@Override public boolean equivalent(AssignmentPathSegment otherSegment) { if (!prismContext.relationsEquivalent(relation, otherSegment.getRelation())) { return false; } if (target == null && otherSegment.getTarget() == null) { return true; // TODO reconsider this in general case } if (target == null || otherSegment.getTarget() == null) { return false; } return java.util.Objects.equals(target.getOid(), otherSegment.getTarget().getOid()); } }
public static boolean isDelegationPath(@NotNull AssignmentPath assignmentPath, @NotNull RelationRegistry relationRegistry) { for (AssignmentPathSegment segment : assignmentPath.getSegments()) { if (!isDelegationAssignment(segment.getAssignment(), relationRegistry)) { return false; } } return true; }
@Override public boolean equivalent(AssignmentPath other) { if (size() != other.size()) { return false; } for (int i = 0; i < segments.size(); i++) { AssignmentPathSegment segment = segments.get(i); AssignmentPathSegment otherSegment = other.getSegments().get(i); if (!segment.equivalent(otherSegment)) { return false; } } return true; }
public static ExtensionType collectExtensions(AssignmentPath path, int startAt, PrismContext prismContext) throws SchemaException { ExtensionType rv = new ExtensionType(prismContext); PrismContainerValue<?> pcv = rv.asPrismContainerValue(); for (int i = startAt; i < path.getSegments().size(); i++) { AssignmentPathSegment segment = path.getSegments().get(i); AssignmentType assignment = segment.getAssignmentAny(); if (assignment != null && assignment.getExtension() != null) { ObjectTypeUtil.mergeExtension(pcv, assignment.getExtension().asPrismContainerValue()); } if (segment.getTarget() != null && segment.getTarget().getExtension() != null) { ObjectTypeUtil.mergeExtension(pcv, segment.getTarget().getExtension().asPrismContainerValue()); } } return rv; }
@Override public int countTargetOccurrences(ObjectType target) { if (target == null) { return 0; } int count = 0; for (AssignmentPathSegment segment: segments) { ObjectType segmentTarget = segment.getTarget(); if (segmentTarget != null) { if (segmentTarget.getOid() != null && target.getOid() != null && segmentTarget.getOid().equals(target.getOid()) || segmentTarget.getOid() == null && target.getOid() == null && segmentTarget.equals(target)) { count++; } } } return count; }
private <O extends ObjectType> boolean isDelegationToNonDelegableTarget(AssignmentType assignmentType, @NotNull PrismObject<O> target, EvaluationContext ctx) { AssignmentPathSegment previousSegment = ctx.assignmentPath.beforeLast(1); if (previousSegment == null || !previousSegment.isDelegation() || !target.canRepresent(AbstractRoleType.class)) { return false; } if (!Boolean.TRUE.equals(((AbstractRoleType)target.asObjectable()).isDelegable())) { if (LOGGER.isTraceEnabled()) { LOGGER.trace("Skipping evaluation of {} because it delegates to a non-delegable target {}", FocusTypeUtil.dumpAssignment(assignmentType), target); } return true; } else { return false; } }
.anyMatch(segment -> segment.matches(sourceOrderConstraints)); if (!found) {
thisRole = (AbstractRoleType) segment.getSource();
protected void assertAssignmentPath(AssignmentPath path, String... targetOids) { assertEquals("Wrong path size", targetOids.length, path.size()); for (int i = 0; i < targetOids.length; i++) { ObjectType target = path.getSegments().get(i).getTarget(); if (targetOids[i] == null) { assertNull("Target #" + (i+1) + " should be null; it is: " + target, target); } else { assertNotNull("Target #" + (i+1) + " should not be null", target); assertEquals("Wrong OID in target #" + (i+1), targetOids[i], target.getOid()); } } }
public static List<OtherPrivilegesLimitationType> extractLimitations(AssignmentPath assignmentPath) { List<OtherPrivilegesLimitationType> rv = new ArrayList<>(); for (AssignmentPathSegment segment : assignmentPath.getSegments()) { CollectionUtils.addIgnoreNull(rv, segment.getAssignment().getLimitOtherPrivileges()); } return rv; }
private boolean isAllowedByLimitations(AssignmentPathSegment segment, AssignmentType nextAssignment, EvaluationContext ctx) { AssignmentType currentAssignment = segment.getAssignment(ctx.evaluateOld); AssignmentSelectorType targetLimitation = currentAssignment.getLimitTargetContent(); if (isDeputyDelegation(nextAssignment)) { // delegation of delegation if (targetLimitation == null) { return false; } return BooleanUtils.isTrue(targetLimitation.isAllowTransitive()); } else { // As for the case of targetRef==null: we want to pass target-less assignments (focus mappings, policy rules etc) // from the delegator to delegatee. To block them we should use order constraints (but also for assignments?). return targetLimitation == null || nextAssignment.getTargetRef() == null || FocusTypeUtil.selectorMatches(targetLimitation, nextAssignment, prismContext); } }