Merge remote-tracking branch 'origin/master' into feature/dependency-…

…upgrade
Evolveum · May 25, 2023 · fca2186 · fca2186
2 parents 4e4441e + 8038b70
commit fca2186
Show file tree

Hide file tree

Showing 83 changed files with 638 additions and 731 deletions.
diff --git a/...admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/captcha/CaptchaPanel.java b/...admin-gui/src/main/java/com/evolveum/midpoint/gui/api/component/captcha/CaptchaPanel.java
@@ -18,16 +18,17 @@
 import org.apache.wicket.markup.html.basic.Label;
 import org.apache.wicket.markup.html.form.RequiredTextField;
 import org.apache.wicket.markup.html.image.Image;
-import org.apache.wicket.model.PropertyModel;
+import org.apache.wicket.model.Model;
 
 import com.evolveum.midpoint.gui.api.component.BasePanel;
-import com.evolveum.midpoint.gui.api.page.PageBase;
 import com.evolveum.midpoint.web.component.message.FeedbackAlerts;
 
 public class CaptchaPanel extends BasePanel<Void> {
 
     private static final long serialVersionUID = 1L;
 
+    private static final String CAPTCHA_TEXT_ID = "text";
+    private static final String CAPTCHA_IMAGE_ID = "image";
     /**
      * The text provided by the user.
      */
@@ -49,7 +50,7 @@ public CaptchaPanel(String id, PageAdminLTE pageBase) {
         add(feedback);
 
         captchaImageResource = createCaptchaImageResource();
-        final Image captchaImage = new Image("image", captchaImageResource);
+        final Image captchaImage = new Image(CAPTCHA_IMAGE_ID, captchaImageResource);
         captchaImage.setOutputMarkupId(true);
         add(captchaImage);
 
@@ -69,8 +70,7 @@ public void onClick(AjaxRequestTarget target) {
         add(new Label("textDescriptionLabel",
                 pageBase.createStringResource("CaptchaPanel.textDescriptionLabel")));
 
-        add(new RequiredTextField<String>("text",
-                new PropertyModel<>(CaptchaPanel.this, "captchaText"), String.class) {
+        add(new RequiredTextField<String>(CAPTCHA_TEXT_ID, Model.of()) {
             private static final long serialVersionUID = 1L;
 
             @Override
@@ -104,7 +104,8 @@ static String randomString() {
     }
 
     public String getCaptchaText() {
-        return captchaText;
+        RequiredTextField<String> captchaField = (RequiredTextField) get(CAPTCHA_TEXT_ID);
+        return captchaField.getInput();
     }
 
     public String getRandomText() {

diff --git a/...main/java/com/evolveum/midpoint/gui/impl/component/search/SearchableItemsDefinitions.java b/...main/java/com/evolveum/midpoint/gui/impl/component/search/SearchableItemsDefinitions.java
@@ -160,7 +160,6 @@ public SearchableItemsDefinitions additionalSearchContext(SearchContext ctx) {
                 ItemPath.create(CaseType.F_PARENT_REF),
                 ItemPath.create(CaseType.F_REQUESTOR_REF),
                 ItemPath.create(CaseType.F_TARGET_REF),
-                ItemPath.create(CaseType.F_TASK_REF),
                 ItemPath.create(CaseType.F_OBJECT_REF)
         ));
 

diff --git a/.../java/com/evolveum/midpoint/gui/impl/page/admin/resource/component/CapabilitiesPanel.java b/.../java/com/evolveum/midpoint/gui/impl/page/admin/resource/component/CapabilitiesPanel.java
@@ -237,9 +237,6 @@ private String getIcon(Class capability) {
         if (ScriptCapabilityType.class.isAssignableFrom(capability)) {
             return "fa fa-code";
         }
-        if (AddRemoveAttributeValuesCapabilityType.class.isAssignableFrom(capability)) {
-            return "fa fa-pen-to-square";
-        }
         if (ReadCapabilityType.class.isAssignableFrom(capability)) {
             return "fa fa-book";
         }

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAbstractFlow.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAbstractFlow.java
@@ -19,11 +19,9 @@
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.util.logging.Trace;
 import com.evolveum.midpoint.util.logging.TraceManager;
-import com.evolveum.midpoint.web.component.AjaxButton;
 import com.evolveum.midpoint.web.component.AjaxSubmitButton;
 import com.evolveum.midpoint.web.component.form.MidpointForm;
 import com.evolveum.midpoint.web.component.prism.DynamicFormPanel;
-import com.evolveum.midpoint.web.component.util.VisibleEnableBehaviour;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
 
@@ -118,7 +116,6 @@ private void doRegistration(AjaxRequestTarget target) {
         if (!validateCaptcha(target)) {
             return;
         }
-
         submitRegistration(target);
         isSubmitted = true;
     }
@@ -132,7 +129,7 @@ private boolean validateCaptcha(AjaxRequestTarget target) {
         }
 
         CaptchaPanel captcha = getCaptcha();
-        if (captcha.getRandomText() == null) {
+        if (captcha.getRandomText() == null || captcha.getCaptchaText() == null) {
             String message = createStringResource("PageSelfRegistration.captcha.validation.failed")
                     .getString();
             LOGGER.error(message);
@@ -142,16 +139,14 @@ private boolean validateCaptcha(AjaxRequestTarget target) {
             return false;
         }
 
-        if (captcha.getCaptchaText() != null && captcha.getRandomText() != null) {
-            if (!captcha.getCaptchaText().equals(captcha.getRandomText())) {
-                String message = createStringResource("PageSelfRegistration.captcha.validation.failed")
-                        .getString();
-                LOGGER.error(message);
-                getSession().error(message);
-                updateCaptcha(target);
-                target.add(getFeedbackPanel());
-                return false;
-            }
+        if (!captcha.getCaptchaText().equals(captcha.getRandomText())) {
+            String message = createStringResource("PageSelfRegistration.captcha.validation.failed")
+                    .getString();
+            LOGGER.error(message);
+            getSession().error(message);
+            updateCaptcha(target);
+            target.add(getFeedbackPanel());
+            return false;
         }
         LOGGER.trace("CAPTCHA Validation OK");
         return true;

diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageInvitation.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageInvitation.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2010-2023 Evolveum and contributors
+ *
+ * This work is dual-licensed under the Apache License 2.0
+ * and European Union Public License. See LICENSE file for details.
+ */
+package com.evolveum.midpoint.gui.impl.page.login;
+
+import com.evolveum.midpoint.authentication.api.authorization.AuthorizationAction;
+import com.evolveum.midpoint.authentication.api.authorization.PageDescriptor;
+import com.evolveum.midpoint.authentication.api.authorization.Url;
+import com.evolveum.midpoint.authentication.api.util.AuthenticationModuleNameConstants;
+import com.evolveum.midpoint.gui.api.model.LoadableModel;
+import com.evolveum.midpoint.prism.delta.DeltaFactory;
+import com.evolveum.midpoint.prism.delta.ObjectDelta;
+import com.evolveum.midpoint.schema.constants.SchemaConstants;
+import com.evolveum.midpoint.schema.result.OperationResult;
+import com.evolveum.midpoint.schema.util.SecurityPolicyUtil;
+import com.evolveum.midpoint.security.api.AuthorizationConstants;
+import com.evolveum.midpoint.security.api.SecurityUtil;
+import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.util.exception.*;
+import com.evolveum.midpoint.util.logging.Trace;
+import com.evolveum.midpoint.util.logging.TraceManager;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
+import org.apache.wicket.model.IModel;
+
+@PageDescriptor(urls = { @Url(mountUrl = "/invitation", matchUrlForSecurity = "/invitation") },
+        action = {
+        @AuthorizationAction(actionUri = AuthorizationConstants.AUTZ_UI_INVITATION_URL) },
+        authModule = AuthenticationModuleNameConstants.MAIL_NONCE)
+public class PageInvitation extends PageSelfRegistration {
+
+    private static final long serialVersionUID = 1L;
+
+    private static final Trace LOGGER = TraceManager.getTrace(PageInvitation.class);
+
+    private static final String DOT_CLASS = PageInvitation.class.getName() + ".";
+
+    public PageInvitation() {
+        super();
+    }
+
+    @Override
+    protected UserType instantiateUser() {
+        return (UserType) getPrincipalFocus();
+    }
+
+    @Override
+    protected ObjectDelta<UserType> prepareUserDelta(Task task, OperationResult result) throws SchemaException, ExpressionEvaluationException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
+        LOGGER.trace("Preparing user MODIFY delta (preregistered user registration)");
+        ObjectDelta<UserType> delta;
+        if (!isCustomFormDefined()) {
+            delta = getPrismContext().deltaFactory().object().createEmptyModifyDelta(UserType.class,
+                    userModel.getObject().getOid());
+            if (getSelfRegistrationConfiguration().getInitialLifecycleState() != null) {
+                delta.addModificationReplaceProperty(UserType.F_LIFECYCLE_STATE,
+                        getSelfRegistrationConfiguration().getInitialLifecycleState());
+            }
+            delta.addModificationReplaceProperty(SchemaConstants.PATH_PASSWORD_VALUE, createPassword().getValue());
+        } else {
+            delta = getDynamicFormPanel().getObjectDelta();
+        }
+
+        delta.addModificationReplaceContainer(SchemaConstants.PATH_NONCE,
+                createNonce(getNonceCredentialsPolicy(), task, result).asPrismContainerValue());
+        LOGGER.trace("Going to register user with modifications {}", delta);
+        return delta;
+    }
+
+    private NonceCredentialsPolicyType getNonceCredentialsPolicy() {
+        SecurityPolicyType securityPolicy = resolveSecurityPolicy();
+        if (securityPolicy == null) {
+            return null;
+        }
+        String invitationSequenceIdentifier = SecurityUtil.getInvitationSequenceIdentifier(securityPolicy);
+        AuthenticationSequenceType invitationSequence = SecurityPolicyUtil.findSequenceByIdentifier(securityPolicy, invitationSequenceIdentifier);
+        if (invitationSequence == null || invitationSequence.getModule().isEmpty()) {
+            return null;
+        }
+        String moduleIdentifier = invitationSequence.getModule().get(0).getIdentifier();
+        if (moduleIdentifier == null) {
+            return null;
+        }
+        MailNonceAuthenticationModuleType nonceModule = securityPolicy
+                .getAuthentication()
+                .getModules()
+                .getMailNonce()
+                .stream()
+                .filter(m -> moduleIdentifier.equals(m.getIdentifier()))
+                .findFirst()
+                .orElse(null);
+        if (nonceModule == null) {
+            return null;
+        }
+        String credentialName = nonceModule.getCredentialName();
+        if (credentialName == null) {
+            return null;
+        }
+        return securityPolicy
+                .getCredentials()
+                .getNonce()
+                .stream()
+                .filter(n -> credentialName.equals(n.getName()))
+                .findFirst()
+                .orElse(null);
+    }
+
+}
diff --git a/...min-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageRegistrationBase.java b/...min-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageRegistrationBase.java
@@ -147,7 +147,7 @@ private void initPostAuthenticationConfiguration() {
 
     }
 
-    private SecurityPolicyType resolveSecurityPolicy() {
+    protected SecurityPolicyType resolveSecurityPolicy() {
         SecurityPolicyType securityPolicy = runPrivileged((Producer<SecurityPolicyType>) () -> {
 
             Task task = createAnonymousTask(OPERATION_GET_SECURITY_POLICY);