Schema cleanup: Password policy -> security, migration comment

infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd

@@ -5870,6 +5870,7 @@
                     <a:element>tns:passwordPolicyRef</a:element>
                     <a:version>4.4</a:version>
                     <a:operation>removed</a:operation>
+                    <a:comment>Use securityPolicyRef in objectType element (ResourceObjectTypeDefinitionType) instead.</a:comment>
                 </a:schemaMigration>
             </xsd:appinfo>
         </xsd:annotation>

model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/AbstractConfiguredModelIntegrationTest.java

@@ -462,6 +462,9 @@ public class AbstractConfiguredModelIntegrationTest extends AbstractEmptyModelIn
     protected static final File SECURITY_POLICY_FILE = new File(COMMON_DIR, "security-policy.xml");
     protected static final String SECURITY_POLICY_OID = "28bf845a-b107-11e3-85bc-001e8c717e5b";
 
+    protected static final File SECURITY_POLICY_BENEVOLENT_FILE = new File(COMMON_DIR, "security-policy-benevolent.xml");
+    protected static final String SECURITY_POLICY_BENEVOLENT_OID = "ed8026dc-eeee-eeee-eeee-4fce56706755";
+
     protected static final File ARCHETYPE_TASK_RECONCILIATION_FILE = new File(COMMON_DIR, "archetype-task-reconciliation.xml");
     protected static final String ARCHETYPE_TASK_RECONCILIATION_OID = "00000000-0000-0000-0000-000000000501";
 

model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/AbstractInitializedModelIntegrationTest.java

@@ -253,8 +253,9 @@ public void initSystem(Task initTask, OperationResult initResult) throws Excepti
         // Custom function libraries
         repoAddObjectFromFile(CUSTOM_LIBRARY_FILE, initResult);
 
-        // Password policy
+        // Password & security policy
         repoAddObjectFromFile(PASSWORD_POLICY_BENEVOLENT_FILE, initResult);
+        repoAddObjectFromFile(SECURITY_POLICY_BENEVOLENT_FILE, initResult);
 
         // Archetypes
         repoAddObjectFromFile(ARCHETYPE_APPROVAL_CASE_FILE, initResult);

model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/password/AbstractPasswordTest.java

@@ -107,6 +107,12 @@ public abstract class AbstractPasswordTest extends AbstractInitializedModelInteg
     protected static final File PASSWORD_POLICY_MAVERICK_FILE = new File(TEST_DIR, "password-policy-maverick.xml");
     protected static final String PASSWORD_POLICY_MAVERICK_OID = "b26d2bd4-ff83-11e7-94b3-8fa7a87aac6c";
 
+    protected static final File SECURITY_POLICY_UGLY_FILE = new File(TEST_DIR, "security-policy-ugly.xml");
+    protected static final String SECURITY_POLICY_UGLY_OID = "cfb3fa9e-eeee-eeee-eeee-dbebaacaf4ee";
+
+    protected static final File SECURITY_POLICY_MAVERICK_FILE = new File(TEST_DIR, "security-policy-maverick.xml");
+    protected static final String SECURITY_POLICY_MAVERICK_OID = "b26d2bd4-eeee-eeee-eeee-8fa7a87aac6c";
+
     protected static final File SECURITY_POLICY_DEFAULT_STORAGE_HASHING_FILE = new File(TEST_DIR, "security-policy-default-storage-hashing.xml");
     protected static final String SECURITY_POLICY_DEFAULT_STORAGE_HASHING_OID = "0ea3b93c-0425-11e7-bbc1-73566dc53d59";
 
@@ -144,6 +150,7 @@ public void initSystem(Task initTask, OperationResult initResult) throws Excepti
         super.initSystem(initTask, initResult);
 
         importObjectFromFile(PASSWORD_POLICY_UGLY_FILE);
+        importObjectFromFile(SECURITY_POLICY_UGLY_FILE);
         importObjectFromFile(SECURITY_POLICY_DEFAULT_STORAGE_HASHING_FILE);
         importObjectFromFile(SECURITY_POLICY_PASSWORD_STORAGE_NONE_FILE);
 
@@ -158,6 +165,7 @@ public void initSystem(Task initTask, OperationResult initResult) throws Excepti
         repoAddObjectFromFile(ROLE_END_USER_FILE, initResult);
 
         importObjectFromFile(PASSWORD_POLICY_MAVERICK_FILE);
+        importObjectFromFile(SECURITY_POLICY_MAVERICK_FILE);
         initDummyResourcePirate(RESOURCE_DUMMY_MAVERICK_NAME, RESOURCE_DUMMY_MAVERICK_FILE, RESOURCE_DUMMY_MAVERICK_OID, initTask, initResult);
 
         login(USER_ADMINISTRATOR_USERNAME);

model/model-intest/src/test/resources/common/resource-dummy-black.xml

@@ -168,10 +168,10 @@
             <credentials>
                 <password>
                     <outbound/>
-                    <!-- MID-3682 -->
-                    <passwordPolicyRef oid="ed8026dc-569a-11e7-abdf-4fce56706755"/> <!-- Benevolent password policy -->
                 </password>
             </credentials>
+            <!-- MID-3682 -->
+            <securityPolicyRef oid="ed8026dc-eeee-eeee-eeee-4fce56706755"/>
         </objectType>
     </schemaHandling>
 

model/model-intest/src/test/resources/common/security-policy-benevolent.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2014-2021 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<securityPolicy oid="ed8026dc-eeee-eeee-eeee-4fce56706755"
+    xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
+    <name>Security Policy: Benevolent</name>
+    <credentials>
+        <password>
+            <valuePolicyRef oid="ed8026dc-569a-11e7-abdf-4fce56706755"/>
+        </password>
+    </credentials>
+</securityPolicy>

model/model-intest/src/test/resources/password/resource-dummy-maverick.xml

@@ -205,10 +205,10 @@
                             <asIs/>
                         </expression>
                     </outbound>
-                    <passwordPolicyRef oid="b26d2bd4-ff83-11e7-94b3-8fa7a87aac6c" type="ValuePolicyType"/>
                 </password>
             </credentials>
 
+            <securityPolicyRef oid="b26d2bd4-eeee-eeee-eeee-8fa7a87aac6c"/>
         </objectType>
 
     </schemaHandling>

model/model-intest/src/test/resources/password/resource-dummy-ugly.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
-  ~ Copyright (c) 2010-2017 Evolveum and contributors
+  ~ Copyright (c) 2010-2021 Evolveum and contributors
   ~
   ~ This work is dual-licensed under the Apache License 2.0
   ~ and European Union Public License. See LICENSE file for details.
@@ -68,9 +68,9 @@
                             </script>
                         </expression>
                     </outbound>
-                    <passwordPolicyRef oid="cfb3fa9e-027a-11e7-8e2c-dbebaacaf4ee" type="ValuePolicyType"/>
                 </password>
             </credentials>
+            <securityPolicyRef oid="cfb3fa9e-eeee-eeee-eeee-dbebaacaf4ee"/>
         </objectType>
     </schemaHandling>
 

model/model-intest/src/test/resources/password/security-policy-maverick.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2021 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<securityPolicy oid="b26d2bd4-eeee-eeee-eeee-8fa7a87aac6c"
+    xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
+    <name>Security Policy: Maverick</name>
+    <credentials>
+        <password>
+            <valuePolicyRef oid="b26d2bd4-ff83-11e7-94b3-8fa7a87aac6c"/>
+        </password>
+    </credentials>
+</securityPolicy>

model/model-intest/src/test/resources/password/security-policy-ugly.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2021 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<securityPolicy oid="cfb3fa9e-eeee-eeee-eeee-dbebaacaf4ee"
+    xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'>
+    <name>Security Policy: Ugly</name>
+    <credentials>
+        <password>
+            <valuePolicyRef oid="cfb3fa9e-027a-11e7-8e2c-dbebaacaf4ee"/>
+        </password>
+    </credentials>
+</securityPolicy>