configuration = null; + if (configurationType != null) { + configuration = configurationType.asPrismObject(); + } return getDefaultExpressionVariables(focus, shadow, null, resource, configuration, null); - } - - public static ExpressionVariables getDefaultExpressionVariables(PrismObject focus, - PrismObject shadow, ResourceShadowDiscriminator discr, - PrismObject resource, PrismObject configuration, LensElementContext affectedElementContext) { - ExpressionVariables variables = new ExpressionVariables(); - addDefaultExpressionVariables(variables, focus, shadow, discr, resource, configuration, affectedElementContext); - return variables; - } - - public static void addDefaultExpressionVariables(ExpressionVariables variables, PrismObject focus, - PrismObject shadow, ResourceShadowDiscriminator discr, - PrismObject resource, PrismObject configuration, LensElementContext affectedElementContext) { - - // Legacy. And convenience/understandability. - if (focus == null || focus.canRepresent(UserType.class) || (discr != null && discr.getKind() == ShadowKindType.ACCOUNT)) { - variables.addVariableDefinition(ExpressionConstants.VAR_USER, focus); - variables.addVariableDefinition(ExpressionConstants.VAR_ACCOUNT, shadow); - } + } - variables.addVariableDefinition(ExpressionConstants.VAR_FOCUS, focus); + public static ExpressionVariables getDefaultExpressionVariables(PrismObject focus, + PrismObject shadow, ResourceShadowDiscriminator discr, + PrismObject resource, PrismObject configuration, LensElementContext affectedElementContext) { + ExpressionVariables variables = new ExpressionVariables(); + addDefaultExpressionVariables(variables, focus, shadow, discr, resource, configuration, affectedElementContext); + return variables; + } + + public static void addDefaultExpressionVariables(ExpressionVariables variables, PrismObject focus, + PrismObject shadow, ResourceShadowDiscriminator discr, + PrismObject resource, PrismObject configuration, LensElementContext affectedElementContext) { + + // Legacy. And convenience/understandability. + if (focus == null || focus.canRepresent(UserType.class) || (discr != null && discr.getKind() == ShadowKindType.ACCOUNT)) { + variables.addVariableDefinition(ExpressionConstants.VAR_USER, focus); + variables.addVariableDefinition(ExpressionConstants.VAR_ACCOUNT, shadow); + } + + variables.addVariableDefinition(ExpressionConstants.VAR_FOCUS, focus); variables.addVariableDefinition(ExpressionConstants.VAR_SHADOW, shadow); variables.addVariableDefinition(ExpressionConstants.VAR_PROJECTION, shadow); variables.addVariableDefinition(ExpressionConstants.VAR_RESOURCE, resource); variables.addVariableDefinition(ExpressionConstants.VAR_CONFIGURATION, configuration); - + if (affectedElementContext != null) { variables.addVariableDefinition(ExpressionConstants.VAR_OPERATION, affectedElementContext.getOperation().getValue()); } } - public static void addAssignmentPathVariables(AssignmentPathVariables assignmentPathVariables, ExpressionVariables expressionVariables) { + public static void addAssignmentPathVariables(AssignmentPathVariables assignmentPathVariables, ExpressionVariables expressionVariables) { if (assignmentPathVariables != null) { expressionVariables.addVariableDefinition(ExpressionConstants.VAR_ASSIGNMENT, assignmentPathVariables.getMagicAssignment()); expressionVariables.addVariableDefinition(ExpressionConstants.VAR_ASSIGNMENT_PATH, assignmentPathVariables.getAssignmentPath()); @@ -591,7 +750,7 @@ public static void addAssignmentPathVariables(AssignmentPathVariables assignment // for null/empty paths we might consider creating empty AssignmentPathVariables objects to keep null/empty path distinction expressionVariables.addVariableDefinition(ExpressionConstants.VAR_ASSIGNMENT_PATH, null); } - } + } public static String getPolicyDesc(ObjectSynchronizationType synchronizationPolicy) { if (synchronizationPolicy == null) { @@ -651,77 +810,103 @@ public static PrismReferenceValue getAditTarget(ObjectDelta List evaluateScript( - ScriptExpression scriptExpression, LensContext lensContext, ExpressionVariables variables, boolean useNew, String shortDesc, Task task, OperationResult parentResult) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException { - ExpressionEnvironment env = new ExpressionEnvironment<>(); - env.setLensContext(lensContext); - env.setCurrentResult(parentResult); - env.setCurrentTask(task); - ModelExpressionThreadLocalHolder.pushExpressionEnvironment(env); - try { - return scriptExpression.evaluate(variables, ScriptExpressionReturnTypeType.SCALAR, useNew, shortDesc, task, parentResult); - } finally { - ModelExpressionThreadLocalHolder.popExpressionEnvironment(); -// if (lensContext.getDebugListener() != null) { -// lensContext.getDebugListener().afterScriptEvaluation(lensContext, scriptExpression); -// } - } - } - - public static void handleConnectorErrorCriticality(ResourceType resourceType, Throwable e) throws ObjectNotFoundException, CommunicationException, SchemaException, ConfigurationException, + ScriptExpression scriptExpression, LensContext lensContext, ExpressionVariables variables, boolean useNew, String shortDesc, Task task, OperationResult parentResult) throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException { + ExpressionEnvironment env = new ExpressionEnvironment<>(); + env.setLensContext(lensContext); + env.setCurrentResult(parentResult); + env.setCurrentTask(task); + ModelExpressionThreadLocalHolder.pushExpressionEnvironment(env); + try { + return scriptExpression.evaluate(variables, ScriptExpressionReturnTypeType.SCALAR, useNew, shortDesc, task, parentResult); + } finally { + ModelExpressionThreadLocalHolder.popExpressionEnvironment(); + // if (lensContext.getDebugListener() != null) { + // lensContext.getDebugListener().afterScriptEvaluation(lensContext, scriptExpression); + // } + } + } + + public static CriticalityType handleConnectorErrorCriticality(ResourceType resourceType, Throwable e, OperationResult result) throws ObjectNotFoundException, CommunicationException, SchemaException, ConfigurationException, SecurityViolationException, PolicyViolationException, ExpressionEvaluationException, ObjectAlreadyExistsException, PreconditionViolationException { + CriticalityType criticality; if (resourceType == null) { - throwException(e); + throwException(e, result); + return CriticalityType.FATAL; // not reached } else { ErrorSelectorType errorSelector = ResourceTypeUtil.getConnectorErrorCriticality(resourceType); - if (errorSelector == null) { - if (e instanceof CommunicationException) { - // Just continue evaluation. The error is recorded in the result. - // The consistency mechanism has (most likely) already done the best. - // We cannot do any better. - } else { - throwException(e); - } + if (e instanceof CommunicationException) { + // Network problem. Just continue evaluation. The error is recorded in the result. + // The consistency mechanism has (most likely) already done the best. + // We cannot do any better. + criticality = ExceptionUtil.getCriticality(errorSelector, e, CriticalityType.PARTIAL); + } else if (e instanceof SchemaException) { + // This may be caused by a variety of causes. It may be multiple values in a single-valued attribute. + // But it may also be duplicate value or a problem of resource-side password policy. + // Treat this as partial error by default. This is partially motivated by compatibility with + // midPoint 3.8 and earlier. This may be reviewed in the future. + criticality = ExceptionUtil.getCriticality(errorSelector, e, CriticalityType.PARTIAL); } else { - if (ExceptionUtil.isSelected(errorSelector, e, true)) { - throwException(e); - } else { - LOGGER.warn("Exception {} selected as non-critical in {}, continuing evaluation; exception message: {}", e.getClass().getSimpleName(), resourceType, e.getMessage()); - // Just continue evaluation. The error should be recorded in the result. - } + criticality = ExceptionUtil.getCriticality(errorSelector, e, CriticalityType.FATAL); } } + switch (criticality) { + case FATAL: + LOGGER.debug("Exception {} criticality set as FATAL in {}, stopping evaluation; exception message: {}", e.getClass().getSimpleName(), resourceType, e.getMessage()); + LOGGER.error("Fatal error while processing projection on {}: {}", resourceType, e.getMessage(), e); + throwException(e, result); + break; // not reached + case PARTIAL: + LOGGER.debug("Exception {} criticality set as PARTIAL in {}, continuing evaluation; exception message: {}", e.getClass().getSimpleName(), resourceType, e.getMessage()); + if (result != null) { + result.recordPartialError(e); + } + LOGGER.warn("Partial error while processing projection on {}: {}", resourceType, e.getMessage(), e); + break; + case IGNORE: + LOGGER.debug("Exception {} criticality set as IGNORE in {}, continuing evaluation; exception message: {}", e.getClass().getSimpleName(), resourceType, e.getMessage()); + if (result != null) { + result.recordHandledError(e); + } + LOGGER.debug("Ignored error while processing projection on {}: {}", resourceType, e.getMessage(), e); + break; + } + return criticality; } - private static void throwException(Throwable e) + static void throwException(Throwable e, OperationResult result) throws ObjectNotFoundException, CommunicationException, SchemaException, ConfigurationException, SecurityViolationException, PolicyViolationException, ExpressionEvaluationException, ObjectAlreadyExistsException, PreconditionViolationException { + if (result != null) { + result.recordFatalError(e); + } if (e instanceof RuntimeException) { throw (RuntimeException)e; } else if (e instanceof Error) { throw (Error)e; } else if (e instanceof ObjectNotFoundException) { throw (ObjectNotFoundException)e; - } else if (e instanceof ObjectNotFoundException) { - throw (CommunicationException)e; } else if (e instanceof CommunicationException) { + throw (CommunicationException)e; + } else if (e instanceof SchemaException) { throw (SchemaException)e; } else if (e instanceof SchemaException) { throw (ConfigurationException)e; } else if (e instanceof ConfigurationException) { - throw (SecurityViolationException)e; + throw (ConfigurationException)e; } else if (e instanceof SecurityViolationException) { - throw (PolicyViolationException)e; + throw (SecurityViolationException)e; } else if (e instanceof PolicyViolationException) { - throw (ExpressionEvaluationException)e; + throw (PolicyViolationException)e; } else if (e instanceof ExpressionEvaluationException) { - throw (ObjectAlreadyExistsException)e; + throw (ExpressionEvaluationException)e; } else if (e instanceof ObjectAlreadyExistsException) { - throw (ObjectNotFoundException)e; + throw (ObjectAlreadyExistsException)e; } else if (e instanceof PreconditionViolationException) { throw (PreconditionViolationException)e; } else { throw new SystemException(e.getMessage(), e); } } + } diff --git a/model/model-impl/src/main/resources/ctx-model.xml b/model/model-impl/src/main/resources/ctx-model.xml index 4e5cdac0b2e..d6aa1a86e56 100644 --- a/model/model-impl/src/main/resources/ctx-model.xml +++ b/model/model-impl/src/main/resources/ctx-model.xml @@ -1,7 +1,7 @@ - false - false + partial + partial diff --git a/model/model-intest/src/test/resources/manual/resource-dummy-itsm.xml b/model/model-intest/src/test/resources/manual/resource-dummy-itsm.xml index da3ee37ecb4..53e51095e5f 100644 --- a/model/model-intest/src/test/resources/manual/resource-dummy-itsm.xml +++ b/model/model-intest/src/test/resources/manual/resource-dummy-itsm.xml @@ -133,8 +133,8 @@ PT2H true - false - false + partial + partial diff --git a/model/model-test/pom.xml b/model/model-test/pom.xml index 644c29e7199..c85bfc40e17 100644 --- a/model/model-test/pom.xml +++ b/model/model-test/pom.xml @@ -112,6 +112,11 @@ task-api 3.9-SNAPSHOT + + com.evolveum.midpoint.repo + repo-common + 3.9-SNAPSHOT + com.evolveum.midpoint.repo repo-cache diff --git a/model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java b/model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java index 7590e6a8a99..82228d07ac4 100644 --- a/model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java +++ b/model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java @@ -122,6 +122,7 @@ import com.evolveum.midpoint.prism.xml.XmlTypeConverter; import com.evolveum.midpoint.provisioning.api.ProvisioningService; import com.evolveum.midpoint.repo.api.RepositoryService; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.GetOperationOptions; import com.evolveum.midpoint.schema.ObjectDeltaOperation; import com.evolveum.midpoint.schema.PointInTimeType; @@ -141,7 +142,6 @@ import com.evolveum.midpoint.schema.util.FocusTypeUtil; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; import com.evolveum.midpoint.schema.util.ObjectQueryUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.schema.util.ResourceTypeUtil; import com.evolveum.midpoint.schema.util.SchemaTestConstants; @@ -4004,12 +4004,12 @@ protected void assertNoGroupMembers(DummyGroup group) { IntegrationTestTools.assertNoGroupMembers(group); } - protected void login(String principalName) throws ObjectNotFoundException, SchemaException { + protected void login(String principalName) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(principalName); login(principal); } - protected void login(PrismObject user) throws SchemaException { + protected void login(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(user); login(principal); } @@ -4020,12 +4020,12 @@ protected void login(MidPointPrincipal principal) { securityContext.setAuthentication(authentication); } - protected void loginSuperUser(String principalName) throws SchemaException, ObjectNotFoundException { + protected void loginSuperUser(String principalName) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(principalName); loginSuperUser(principal); } - protected void loginSuperUser(PrismObject user) throws SchemaException { + protected void loginSuperUser(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(user); loginSuperUser(principal); } @@ -4556,7 +4556,7 @@ protected void assertNotAuthorized(MidPointPrincipal principal, String action, A assertFalse("AuthorizationEvaluator.isAuthorized: Principal " + principal + " IS authorized for action " + action + " (" + phase + ") but he should not be", isAuthorized); } - protected void assertAuthorizations(PrismObject user, String... expectedAuthorizations) throws ObjectNotFoundException, SchemaException { + protected void assertAuthorizations(PrismObject user, String... expectedAuthorizations) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(user); assertNotNull("No principal for "+user, principal); assertAuthorizations(principal, expectedAuthorizations); @@ -4571,7 +4571,7 @@ protected void assertAuthorizations(MidPointPrincipal principal, String... expec } - protected void assertNoAuthorizations(PrismObject user) throws ObjectNotFoundException, SchemaException { + protected void assertNoAuthorizations(PrismObject user) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal = userProfileService.getPrincipal(user); assertNotNull("No principal for "+user, principal); assertNoAuthorizations(principal); diff --git a/model/report-api/src/main/java/com/evolveum/midpoint/report/api/ReportService.java b/model/report-api/src/main/java/com/evolveum/midpoint/report/api/ReportService.java index 97381e9fc21..ee6de7c96fe 100644 --- a/model/report-api/src/main/java/com/evolveum/midpoint/report/api/ReportService.java +++ b/model/report-api/src/main/java/com/evolveum/midpoint/report/api/ReportService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,7 +44,7 @@ public interface ReportService { Collection> searchObjects(ObjectQuery query, Collection> options) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException; - Collection> evaluateScript(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException; + Collection> evaluateScript(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException; - Collection evaluateAuditScript(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException; + Collection evaluateAuditScript(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException; } diff --git a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointLocalQueryExecutor.java b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointLocalQueryExecutor.java index ddb29602ac2..f0e0b901b84 100644 --- a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointLocalQueryExecutor.java +++ b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointLocalQueryExecutor.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -90,7 +90,7 @@ protected Collection> searchObjects(Object que } @Override - protected Collection searchAuditRecords(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException { + protected Collection searchAuditRecords(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { return reportService.evaluateAuditScript(script, parameters); } diff --git a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointQueryExecutor.java b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointQueryExecutor.java index e265bb1de4e..f5727eb5f81 100644 --- a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointQueryExecutor.java +++ b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/MidPointQueryExecutor.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -130,7 +130,7 @@ protected MidPointQueryExecutor(JasperReportsContext jasperReportsContext, JRDat protected abstract Collection> evaluateScript(String script, Map parameters) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException; - protected abstract Collection searchAuditRecords(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException; + protected abstract Collection searchAuditRecords(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException; protected abstract JRDataSource createDataSourceFromObjects(Collection> results); diff --git a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportCreateTaskHandler.java b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportCreateTaskHandler.java index 13a2fc3a6bc..05b8e3242cc 100644 --- a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportCreateTaskHandler.java +++ b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportCreateTaskHandler.java @@ -29,6 +29,7 @@ import javax.annotation.PostConstruct; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.commandline.CommandLineScriptExecutor; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; @@ -76,7 +77,6 @@ import com.evolveum.midpoint.schema.constants.ExpressionConstants; import com.evolveum.midpoint.schema.result.OperationResult; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.schema.util.ReportTypeUtil; import com.evolveum.midpoint.task.api.Task; @@ -85,8 +85,12 @@ import com.evolveum.midpoint.task.api.TaskManager; import com.evolveum.midpoint.task.api.TaskRunResult; import com.evolveum.midpoint.task.api.TaskRunResult.TaskRunResultStatus; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.exception.SystemException; import com.evolveum.midpoint.util.logging.LoggingUtils; import com.evolveum.midpoint.util.logging.Trace; @@ -265,11 +269,11 @@ private boolean isSingleValue(String paramName, JRParameter[] jrParams) { return !List.class.isAssignableFrom(param.getValueClass()); } - private Map completeReport(ReportType parentReport, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + private Map completeReport(ReportType parentReport, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { return completeReport(parentReport, null, null, task, result); } - private Map completeReport(ReportType parentReport, JasperReport subReport, String subReportName, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + private Map completeReport(ReportType parentReport, JasperReport subReport, String subReportName, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Map params = new HashMap<>(); if (subReport != null && StringUtils.isNotBlank(subReportName)) { @@ -342,7 +346,7 @@ private Map prepareReportParameters(ReportType reportType, Opera return params; } - private Map processSubreportParameters(ReportType reportType, Task task, OperationResult subreportResult) throws SchemaException, ObjectNotFoundException { + private Map processSubreportParameters(ReportType reportType, Task task, OperationResult subreportResult) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Map subreportParameters = new HashMap<>(); for (SubreportType subreport : reportType.getSubreport()) { Map subreportParam = getSubreportParameters(subreport, task, subreportResult); @@ -354,7 +358,7 @@ private Map processSubreportParameters(ReportType reportType, Ta } private Map getSubreportParameters(SubreportType subreportType, Task task, OperationResult subResult) - throws SchemaException, ObjectNotFoundException { + throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { Map reportParams = new HashMap<>(); ReportType reportType = objectResolver.resolve(subreportType.getReportRef(), ReportType.class, null, "resolve subreport", task, subResult); diff --git a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportServiceImpl.java b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportServiceImpl.java index ffff9693604..2a43da589f6 100644 --- a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportServiceImpl.java +++ b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportServiceImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,6 +35,7 @@ import com.evolveum.midpoint.audit.api.AuditEventRecord; import com.evolveum.midpoint.audit.api.AuditService; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.repo.common.expression.ExpressionFactory; import com.evolveum.midpoint.repo.common.expression.ExpressionUtil; import com.evolveum.midpoint.repo.common.expression.ExpressionVariables; @@ -55,7 +56,6 @@ import com.evolveum.midpoint.schema.GetOperationOptions; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.task.api.TaskManager; import com.evolveum.midpoint.util.exception.CommunicationException; @@ -172,7 +172,7 @@ public Collection> searchObjects(ObjectQuery q public Collection> evaluateScript(String script, Map parameters) throws SchemaException, ExpressionEvaluationException, - ObjectNotFoundException { + ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { List> results = new ArrayList<>(); ExpressionVariables variables = new ExpressionVariables(); @@ -229,7 +229,7 @@ protected PrismContainerValue convertResultingObject(Object obj) { } public Collection evaluateAuditScript(String script, Map parameters) - throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException { + throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException { Collection results = new ArrayList<>(); ExpressionVariables variables = new ExpressionVariables(); diff --git a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportWebService.java b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportWebService.java index db1d4d2d568..5ddf2c82a59 100644 --- a/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportWebService.java +++ b/model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportWebService.java @@ -1,3 +1,18 @@ +/* + * Copyright (c) 2010-2018 Evolveum + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package com.evolveum.midpoint.report.impl; import java.util.Collection; @@ -52,11 +67,9 @@ public class ReportWebService implements ReportPortType, ReportPort { public ObjectListType evaluateScript(String script, RemoteReportParametersType parameters) { try { Map params = getParamsMap(parameters); - Collection resultList = reportService.evaluateScript(script, - params); + Collection resultList = reportService.evaluateScript(script, params); return createObjectListType(resultList); - } catch (SchemaException | ExpressionEvaluationException | ObjectNotFoundException e) { - // TODO Auto-generated catch block + } catch (Throwable e) { throw new Fault(e); } @@ -69,7 +82,7 @@ public AuditEventRecordListType evaluateAuditScript(String script, RemoteReportP Map params = getParamsMap(parameters); Collection resultList = reportService.evaluateAuditScript(script, params); return createAuditEventRecordListType(resultList); - } catch (SchemaException | ExpressionEvaluationException | ObjectNotFoundException e) { + } catch (Throwable e) { // TODO Auto-generated catch block throw new Fault(e); } diff --git a/model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/aspect/BasePrimaryChangeAspect.java b/model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/aspect/BasePrimaryChangeAspect.java index 0ea8c3e3821..ad4b5019291 100644 --- a/model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/aspect/BasePrimaryChangeAspect.java +++ b/model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/aspect/BasePrimaryChangeAspect.java @@ -24,7 +24,7 @@ import com.evolveum.midpoint.model.impl.expr.ExpressionEnvironment; import com.evolveum.midpoint.model.impl.expr.ModelExpressionThreadLocalHolder; import com.evolveum.midpoint.model.impl.lens.LensContext; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.PrismReferenceValue; @@ -183,7 +183,7 @@ private List r try { PrismObject systemConfiguration = systemObjectCache.getSystemConfiguration(result); - ExpressionVariables variables = Utils.getDefaultExpressionVariables(getFocusObjectable(lensContext), null, null, systemConfiguration.asObjectable()); + ExpressionVariables variables = ModelImplUtils.getDefaultExpressionVariables(getFocusObjectable(lensContext), null, null, systemConfiguration.asObjectable()); ObjectFilter origFilter = QueryConvertor.parseFilter(filter, clazz, prismContext); ObjectFilter evaluatedFilter = ExpressionUtil diff --git a/model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/legacy/AbstractWfTestLegacy.java b/model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/legacy/AbstractWfTestLegacy.java index b90bce827d7..aed9e7096c2 100644 --- a/model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/legacy/AbstractWfTestLegacy.java +++ b/model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/legacy/AbstractWfTestLegacy.java @@ -24,7 +24,7 @@ import com.evolveum.midpoint.model.impl.controller.ModelOperationTaskHandler; import com.evolveum.midpoint.model.impl.lens.Clockwork; import com.evolveum.midpoint.model.impl.lens.LensContext; -import com.evolveum.midpoint.model.impl.util.Utils; +import com.evolveum.midpoint.model.impl.util.ModelImplUtils; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.PrismProperty; import com.evolveum.midpoint.prism.delta.ItemDelta; @@ -498,7 +498,7 @@ ObjectDelta encryptAndAddFocusModificationToContext( file, ObjectModificationType.COMPLEX_TYPE); ObjectDelta focusDelta = DeltaConvertor.createObjectDelta( modElement, context.getFocusClass(), prismContext); - Utils.encrypt((Collection) Arrays.asList(focusDelta), protector, null, new OperationResult("dummy")); + ModelImplUtils.encrypt((Collection) Arrays.asList(focusDelta), protector, null, new OperationResult("dummy")); return addFocusDeltaToContext(context, focusDelta); } } diff --git a/repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java b/repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java index 984b231d1ae..7606f7d4b5b 100644 --- a/repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java +++ b/repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java @@ -159,7 +159,7 @@ public interface RepositoryService { * @throws IllegalArgumentException * wrong OID format, etc. */ - PrismObject getObject(Class type, String oid, Collection> options, + PrismObject getObject(Class type, String oid, Collection> options, OperationResult parentResult) throws ObjectNotFoundException, SchemaException; diff --git a/infra/test-util/src/main/java/com/evolveum/midpoint/test/util/DirectoryFileObjectResolver.java b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/DirectoryFileObjectResolver.java similarity index 71% rename from infra/test-util/src/main/java/com/evolveum/midpoint/test/util/DirectoryFileObjectResolver.java rename to repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/DirectoryFileObjectResolver.java index c9a8bccfb57..cc2db0cbb4e 100644 --- a/infra/test-util/src/main/java/com/evolveum/midpoint/test/util/DirectoryFileObjectResolver.java +++ b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/DirectoryFileObjectResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package com.evolveum.midpoint.test.util; +package com.evolveum.midpoint.repo.common; import java.io.File; import java.io.IOException; @@ -25,9 +25,10 @@ import com.evolveum.midpoint.schema.ResultHandler; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; +import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.CommunicationException; import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SecurityViolationException; @@ -37,7 +38,11 @@ import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; /** - * @author semancik + * Object resolver that works on files in a directory. + * This is only used in tests. But due to complicated dependencies this is + * part of main code. That does not hurt much. + * + * @author Radovan Semancik * */ public class DirectoryFileObjectResolver implements ObjectResolver { @@ -52,17 +57,8 @@ public DirectoryFileObjectResolver(File directory) { @Override public T resolve(ObjectReferenceType ref, Class expectedType, Collection> options, String contextDescription, - Object task, OperationResult result) throws ObjectNotFoundException, SchemaException { - File file = new File( directory, oidToFilename(ref.getOid())); - if (file.exists()) { - try { - return (T)PrismTestUtil.parseObject(file).asObjectable(); - } catch (IOException e) { - throw new SystemException(e.getMessage(), e); - } - } else { - throw new ObjectNotFoundException("Object "+ref.getOid()+" does not exists"); - } + Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { + return getObject(expectedType, ref.getOid(), options, task, result); } private String oidToFilename(String oid) { @@ -81,5 +77,22 @@ public void searchIterative(Class type, ObjectQuery qu throw new UnsupportedOperationException(); } + @Override + public T getObject(Class clazz, String oid, + Collection> options, Task task, OperationResult result) + throws ObjectNotFoundException, CommunicationException, SchemaException, ConfigurationException, + SecurityViolationException, ExpressionEvaluationException { + File file = new File( directory, oidToFilename(oid)); + if (file.exists()) { + try { + return (T)PrismTestUtil.parseObject(file).asObjectable(); + } catch (IOException e) { + throw new SystemException(e.getMessage(), e); + } + } else { + throw new ObjectNotFoundException("Object "+oid+" does not exists"); + } + } + } diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectResolver.java b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/ObjectResolver.java similarity index 84% rename from infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectResolver.java rename to repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/ObjectResolver.java index e2ab5eb0f0f..e3f5662b593 100644 --- a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectResolver.java +++ b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/ObjectResolver.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package com.evolveum.midpoint.schema.util; +package com.evolveum.midpoint.repo.common; import java.util.Collection; import java.util.HashMap; @@ -27,6 +27,7 @@ import com.evolveum.midpoint.schema.ResultHandler; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.result.OperationResult; +import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.CommunicationException; import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; @@ -65,9 +66,12 @@ public interface ObjectResolver { * * TODO resolve module dependencies to allow task to be of type Task */ - T resolve(ObjectReferenceType ref, Class expectedType, Collection> options, - String contextDescription, Object task, OperationResult result) - throws ObjectNotFoundException, SchemaException; + O resolve(ObjectReferenceType ref, Class expectedType, Collection> options, + String contextDescription, Task task, OperationResult result) + throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; + + O getObject(Class clazz, String oid, Collection> options, Task task, + OperationResult result) throws ObjectNotFoundException, CommunicationException, SchemaException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; void searchIterative(Class type, ObjectQuery query, Collection> options, ResultHandler handler, Object task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; diff --git a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/AbstractObjectResolvableExpressionEvaluatorFactory.java b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/AbstractObjectResolvableExpressionEvaluatorFactory.java index ff210a3c60f..485e28b3055 100644 --- a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/AbstractObjectResolvableExpressionEvaluatorFactory.java +++ b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/AbstractObjectResolvableExpressionEvaluatorFactory.java @@ -18,7 +18,7 @@ import javax.annotation.PostConstruct; import com.evolveum.midpoint.common.LocalizationService; -import com.evolveum.midpoint.schema.util.ObjectResolver; +import com.evolveum.midpoint.repo.common.ObjectResolver; /** * This is NOT autowired evaluator. There is special need to manipulate objectResolver. diff --git a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/Expression.java b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/Expression.java index 449b61b5097..06fc7d8de94 100644 --- a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/Expression.java +++ b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/Expression.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -36,9 +36,9 @@ import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.prism.delta.PrismValueDeltaSetTriple; import com.evolveum.midpoint.prism.path.ItemPath; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.internals.InternalsConfig; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.util.MiscUtil; import com.evolveum.midpoint.util.exception.CommunicationException; @@ -305,7 +305,7 @@ private void appendTraceFooter(StringBuilder sb) { } private ExpressionVariables processInnerVariables(ExpressionVariables variables, String contextDescription, - Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (expressionType == null) { // shortcut return variables; diff --git a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionFactory.java b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionFactory.java index a62ab84d2c0..72ef8ba2cfa 100644 --- a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionFactory.java +++ b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionFactory.java @@ -27,8 +27,8 @@ import com.evolveum.midpoint.prism.PrismValue; import com.evolveum.midpoint.repo.common.CacheRegistry; import com.evolveum.midpoint.repo.common.Cacheable; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; diff --git a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionUtil.java b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionUtil.java index c8d590280e0..c651c74ec0d 100644 --- a/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionUtil.java +++ b/repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/ExpressionUtil.java @@ -42,9 +42,9 @@ import com.evolveum.midpoint.prism.util.PrismUtil; import com.evolveum.midpoint.prism.xml.XmlTypeConverter; import com.evolveum.midpoint.prism.xml.XsdTypeMapper; +import com.evolveum.midpoint.repo.common.ObjectResolver; import com.evolveum.midpoint.schema.constants.ExpressionConstants; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.security.api.MidPointPrincipal; import com.evolveum.midpoint.security.api.SecurityContextManager; import com.evolveum.midpoint.task.api.Task; @@ -172,7 +172,7 @@ public static O convertValue(Class finalExpectedJavaType, Function Collection computeTargetValues(VariableBindingDefinitionType target, Object defaultTargetContext, ExpressionVariables variables, ObjectResolver objectResolver, String contextDesc, - Task task, OperationResult result) throws SchemaException, ObjectNotFoundException { + Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (target == null) { // Is this correct? What about default targets? return null; @@ -256,7 +256,7 @@ public static Collection computeT // TODO what about collections of values? public static Object convertVariableValue(Object originalValue, String variableName, ObjectResolver objectResolver, - String contextDescription, PrismContext prismContext, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException { + String contextDescription, PrismContext prismContext, Task task, OperationResult result) throws ExpressionSyntaxException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (originalValue instanceof PrismValue) { ((PrismValue) originalValue).setPrismContext(prismContext); // TODO - or revive? Or make sure prismContext is set here? } else if (originalValue instanceof Item) { @@ -330,7 +330,7 @@ public static Object convertVariableValue(Object originalValue, String variableN private static PrismObject resolveReference(ObjectReferenceType ref, ObjectResolver objectResolver, String varDesc, String contextDescription, Task task, OperationResult result) - throws SchemaException, ObjectNotFoundException { + throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { if (ref.getOid() == null) { throw new SchemaException( "Null OID in reference in variable " + varDesc + " in " + contextDescription); @@ -351,6 +351,18 @@ private static PrismObject resolveReference(ObjectReferenceType ref, ObjectRe } catch (SchemaException e) { throw new SchemaException("Schema error during variable " + varDesc + " resolution in " + contextDescription + ": " + e.getMessage(), e); + } catch (CommunicationException e) { + throw new CommunicationException("Communication error during variable " + varDesc + + " resolution in " + contextDescription + ": " + e.getMessage(), e); + } catch (ConfigurationException e) { + throw new ConfigurationException("Configuration error during variable " + varDesc + + " resolution in " + contextDescription + ": " + e.getMessage(), e); + } catch (SecurityViolationException e) { + throw new SecurityViolationException("Security violation during variable " + varDesc + + " resolution in " + contextDescription + ": " + e.getMessage(), e); + } catch (ExpressionEvaluationException e) { + throw new ExpressionEvaluationException("Expression evaluation error during variable " + varDesc + + " resolution in " + contextDescription + ": " + e.getMessage(), e); } } } diff --git a/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java b/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java index 2b9155fc7a3..fdacae0febf 100644 --- a/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java +++ b/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java @@ -82,10 +82,10 @@ import com.evolveum.midpoint.schema.result.OperationResultStatus; import com.evolveum.midpoint.schema.util.FocusTypeUtil; import com.evolveum.midpoint.schema.util.MiscSchemaUtil; -import com.evolveum.midpoint.schema.util.ObjectResolver; import com.evolveum.midpoint.schema.util.ObjectTypeUtil; import com.evolveum.midpoint.schema.util.ResourceTypeUtil; import com.evolveum.midpoint.schema.util.ShadowUtil; +import com.evolveum.midpoint.schema.util.SimpleObjectResolver; import com.evolveum.midpoint.task.api.Task; import com.evolveum.midpoint.task.api.TaskManager; import com.evolveum.midpoint.test.asserter.FocusAsserter; @@ -187,7 +187,7 @@ public abstract class AbstractIntegrationTest extends AbstractTestNGSpringContex @Autowired(required = false) @Qualifier("repoObjectResolver") - protected ObjectResolver repoObjectResolver; + protected SimpleObjectResolver repoObjectResolver; // Controllers for embedded OpenDJ and Derby. The abstract test will configure it, but // it will not start diff --git a/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/RepoObjectResolver.java b/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/RepoObjectResolver.java index 96659b590a8..41715a23b99 100644 --- a/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/RepoObjectResolver.java +++ b/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/RepoObjectResolver.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2017 Evolveum + * Copyright (c) 2017-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,35 +17,31 @@ import java.util.Collection; -import javax.xml.namespace.QName; - import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import com.evolveum.midpoint.prism.PrismContext; +import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.prism.query.ObjectQuery; import com.evolveum.midpoint.repo.api.RepositoryService; import com.evolveum.midpoint.schema.GetOperationOptions; import com.evolveum.midpoint.schema.ResultHandler; import com.evolveum.midpoint.schema.SelectorOptions; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; -import com.evolveum.midpoint.util.exception.CommonException; +import com.evolveum.midpoint.schema.util.SimpleObjectResolver; import com.evolveum.midpoint.util.exception.CommunicationException; import com.evolveum.midpoint.util.exception.ConfigurationException; import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SecurityViolationException; -import com.evolveum.midpoint.util.exception.SystemException; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; /** * @author semancik * */ -public class RepoObjectResolver implements ObjectResolver { +public class RepoObjectResolver implements SimpleObjectResolver { @Autowired(required = true) private transient PrismContext prismContext; @@ -54,31 +50,14 @@ public class RepoObjectResolver implements ObjectResolver { @Qualifier("cacheRepositoryService") private transient RepositoryService cacheRepositoryService; + @Override - public O resolve(ObjectReferenceType ref, Class expectedType, - Collection> options, String contextDescription, Object task, - OperationResult result) throws ObjectNotFoundException, SchemaException { - String oid = ref.getOid(); - Class typeClass = null; - QName typeQName = ref.getType(); - if (typeQName != null) { - typeClass = prismContext.getSchemaRegistry().determineCompileTimeClass(typeQName); - } - if (typeClass != null && expectedType.isAssignableFrom(typeClass)) { - expectedType = (Class) typeClass; - } - try { - return cacheRepositoryService.getObject(expectedType, oid, options, result).asObjectable(); - } catch (SystemException ex) { - throw ex; - } catch (ObjectNotFoundException ex) { - throw ex; - } catch (CommonException ex) { - throw new SystemException("Error resolving object with oid '" + oid + "': "+ex.getMessage(), ex); - } + public PrismObject getObject(Class expectedType, String oid, + Collection> options, OperationResult parentResult) + throws ObjectNotFoundException, SchemaException { + return cacheRepositoryService.getObject(expectedType, oid, options, parentResult); } - - @Override + public void searchIterative(Class type, ObjectQuery query, Collection> options, ResultHandler handler, Object task, OperationResult parentResult) @@ -89,4 +68,6 @@ public void searchIterative(Class type, ObjectQuery qu } + + } diff --git a/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/AbstractAsserter.java b/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/AbstractAsserter.java index 0df0c0416ea..bc544bba91a 100644 --- a/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/AbstractAsserter.java +++ b/repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/AbstractAsserter.java @@ -20,14 +20,13 @@ import com.evolveum.midpoint.prism.PrismContext; import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.schema.result.OperationResult; -import com.evolveum.midpoint.schema.util.ObjectResolver; +import com.evolveum.midpoint.schema.util.SimpleObjectResolver; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; -import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; /** - * @author semancik + * @author Radovan Semancik * */ public abstract class AbstractAsserter { @@ -35,7 +34,7 @@ public abstract class AbstractAsserter { private String details; private RA returnAsserter; private PrismContext prismContext; - private ObjectResolver objectResolver; + private SimpleObjectResolver objectResolver; public AbstractAsserter() { this(null); @@ -60,11 +59,11 @@ public void setPrismContext(PrismContext prismContext) { this.prismContext = prismContext; } - protected ObjectResolver getObjectResolver() { + protected SimpleObjectResolver getObjectResolver() { return objectResolver; } - public void setObjectResolver(ObjectResolver objectResolver) { + public void setObjectResolver(SimpleObjectResolver objectResolver) { this.objectResolver = objectResolver; } @@ -92,11 +91,8 @@ protected PrismObject resolveObject(Class type, Str if (objectResolver == null) { throw new IllegalStateException("Cannot resolve object "+type.getSimpleName()+" "+oid+" because there is no resolver"); } - ObjectReferenceType ref = new ObjectReferenceType(); - ref.setOid(oid); OperationResult result = new OperationResult("AbstractAsserter.resolveObject"); - O objectType = objectResolver.resolve(ref, type, null, desc(), null, result); - return (PrismObject) objectType.asPrismObject(); + return objectResolver.getObject(type, oid, null, result); } abstract protected String desc(); diff --git a/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OwnerResolver.java b/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OwnerResolver.java index 7782572b857..f200435a143 100644 --- a/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OwnerResolver.java +++ b/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OwnerResolver.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2014-2017 Evolveum + * Copyright (c) 2014-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,10 @@ package com.evolveum.midpoint.security.api; import com.evolveum.midpoint.prism.PrismObject; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; @@ -28,6 +32,6 @@ */ public interface OwnerResolver { - PrismObject resolveOwner(PrismObject object); + PrismObject resolveOwner(PrismObject object) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; } diff --git a/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/SecurityContextManager.java b/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/SecurityContextManager.java index b639a1b2c38..be7d40d8adb 100644 --- a/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/SecurityContextManager.java +++ b/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/SecurityContextManager.java @@ -1,5 +1,5 @@ /** - * Copyright (c) 2017 Evolveum + * Copyright (c) 2017-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,6 +20,9 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.util.Producer; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; @@ -46,9 +49,9 @@ public interface SecurityContextManager { void setupPreAuthenticatedSecurityContext(MidPointPrincipal principal); - void setupPreAuthenticatedSecurityContext(PrismObject user) throws SchemaException; + void setupPreAuthenticatedSecurityContext(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; - T runAs(Producer producer, PrismObject user) throws SchemaException; + T runAs(Producer producer, PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; T runPrivileged(Producer producer); diff --git a/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/UserProfileService.java b/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/UserProfileService.java index 79073e92d4e..76b952c5587 100644 --- a/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/UserProfileService.java +++ b/repo/security-api/src/main/java/com/evolveum/midpoint/security/api/UserProfileService.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,8 +18,12 @@ import com.evolveum.midpoint.prism.PrismObject; import com.evolveum.midpoint.schema.result.OperationResult; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; @@ -40,13 +44,13 @@ public interface UserProfileService extends OwnerResolver { String OPERATION_GET_PRINCIPAL = DOT_CLASS + "getPrincipal"; String OPERATION_UPDATE_USER = DOT_CLASS + "updateUser"; - MidPointPrincipal getPrincipal(String username) throws ObjectNotFoundException, SchemaException; + MidPointPrincipal getPrincipal(String username) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; - MidPointPrincipal getPrincipalByOid(String oid) throws ObjectNotFoundException, SchemaException; + MidPointPrincipal getPrincipalByOid(String oid) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; - MidPointPrincipal getPrincipal(PrismObject user) throws SchemaException; + MidPointPrincipal getPrincipal(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; - MidPointPrincipal getPrincipal(PrismObject user, AuthorizationTransformer authorizationTransformer, OperationResult result) throws SchemaException; + MidPointPrincipal getPrincipal(PrismObject user, AuthorizationTransformer authorizationTransformer, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException; void updateUser(MidPointPrincipal principal); diff --git a/repo/security-impl/src/main/java/com/evolveum/midpoint/security/impl/SecurityContextManagerImpl.java b/repo/security-impl/src/main/java/com/evolveum/midpoint/security/impl/SecurityContextManagerImpl.java index bcf1ebd4ffd..89b2290cc39 100644 --- a/repo/security-impl/src/main/java/com/evolveum/midpoint/security/impl/SecurityContextManagerImpl.java +++ b/repo/security-impl/src/main/java/com/evolveum/midpoint/security/impl/SecurityContextManagerImpl.java @@ -35,6 +35,9 @@ import com.evolveum.midpoint.security.api.SecurityUtil; import com.evolveum.midpoint.security.api.UserProfileService; import com.evolveum.midpoint.util.Producer; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.logging.Trace; @@ -91,7 +94,7 @@ public void setupPreAuthenticatedSecurityContext(MidPointPrincipal principal) { } @Override - public void setupPreAuthenticatedSecurityContext(PrismObject user) throws SchemaException { + public void setupPreAuthenticatedSecurityContext(PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { MidPointPrincipal principal; if (userProfileService == null) { LOGGER.warn("No user profile service set up in SecurityEnforcer. " @@ -104,7 +107,7 @@ public void setupPreAuthenticatedSecurityContext(PrismObject user) thr } @Override - public T runAs(Producer producer, PrismObject user) throws SchemaException { + public T runAs(Producer producer, PrismObject user) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException { LOGGER.debug("Running {} as {}", producer, user); Authentication origAuthentication = SecurityContextHolder.getContext().getAuthentication(); diff --git a/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/TaskManagerQuartzImpl.java b/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/TaskManagerQuartzImpl.java index a014e2de69c..afe4c822493 100644 --- a/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/TaskManagerQuartzImpl.java +++ b/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/TaskManagerQuartzImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2017 Evolveum + * Copyright (c) 2010-2018 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -83,9 +83,13 @@ import com.evolveum.midpoint.task.quartzimpl.cluster.ClusterStatusInformation; import com.evolveum.midpoint.task.quartzimpl.execution.ExecutionManager; import com.evolveum.midpoint.task.quartzimpl.execution.StalledTasksWatcher; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.exception.SystemException; import com.evolveum.midpoint.util.logging.LoggingUtils; import com.evolveum.midpoint.util.logging.Trace; @@ -1069,10 +1073,10 @@ public void startLightweightTask(final TaskQuartzImpl task) { try { // Setup Spring Security context securityContextManager.setupPreAuthenticatedSecurityContext(task.getOwner()); - } catch (SchemaException e) { + } catch (SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { LoggingUtils.logUnexpectedException(LOGGER, "Couldn't set up task security context {}", e, task); throw new SystemException(e.getMessage(), e); - } + } try { task.setLightweightHandlerExecuting(true); diff --git a/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/execution/JobExecutor.java b/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/execution/JobExecutor.java index 42957848eff..a27d58ab9da 100644 --- a/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/execution/JobExecutor.java +++ b/repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/execution/JobExecutor.java @@ -29,9 +29,13 @@ import com.evolveum.midpoint.task.quartzimpl.TaskQuartzImplUtil; import com.evolveum.midpoint.task.quartzimpl.cluster.ClusterStatusInformation; import com.evolveum.midpoint.task.quartzimpl.work.WorkStateManager; +import com.evolveum.midpoint.util.exception.CommunicationException; +import com.evolveum.midpoint.util.exception.ConfigurationException; +import com.evolveum.midpoint.util.exception.ExpressionEvaluationException; import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException; import com.evolveum.midpoint.util.exception.ObjectNotFoundException; import com.evolveum.midpoint.util.exception.SchemaException; +import com.evolveum.midpoint.util.exception.SecurityViolationException; import com.evolveum.midpoint.util.exception.SystemException; import com.evolveum.midpoint.util.logging.LoggingUtils; import com.evolveum.midpoint.util.logging.Trace; @@ -181,7 +185,7 @@ public void execute(JobExecutionContext context) throws JobExecutionException { // just to be sure we won't run the owner-setting login with any garbage security context (see MID-4160) taskManagerImpl.getSecurityContextManager().setupPreAuthenticatedSecurityContext((Authentication) null); taskManagerImpl.getSecurityContextManager().setupPreAuthenticatedSecurityContext(taskOwner); - } catch (SchemaException e) { + } catch (SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { LoggingUtils.logUnexpectedException(LOGGER, "Task with OID {} cannot be executed: error setting security context", e, oid); return; }