private boolean isSelfPasswordChange(PropertyDelta<ProtectedStringType> delta) { // We need runAs option, otherwise this is no self-service but an administrator setting the password. if (getOptions() == null) { return false; } if (getOptions().getRunAsIdentification() == null) { return false; } Collection<PrismPropertyValue<ProtectedStringType>> estimatedOldValues = delta.getEstimatedOldValues(); if (estimatedOldValues == null || estimatedOldValues.isEmpty()) { return false; } return true; }
private OperationOptions createConnIdOptions(ConnectorOperationOptions options, Collection<Operation> changes) throws SchemaException { OperationOptionsBuilder connIdOptionsBuilder = new OperationOptionsBuilder(); if (options != null) { ResourceObjectIdentification runAsIdentification = options.getRunAsIdentification(); if (runAsIdentification != null) { connIdOptionsBuilder.setRunAsUser(getNameValue(runAsIdentification)); // We are going to figure out what the runAsPassword may be. // If there is a password change then there should be old value in the delta. // This is quite a black magic. But we do not have a better way now. for (Operation change : changes) { if (change instanceof PropertyModificationOperation) { PropertyDelta propertyDelta = ((PropertyModificationOperation)change).getPropertyDelta(); if (!propertyDelta.getPath().equivalent(SchemaConstants.PATH_PASSWORD_VALUE)) { continue; } Collection<PrismPropertyValue<ProtectedStringType>> oldValues = propertyDelta.getEstimatedOldValues(); if (oldValues == null || oldValues.isEmpty()) { continue; } ProtectedStringType oldPassword = oldValues.iterator().next().getValue(); if (oldPassword != null) { GuardedString oldPasswordGs = ConnIdUtil.toGuardedString(oldPassword, "runAs password", protector); connIdOptionsBuilder.setRunWithPassword(oldPasswordGs); } } } } } return connIdOptionsBuilder.build(); }