protected boolean assignmentExists(List<AssignmentType> assignmentList, String targetOid) { for (AssignmentType assignmentType : assignmentList) { if (assignmentType.getTargetRef() != null && targetOid.equals(assignmentType.getTargetRef().getOid())) { return true; } } return false; }
@Nullable private QName getRelation(AssignmentType assignmentType) { return assignmentType.getTargetRef() != null ? relationRegistry.normalizeRelation(assignmentType.getTargetRef().getRelation()) : null; }
public static boolean selectorMatches(AssignmentSelectorType assignmentSelector, AssignmentType assignmentType, PrismContext prismContext) { if (assignmentType.getTargetRef() == null) { return false; } for (ObjectReferenceType selectorTargetRef: assignmentSelector.getTargetRef()) { if (MiscSchemaUtil.referenceMatches(selectorTargetRef, assignmentType.getTargetRef(), prismContext)) { return true; } } return false; }
protected boolean assignmentMatches(AssignmentType assignmentType, String targetOid, QName relation) { ObjectReferenceType targetRef = assignmentType.getTargetRef(); if (targetRef == null) { return false; } return referenceMatches(targetRef, targetOid, relation); }
private ObjectReferenceType getTargetRef() { AssignmentType assignmentType = getAssignmentType(); if (assignmentType == null) { return null; } return assignmentType.getTargetRef(); }
public static boolean isDelegationAssignment(AssignmentType assignment, @NotNull RelationRegistry relationRegistry) { return assignment != null && assignment.getTargetRef() != null && relationRegistry.isDelegation(assignment.getTargetRef().getRelation()); }
public List<PrismObject<RoleType>> resolveRoles(Collection<AssignmentType> assignments, Collection<String> filterOids) { Collection<AssignmentType> toResolve = assignments; if (CollectionUtils.isNotEmpty(filterOids) && CollectionUtils.isNotEmpty(assignments)) { toResolve = assignments.stream().filter(Objects::nonNull) .filter(as -> as.getTargetRef() != null && as.getTargetRef().getOid() != null && filterOids.contains(as.getTargetRef().getOid())) // filter to default relation only - ignores approvers etc .filter(as -> prismContext.isDefaultRelation(as.getTargetRef().getRelation())) .collect(Collectors.toList()); } return resolveRoles(toResolve); }
protected Optional<AssignmentType> findAssignmentByTarget(PrismObject<? extends FocusType> focus, String targetOid) { return focus.asObjectable().getAssignment().stream() .filter(a -> a.getTargetRef() != null && targetOid.equals(a.getTargetRef().getOid())) .findFirst(); }
@Override public <F extends FocusType> boolean isDirectlyAssigned(F focusType, String targetOid) { for (AssignmentType assignment : focusType.getAssignment()) { ObjectReferenceType targetRef = assignment.getTargetRef(); if (targetRef != null && targetRef.getOid().equals(targetOid)) { return true; } } return false; }
private String formatTarget(AssignmentType assignment, PrismObject<ShadowType> assignmentTarget) { if (assignmentTarget != null) { return assignmentTarget.toString(); } return assignment.getTargetRef().toString(); }
private static <F extends FocusType> List<String> getAssignedOids(PrismObject<F> user, QName type) { F userType = user.asObjectable(); List<String> haveTagetOids = new ArrayList<>(); for (AssignmentType assignmentType: userType.getAssignment()) { ObjectReferenceType targetRef = assignmentType.getTargetRef(); if (targetRef != null) { if (type.equals(targetRef.getType())) { haveTagetOids.add(targetRef.getOid()); } } } return haveTagetOids; }
protected <F extends FocusType> AssignmentType getAssignment(PrismObject<F> focus, String roleOid) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException { List<AssignmentType> assignments = focus.asObjectable().getAssignment(); for (AssignmentType assignment: assignments) { ObjectReferenceType targetRef = assignment.getTargetRef(); if (targetRef != null && roleOid.equals(targetRef.getOid())) { return assignment; } } return null; }
protected boolean isAssignmentRelevant(AssignmentType assignmentType) { if (assignmentType.getTarget() != null) { return assignmentType.getTarget() instanceof AbstractRoleType; } else if (assignmentType.getTargetRef() != null) { QName targetType = assignmentType.getTargetRef().getType(); return QNameUtil.match(targetType, RoleType.COMPLEX_TYPE) || QNameUtil.match(targetType, OrgType.COMPLEX_TYPE) || QNameUtil.match(targetType, AbstractRoleType.COMPLEX_TYPE); // this case should not occur } else { return false; // should not occur } }
protected AssignmentType findInducementByTarget(String roleOid, String targetOid) throws SchemaException, ObjectAlreadyExistsException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, PolicyViolationException, SecurityViolationException { Task task = createTask(AbstractModelIntegrationTest.class.getName() + ".findInducementByTarget"); OperationResult result = task.getResult(); PrismObject<RoleType> role = modelService.getObject(RoleType.class, roleOid, null, task, result); for (AssignmentType inducement: role.asObjectable().getInducement()) { ObjectReferenceType targetRef = inducement.getTargetRef(); if (targetRef != null && targetOid.equals(targetRef.getOid())) { return inducement; } } return null; }
private AssignmentType findAssignmentOrInducement(AbstractRoleType source, AbstractRoleType target) { return Stream.concat(source.getAssignment().stream(), source.getInducement().stream()) .filter(a -> a.getTargetRef() != null && target.getOid().equals(a.getTargetRef().getOid())) .findFirst() .orElseThrow(() -> new IllegalStateException(source + " contains no assignment/inducement to " + target)); }
protected <F extends FocusType> void assertAssignedNo(PrismObject<F> user, QName refType) { F userType = user.asObjectable(); for (AssignmentType assignmentType: userType.getAssignment()) { ObjectReferenceType targetRef = assignmentType.getTargetRef(); if (targetRef != null) { if (refType.equals(targetRef.getType())) { AssertJUnit.fail(user+" has role "+targetRef.getOid()+" while expected no roles"); } } } }
private Long findAssignmentIdForTarget(PrismObject<UserType> user, String targetOid) { for (AssignmentType assignmentType : user.asObjectable().getAssignment()) { if (assignmentType.getTargetRef() != null && targetOid.equals(assignmentType.getTargetRef().getOid())) { return assignmentType.getId(); } } throw new IllegalStateException("No assignment pointing to " + targetOid + " found"); }
private RunInfo assertAssignment(AssignmentType assignment, String name) { if (name == null) { assertNull("Assignment is not null", assignment); } else { name = name.substring(2); assertEquals("Wrong target OID in assignment", getRoleOid(name), assignment.getTargetRef().getOid()); } return this; }
private void assign(AbstractRoleType source, AbstractRoleType target, QName relation) { AssignmentType assignment = ObjectTypeUtil.createAssignmentTo(target.asPrismObject(), prismContext); assignment.getTargetRef().setRelation(relation); source.getAssignment().add(assignment); }
@Test public void testUserCredentials() throws Exception{ PrismObject<UserType> oldUser = prismContext.parseObject(new File(TEST_DIR + "/user-migrate-credentials.xml")); PrismObject<UserType> newUser = migrator.migrate(oldUser); UserType newUserType = newUser.asObjectable(); assertNull("Credentials in migrated object must be null.", newUserType.getCredentials()); assertNotNull("Migrated user must contain assignment.", newUserType.getAssignment()); assertEquals("Migrated user must contain 1 assignment.", newUserType.getAssignment().size(), 1); AssignmentType superUserRole = newUserType.getAssignment().get(0); assertNotNull("Target ref in the user's assignment must not be null.", superUserRole.getTargetRef()); assertEquals(superUserRole.getTargetRef().getOid(), SystemObjectsType.ROLE_SUPERUSER.value()); }