boolean isModify();
public static void assertIsModify(ObjectDelta<?> objectDelta) { assert objectDelta.isModify() : "Expected that object delta "+objectDelta+" is MODIFY, but it is "+objectDelta.getChangeType(); }
public static <O extends ObjectType> void setDeltaOldValue(LensElementContext<O> ctx, ObjectDelta<O> objectDelta) { if (objectDelta == null) { return; } if (!objectDelta.isModify()) { return; } for (ItemDelta<?, ?> modification: objectDelta.getModifications()) { setDeltaOldValue(ctx, modification); } }
public static <T extends ObjectType> Collection<? extends ItemDelta<?, ?>> computeReencryptModifications(Protector protector, PrismObject<T> object) throws EncryptionException { PrismObject<T> reencrypted = object.clone(); int changes = reencryptValues(protector, reencrypted); if (changes == 0) { return Collections.emptySet(); } ObjectDelta<T> diff = object.diff(reencrypted, EquivalenceStrategy.LITERAL); if (!diff.isModify()) { throw new AssertionError("Expected MODIFY delta, got " + diff); } return diff.getModifications(); }
private List<ApprovalRequest<AssociationAdditionType>> getApprovalRequests(ModelContext<?> modelContext, PrimaryChangeProcessorConfigurationType wfConfigurationType, ObjectTreeDeltas changes, Task taskFromModel, OperationResult result) { List<ApprovalRequest<AssociationAdditionType>> requests = new ArrayList<>(); PcpAspectConfigurationType config = primaryChangeAspectHelper.getPcpAspectConfigurationType(wfConfigurationType, this); Set<Map.Entry<ResourceShadowDiscriminator, ObjectDelta<ShadowType>>> entries = changes.getProjectionChangeMapEntries(); for (Map.Entry<ResourceShadowDiscriminator, ObjectDelta<ShadowType>> entry : entries) { ObjectDelta<ShadowType> delta = entry.getValue(); if (delta.isAdd()) { requests.addAll(getApprovalRequestsFromShadowAdd(config, entry.getValue(), entry.getKey(), modelContext, taskFromModel, result)); } else if (delta.isModify()) { ModelProjectionContext projectionContext = modelContext.findProjectionContext(entry.getKey()); requests.addAll(getApprovalRequestsFromShadowModify( config, projectionContext.getObjectOld(), entry.getValue(), entry.getKey(), modelContext, taskFromModel, result)); } else { // no-op } } return requests; }
@Override protected boolean checkApplicability(Event event, GeneralNotifierType generalNotifierType, OperationResult result) { List<ObjectDelta<FocusType>> deltas = ((ModelEvent) event).getFocusDeltas(); if (deltas.isEmpty()) { return false; } if (isWatchAuxiliaryAttributes(generalNotifierType)) { return true; } for (ObjectDelta<FocusType> delta : deltas) { if (!delta.isModify() || deltaContainsOtherPathsThan(delta, functions.getAuxiliaryPaths())) { return true; } } return false; }
public static <O extends ObjectType> String getOperationUrlFromDelta(ObjectDelta<O> delta) { if (delta == null) { return null; } if (delta.isAdd()) { return ModelAuthorizationAction.ADD.getUrl(); } if (delta.isModify()) { return ModelAuthorizationAction.MODIFY.getUrl(); } if (delta.isDelete()) { return ModelAuthorizationAction.DELETE.getUrl(); } throw new IllegalArgumentException("Unknown delta type "+delta); }
public void addAssignmentApprovalMetadata(ObjectDelta<?> objectDelta, Task task, OperationResult result) throws SchemaException { if (objectDelta.isAdd()) { addAssignmentApprovalMetadataOnObjectAdd(objectDelta.getObjectToAdd(), task, result); } else if (objectDelta.isModify()) { addAssignmentApprovalMetadataOnObjectModify(objectDelta, task, result); } }
@Override public String getPlaintextAccountPasswordFromDelta(ObjectDelta<? extends ShadowType> delta) throws EncryptionException { if (delta.isAdd()) { ShadowType newShadow = delta.getObjectToAdd().asObjectable(); return getPlaintextAccountPassword(newShadow); } if (!delta.isModify()) { return null; } List<ProtectedStringType> passwords = new ArrayList<>(); for (ItemDelta itemDelta : delta.getModifications()) { takePasswordsFromItemDelta(passwords, itemDelta); } LOGGER.trace("Found " + passwords.size() + " password change value(s)"); if (!passwords.isEmpty()) { return protector.decryptString(passwords.get(passwords.size() - 1)); } else { return null; } }
@Override public String getPlaintextUserPasswordFromDeltas(List<ObjectDelta<UserType>> objectDeltas) throws EncryptionException { List<ProtectedStringType> passwords = new ArrayList<>(); for (ObjectDelta<UserType> delta : objectDeltas) { if (delta.isAdd()) { UserType newUser = delta.getObjectToAdd().asObjectable(); return getPlaintextUserPassword(newUser); // for simplicity we do not look for other values } if (!delta.isModify()) { continue; } for (ItemDelta itemDelta : delta.getModifications()) { takePasswordsFromItemDelta(passwords, itemDelta); } } LOGGER.trace("Found " + passwords.size() + " password change value(s)"); if (!passwords.isEmpty()) { return protector.decryptString(passwords.get(passwords.size() - 1)); } else { return null; } }
@Override protected String getSubject(Event event, GeneralNotifierType generalNotifierType, String transport, Task task, OperationResult result) { ResourceObjectEvent resourceObjectEvent = (ResourceObjectEvent) event; ResourceOperationDescription rod = resourceObjectEvent.getAccountOperationDescription(); ObjectDelta<ShadowType> delta = (ObjectDelta<ShadowType>) rod.getObjectDelta(); String objectTypeDescription = resourceObjectEvent.isShadowKind(ShadowKindType.ACCOUNT) ? "Account" : "Resource object"; if (delta.isAdd()) { return objectTypeDescription + " creation notification"; } else if (delta.isModify()) { return objectTypeDescription + " modification notification"; } else if (delta.isDelete()) { return objectTypeDescription + " deletion notification"; } else { return "(unknown resource object operation)"; } }
private <O extends ObjectType> boolean isRepeatedAlreadyExistsException( LensProjectionContext projContext) { int deltas = projContext.getExecutedDeltas().size(); LOGGER.trace("isRepeatedAlreadyExistsException starting; number of executed deltas = {}", deltas); if (deltas < 2) { return false; } LensObjectDeltaOperation<ShadowType> lastDeltaOp = projContext.getExecutedDeltas().get(deltas - 1); LensObjectDeltaOperation<ShadowType> previousDeltaOp = projContext.getExecutedDeltas() .get(deltas - 2); // TODO check also previous execution result to see if it's // AlreadyExistException? ObjectDelta<ShadowType> lastDelta = lastDeltaOp.getObjectDelta(); ObjectDelta<ShadowType> previousDelta = previousDeltaOp.getObjectDelta(); boolean rv; if (lastDelta.isAdd() && previousDelta.isAdd()) { rv = isEquivalentAddDelta(lastDelta.getObjectToAdd(), previousDelta.getObjectToAdd()); } else if (lastDelta.isModify() && previousDelta.isModify()) { rv = isEquivalentModifyDelta(lastDelta.getModifications(), previousDelta.getModifications()); } else { rv = false; } LOGGER.trace( "isRepeatedAlreadyExistsException returning {}; based of comparison of previousDelta:\n{}\nwith lastDelta:\n{}", rv, previousDelta, lastDelta); return rv; }
@Override protected boolean checkApplicability(Event event, GeneralNotifierType generalNotifierType, OperationResult result) { ResourceObjectEvent resourceObjectEvent = (ResourceObjectEvent) event; ObjectDelta<ShadowType> delta = resourceObjectEvent.getShadowDelta(); if (!delta.isModify()) { return true; } boolean otherThanSyncPresent = deltaContainsOtherPathsThan(delta, functions.getSynchronizationPaths()); boolean otherThanAuxPresent = deltaContainsOtherPathsThan(delta, functions.getAuxiliaryPaths()); boolean watchSync = isWatchSynchronizationAttributes((SimpleResourceObjectNotifierType) generalNotifierType); boolean watchAux = isWatchAuxiliaryAttributes(generalNotifierType); if ((watchSync || otherThanSyncPresent) && (watchAux || otherThanAuxPresent)) { return true; } LOGGER.trace("No relevant attributes in delta, skipping the notifier (watchSync = " + watchSync + ", otherThanSyncPresent = " + otherThanSyncPresent + ", watchAux = " + watchAux + ", otherThanAuxPresent = " + otherThanAuxPresent + ")"); return false; }
private void retryOperation(ProvisioningContext ctx, ObjectDelta<ShadowType> pendingDelta, ProvisioningOperationState<? extends AsynchronousOperationResult> opState, Task task, OperationResult result) throws CommunicationException, GenericFrameworkException, ObjectAlreadyExistsException, SchemaException, ObjectNotFoundException, ConfigurationException, SecurityViolationException, PolicyViolationException, ExpressionEvaluationException, EncryptionException { OperationProvisioningScriptsType scripts = null; // TODO if (pendingDelta.isAdd()) { addShadowAttempt(ctx, pendingDelta.getObjectToAdd(), scripts, (ProvisioningOperationState<AsynchronousOperationReturnValue<PrismObject<ShadowType>>>) opState, null, task, result); } if (pendingDelta.isModify()) { modifyShadowAttempt(ctx, pendingDelta.getModifications(), scripts, null, (ProvisioningOperationState<AsynchronousOperationReturnValue<Collection<PropertyDelta<PrismPropertyValue>>>>) opState, task, result); } if (pendingDelta.isDelete()) { deleteShadowAttempt(ctx, null, scripts, (ProvisioningOperationState<AsynchronousOperationResult>) opState, task, result); } }
private void assertResolvedResourceRefs(ObjectDelta<ShadowType> delta, String desc) { if (delta == null) { return; } if (delta.isAdd()) { assertResolvedResourceRefs(delta.getObjectToAdd(), desc); } else if (delta.isModify()) { ReferenceDelta referenceDelta = delta.findReferenceModification(ShadowType.F_RESOURCE_REF); if (referenceDelta != null) { assertResolvedResourceRefs(referenceDelta.getValuesToAdd(), "valuesToAdd in "+desc); assertResolvedResourceRefs(referenceDelta.getValuesToDelete(), "valuesToDelete in "+desc); assertResolvedResourceRefs(referenceDelta.getValuesToReplace(), "valuesToReplace in "+desc); } } }
private void distributeResourceDelta(ObjectDelta<ShadowType> delta, PrismObject<ResourceType> resource) { if (delta == null) { return; } if (delta.isAdd()) { distributeResourceObject(delta.getObjectToAdd(), resource); } else if (delta.isModify()) { ReferenceDelta referenceDelta = delta.findReferenceModification(ShadowType.F_RESOURCE_REF); if (referenceDelta != null) { distributeResourceValues(referenceDelta.getValuesToAdd(), resource); distributeResourceValues(referenceDelta.getValuesToDelete(), resource); distributeResourceValues(referenceDelta.getValuesToReplace(), resource); } } // Nothing to do for DELETE delta }
private <O extends ObjectType> void applyLastProvisioningTimestamp(LensContext<O> context, ObjectDelta<O> focusDelta) throws SchemaException { if (!context.hasProjectionChange()) { return; } if (focusDelta.isAdd()) { PrismObject<O> objectToAdd = focusDelta.getObjectToAdd(); PrismContainer<MetadataType> metadataContainer = objectToAdd.findOrCreateContainer(ObjectType.F_METADATA); metadataContainer.getRealValue().setLastProvisioningTimestamp(clock.currentTimeXMLGregorianCalendar()); } else if (focusDelta.isModify()) { PropertyDelta<XMLGregorianCalendar> provTimestampDelta = prismContext.deltaFactory().property().createModificationReplaceProperty( ItemPath.create(ObjectType.F_METADATA, MetadataType.F_LAST_PROVISIONING_TIMESTAMP), context.getFocusContext().getObjectDefinition(), clock.currentTimeXMLGregorianCalendar()); focusDelta.addModification(provTimestampDelta); } }
/** * Checks if we do not try to modify assignment.targetRef or assignment.construction.kind or intent. * * @param context * @param <F> * @throws SchemaException */ private <F extends AssignmentHolderType> void checkAssignmentDeltaSanity(LensContext<F> context) throws SchemaException { ObjectDelta<F> focusDelta = context.getFocusContext().getDelta(); if (focusDelta == null || !focusDelta.isModify() || focusDelta.getModifications() == null) { return; } for (@SuppressWarnings("rawtypes") ItemDelta itemDelta : focusDelta.getModifications()) { ItemPath itemPath = itemDelta.getPath().namedSegmentsOnly(); if (SchemaConstants.PATH_ASSIGNMENT_TARGET_REF.isSubPathOrEquivalent(itemPath)) { throw new SchemaException("It is not allowed to change targetRef in an assignment. Offending path: " + itemPath); } if (SchemaConstants.PATH_ASSIGNMENT_CONSTRUCTION_KIND.isSubPathOrEquivalent(itemPath)) { throw new SchemaException("It is not allowed to change construction.kind in an assignment. Offending path: " + itemPath); } if (SchemaConstants.PATH_ASSIGNMENT_CONSTRUCTION_INTENT.isSubPathOrEquivalent(itemPath)) { throw new SchemaException("It is not allowed to change construction.intent in an assignment. Offending path: " + itemPath); } // TODO some mechanism to detect changing kind/intent by add/delete/replace whole ConstructionType (should be implemented in the caller) } }
public void applyAttributesDefinition(ProvisioningContext ctx, ObjectDelta<ShadowType> delta) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException { if (delta.isAdd()) { applyAttributesDefinition(ctx, delta.getObjectToAdd()); } else if (delta.isModify()) { for (ItemDelta<?, ?> itemDelta : delta.getModifications()) { if (SchemaConstants.PATH_ATTRIBUTES.equivalent(itemDelta.getParentPath())) { applyAttributeDefinition(ctx, delta, itemDelta); } else if (SchemaConstants.PATH_ATTRIBUTES.equivalent(itemDelta.getPath())) { if (itemDelta.isAdd()) { for (PrismValue value : itemDelta.getValuesToAdd()) { applyAttributeDefinition(ctx, value); } } if (itemDelta.isReplace()) { for (PrismValue value : itemDelta.getValuesToReplace()) { applyAttributeDefinition(ctx, value); } } } } } }