private QName getObjectClassQName(ObjectClassComplexTypeDefinition objectClassDef) { return objectClassDef != null ? objectClassDef.getTypeName() : null; }
default <X> ResourceAttributeDefinition<X> findAttributeDefinition(String name) { return findAttributeDefinition(new QName(getTypeName().getNamespaceURI(), name)); }
for (ResourceAttributeDefinition identifier : definition.getPrimaryIdentifiers()) { processor.addRefAnnotation(MidPointConstants.RA_IDENTIFIER, identifier.getName(), appinfo); for (ResourceAttributeDefinition identifier : definition.getSecondaryIdentifiers()) { processor.addRefAnnotation(MidPointConstants.RA_SECONDARY_IDENTIFIER,identifier.getName(),appinfo); if (definition.getDisplayNameAttribute() != null) { processor.addRefAnnotation(MidPointConstants.RA_DISPLAY_NAME_ATTRIBUTE, definition.getDisplayNameAttribute().getName(), appinfo); if (definition.getDescriptionAttribute() != null) { processor.addRefAnnotation(MidPointConstants.RA_DESCRIPTION_ATTRIBUTE, definition.getDescriptionAttribute().getName(), appinfo); if (definition.getNamingAttribute() != null) { processor.addRefAnnotation(MidPointConstants.RA_NAMING_ATTRIBUTE, definition.getNamingAttribute().getName(), appinfo); if (!StringUtils.isEmpty(definition.getNativeObjectClass())) { processor.addAnnotation(MidPointConstants.RA_NATIVE_OBJECT_CLASS, definition.getNativeObjectClass(), appinfo); if (definition.getKind() != null) { processor.addAnnotation(MidPointConstants.RA_KIND, definition.getKind().value(), appinfo); if (definition.isDefaultInAKind()) { processor.addAnnotation(MidPointConstants.RA_DEFAULT, true, appinfo); if (definition.isAuxiliary()) { processor.addAnnotation(MidPointConstants.RA_AUXILIARY, true, appinfo); if (definition.getIntent() != null) { processor.addAnnotation(MidPointConstants.RA_INTENT, definition.getIntent(), appinfo);
/** * Returns both primary and secondary identifiers. */ default Collection<? extends ResourceAttributeDefinition<?>> getAllIdentifiers() { return Stream.concat(getPrimaryIdentifiers().stream(), getSecondaryIdentifiers().stream()) .collect(Collectors.toList()); }
public static ResourceAttributeDefinition<String> getNameDefinition(ObjectClassComplexTypeDefinition def) { Collection<? extends ResourceAttributeDefinition> secondaryIdentifiers = def.getSecondaryIdentifiers(); if (secondaryIdentifiers.size() > 1) { throw new UnsupportedOperationException("Multiple secondary identifiers are not supported"); } if (secondaryIdentifiers.size() == 1) { return secondaryIdentifiers.iterator().next(); } else { // fallback, compatibility return def.findAttributeDefinition(SchemaConstants.ICFS_NAME); } }
assertEquals("Object class " + objectClassQname + " is not account", ShadowKindType.ACCOUNT, accountDefinition.getKind()); assertTrue("Object class " + objectClassQname + " is not default account", accountDefinition.isDefaultInAKind()); assertFalse("Object class " + objectClassQname + " is empty", accountDefinition.isEmpty()); assertFalse("Object class " + objectClassQname + " is empty", accountDefinition.isIgnored()); Collection<? extends ResourceAttributeDefinition> identifiers = accountDefinition.getPrimaryIdentifiers(); assertNotNull("Null identifiers for " + objectClassQname, identifiers); assertFalse("Empty identifiers for " + objectClassQname, identifiers.isEmpty()); ResourceAttributeDefinition uidAttributeDefinition = accountDefinition.findAttributeDefinition(SchemaTestConstants.ICFS_UID); assertNotNull("No definition for attribute "+SchemaTestConstants.ICFS_UID, uidAttributeDefinition); assertTrue("Attribute "+SchemaTestConstants.ICFS_UID+" in not an identifier",uidAttributeDefinition.isPrimaryIdentifier(accountDefinition)); Collection<? extends ResourceAttributeDefinition> secondaryIdentifiers = accountDefinition.getSecondaryIdentifiers(); assertNotNull("Null secondary identifiers for " + objectClassQname, secondaryIdentifiers); assertFalse("Empty secondary identifiers for " + objectClassQname, secondaryIdentifiers.isEmpty()); ResourceAttributeDefinition nameAttributeDefinition = accountDefinition.findAttributeDefinition(SchemaTestConstants.ICFS_NAME); assertNotNull("No definition for attribute "+SchemaTestConstants.ICFS_NAME, nameAttributeDefinition); assertTrue("Attribute "+SchemaTestConstants.ICFS_NAME+" in not an identifier",nameAttributeDefinition.isSecondaryIdentifier(accountDefinition)); assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers()); assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty()); assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef.getNamingAttribute()); assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass())); .findAttributeDefinition(SchemaTestConstants.ICFS_UID);
private void assertResourceSchema(ResourceSchema unSchema) { ObjectClassComplexTypeDefinition objectClassDef = unSchema.findObjectClassDefinition(new ItemName(SCHEMA_NAMESPACE,"AccountObjectClass")); assertEquals(new ItemName(SCHEMA_NAMESPACE,"AccountObjectClass"),objectClassDef.getTypeName()); assertEquals("AccountObjectClass class not an account", ShadowKindType.ACCOUNT, objectClassDef.getKind()); assertTrue("AccountObjectClass class not a DEFAULT account", objectClassDef.isDefaultInAKind()); PrismPropertyDefinition<String> loginDef = objectClassDef.findPropertyDefinition(new ItemName(SCHEMA_NAMESPACE,"login")); assertEquals(new ItemName(SCHEMA_NAMESPACE,"login"), loginDef.getName()); assertEquals(DOMUtil.XSD_STRING, loginDef.getTypeName()); PrismPropertyDefinition<ProtectedStringType> passwdDef = objectClassDef.findPropertyDefinition(new ItemName(SCHEMA_NAMESPACE,"password")); assertEquals(new ItemName(SCHEMA_NAMESPACE,"password"), passwdDef.getName()); assertEquals(ProtectedStringType.COMPLEX_TYPE, passwdDef.getTypeName()); // PrismContainerDefinition<CredentialsType> credDef = objectClassDef.findContainerDefinition(new SingleNamePath(SchemaConstants.NS_C,"credentials")); // assertEquals(new SingleNamePath(SchemaConstants.NS_C,"credentials"), credDef.getName()); // assertEquals(new SingleNamePath(SchemaConstants.NS_C,"CredentialsType"), credDef.getTypeName()); }
assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers()); assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty()); assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef.getNamingAttribute()); assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass())); ResourceAttributeDefinition<String> idPrimaryDef = accountDef.findAttributeDefinition(getPrimaryIdentifierQName()); assertEquals(1, idPrimaryDef.getMaxOccurs()); assertEquals(0, idPrimaryDef.getMinOccurs()); assertFalse("UID has update", idPrimaryDef.canModify()); assertTrue("No UID read", idPrimaryDef.canRead()); assertTrue("UID definition not in identifiers", accountDef.getPrimaryIdentifiers().contains(idPrimaryDef)); assertEquals("Wrong "+OpenDJController.RESOURCE_OPENDJ_PRIMARY_IDENTIFIER_LOCAL_NAME+" frameworkAttributeName", ProvisioningTestUtil.CONNID_UID_NAME, idPrimaryDef.getFrameworkAttributeName()); assertEquals("Wrong primary identifier matching rule", PrismConstants.UUID_MATCHING_RULE_NAME, idPrimaryDef.getMatchingRuleQName()); ResourceAttributeDefinition<String> idSecondaryDef = accountDef.findAttributeDefinition(getSecondaryIdentifierQName()); assertEquals(1, idSecondaryDef.getMaxOccurs()); assertEquals(1, idSecondaryDef.getMinOccurs()); assertTrue("No NAME update", idSecondaryDef.canModify()); assertTrue("No NAME read", idSecondaryDef.canRead()); assertTrue("NAME definition not in secondary identifiers", accountDef.getSecondaryIdentifiers().contains(idSecondaryDef)); assertEquals("Wrong "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" frameworkAttributeName", ProvisioningTestUtil.CONNID_NAME_NAME, idSecondaryDef.getFrameworkAttributeName()); assertEquals("Wrong secondary identifier matching rule", PrismConstants.DISTINGUISHED_NAME_MATCHING_RULE_NAME, idSecondaryDef.getMatchingRuleQName()); ResourceAttributeDefinition<String> cnDef = accountDef.findAttributeDefinition("cn"); assertNotNull("No definition for cn", cnDef);
public void assertDummyResourceSchemaSanityExtended(ResourceSchema resourceSchema, ResourceType resourceType, boolean checkDisplayOrder, int numberOfAccountDefinitions) { assertDummyResourceSchemaSanity(resourceSchema, resourceType, checkDisplayOrder); ObjectClassComplexTypeDefinition accountDef = resourceSchema.findDefaultObjectClassDefinition(ShadowKindType.ACCOUNT); assertNotNull("No default account definition", accountDef); ObjectClassComplexTypeDefinition accountObjectClassDef = resourceSchema.findObjectClassDefinition(SchemaTestConstants.ICF_ACCOUNT_OBJECT_CLASS_LOCAL_NAME); assertNotNull("No AccountObjectClass definition", accountObjectClassDef); assertTrue("Default account definition is not same as AccountObjectClass", accountDef == accountObjectClassDef); assertEquals("Unexpected number of definitions", numberOfAccountDefinitions, accountDef.getDefinitions().size()); ResourceAttributeDefinition<String> treasureDef = accountDef.findAttributeDefinition(DUMMY_ACCOUNT_ATTRIBUTE_TREASURE_NAME); assertFalse("Treasure IS returned by default and should not be", treasureDef.isReturnedByDefault()); // MID-4751 ResourceAttributeDefinition<XMLGregorianCalendar> enlistTimestampDef = accountDef.findAttributeDefinition(DUMMY_ACCOUNT_ATTRIBUTE_ENLIST_TIMESTAMP_NAME); PrismAsserts.assertDefinition(enlistTimestampDef, new QName(ResourceTypeUtil.getResourceNamespace(resourceType), DUMMY_ACCOUNT_ATTRIBUTE_ENLIST_TIMESTAMP_NAME), DOMUtil.XSD_DATETIME, 0, 1); assertEquals("Unexpected kind in account definition", ShadowKindType.ACCOUNT, accountDef.getKind()); assertTrue("Account definition in not default", accountDef.isDefaultInAKind()); assertNull("Non-null intent in account definition", accountDef.getIntent()); assertFalse("Account definition is deprecated", accountDef.isDeprecated()); assertFalse("Account definition is auxiliary", accountDef.isAuxiliary()); }
public static <T,RA> ResourceAttributeDefinitionAsserter<T,RA> forAttribute(ObjectClassComplexTypeDefinition objectClassDefinition, QName attrName, RA returnAsserter, String desc) { ResourceAttributeDefinition<T> attrDefinition = objectClassDefinition.findAttributeDefinition(attrName); assertNotNull("No definition for attribute "+attrName+" in " + desc, attrDefinition); ResourceAttributeDefinitionAsserter<T, RA> asserter = new ResourceAttributeDefinitionAsserter<>(attrDefinition, returnAsserter, desc); asserter.objectClassDefinition = objectClassDefinition; return asserter; }
public static void validateObjectClassDefinition(ObjectClassComplexTypeDefinition objectClassDefinition, PrismObject<ResourceType> resource) throws SchemaException { Set<QName> attributeNames = new HashSet<>(); for (ResourceAttributeDefinition<?> attributeDefinition: objectClassDefinition.getAttributeDefinitions()) { QName attrName = attributeDefinition.getName(); if (attributeNames.contains(attrName)) { throw new SchemaException("Duplicate definition of attribute "+attrName+" in object class "+objectClassDefinition.getTypeName()+" in resource schema of "+resource); } attributeNames.add(attrName); } Collection<? extends ResourceAttributeDefinition<?>> primaryIdentifiers = objectClassDefinition.getPrimaryIdentifiers(); Collection<? extends ResourceAttributeDefinition<?>> secondaryIdentifiers = objectClassDefinition.getSecondaryIdentifiers(); if (primaryIdentifiers.isEmpty() && secondaryIdentifiers.isEmpty()) { throw new SchemaException("No identifiers in definition of object class "+objectClassDefinition.getTypeName()+" in resource schema of "+resource); } }
assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers()); assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef.getNamingAttribute()); assertEquals("Unexpected number of definitions", getNumberOfAccountAttributeDefinitions(), accountDef.getDefinitions().size()); ResourceAttributeDefinition<String> usernameDef = accountDef.findAttributeDefinition(ATTR_USERNAME); assertNotNull("No definition for username", usernameDef); assertEquals(1, usernameDef.getMaxOccurs()); assertTrue("No username read", usernameDef.canRead()); ResourceAttributeDefinition<String> fullnameDef = accountDef.findAttributeDefinition(ATTR_FULLNAME); assertNotNull("No definition for fullname", fullnameDef); assertEquals(1, fullnameDef.getMaxOccurs());
assertFalse("Object class " + objectClassQname + " is empty", accountDefinition.isEmpty()); assertFalse("Object class " + objectClassQname + " is empty", accountDefinition.isIgnored()); Collection<? extends ResourceAttributeDefinition> identifiers = accountDefinition.getPrimaryIdentifiers(); assertNotNull("Null identifiers for " + objectClassQname, identifiers); assertFalse("Empty identifiers for " + objectClassQname, identifiers.isEmpty()); ResourceAttributeDefinition<String> idPrimaryDef = accountDefinition.findAttributeDefinition( new QName(ResourceTypeUtil.getResourceNamespace(resourceType), OpenDJController.RESOURCE_OPENDJ_PRIMARY_IDENTIFIER_LOCAL_NAME)); assertNotNull("No definition for attribute "+OpenDJController.RESOURCE_OPENDJ_PRIMARY_IDENTIFIER_LOCAL_NAME, idPrimaryDef); assertEquals("Attribute "+OpenDJController.RESOURCE_OPENDJ_PRIMARY_IDENTIFIER_LOCAL_NAME+" has wrong framework name", Uid.NAME, idPrimaryDef.getFrameworkAttributeName()); ResourceAttributeDefinition<String> idSecondaryDef = accountDefinition.findAttributeDefinition( new QName(ResourceTypeUtil.getResourceNamespace(resourceType), OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME)); assertNotNull("No definition for attribute "+SchemaConstants.ICFS_NAME, idSecondaryDef); assertTrue("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" in not secondary identifier",idSecondaryDef.isSecondaryIdentifier(accountDefinition)); assertFalse("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" in in identifiers list and it should NOT be",identifiers.contains(idSecondaryDef)); assertTrue("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" in not in secomdary identifiers list",accountDefinition.getSecondaryIdentifiers().contains(idSecondaryDef)); assertEquals("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" has wrong native name", OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME, idSecondaryDef.getNativeAttributeName()); assertEquals("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" has wrong framework name", Name.NAME, idSecondaryDef.getFrameworkAttributeName()); assertEquals("Unexpected secondary identifiers: "+accountDefinition.getSecondaryIdentifiers(), 1, accountDefinition.getSecondaryIdentifiers().size());
public static void assertProvisioningShadow(PrismObject<ShadowType> account, ResourceType resourceType, Class<?> expetcedAttributeDefinitionClass, QName objectClass) { // Check attribute definition PrismContainer attributesContainer = account.findContainer(ShadowType.F_ATTRIBUTES); PrismAsserts.assertClass("Wrong attributes container class", ResourceAttributeContainer.class, attributesContainer); ResourceAttributeContainer rAttributesContainer = (ResourceAttributeContainer)attributesContainer; PrismContainerDefinition attrsDef = attributesContainer.getDefinition(); assertNotNull("No attributes container definition", attrsDef); assertTrue("Wrong attributes definition class "+attrsDef.getClass().getName(), attrsDef instanceof ResourceAttributeContainerDefinition); ResourceAttributeContainerDefinition rAttrsDef = (ResourceAttributeContainerDefinition)attrsDef; ObjectClassComplexTypeDefinition objectClassDef = rAttrsDef.getComplexTypeDefinition(); assertNotNull("No object class definition in attributes definition", objectClassDef); assertEquals("Wrong object class in attributes definition", objectClass, objectClassDef.getTypeName()); ResourceAttributeDefinition primaryIdDef = objectClassDef.getPrimaryIdentifiers().iterator().next(); ResourceAttribute<?> primaryIdAttr = rAttributesContainer.findAttribute(primaryIdDef.getName()); assertNotNull("No primary ID "+primaryIdDef.getName()+" in "+account, primaryIdAttr); assertAttributeDefinition(primaryIdAttr, DOMUtil.XSD_STRING, 0, 1, true, false, false, expetcedAttributeDefinitionClass); ResourceAttributeDefinition secondaryIdDef = objectClassDef.getSecondaryIdentifiers().iterator().next(); ResourceAttribute<Object> secondaryIdAttr = rAttributesContainer.findAttribute(secondaryIdDef.getName()); assertNotNull("No secondary ID "+secondaryIdDef.getName()+" in "+account, secondaryIdAttr); assertAttributeDefinition(secondaryIdAttr, DOMUtil.XSD_STRING, 1, 1, true, true, true, expetcedAttributeDefinitionClass); }
public static ResourceAttributeDefinition<String> getUidDefinition(ObjectClassComplexTypeDefinition def) { Collection<? extends ResourceAttributeDefinition> primaryIdentifiers = def.getPrimaryIdentifiers(); if (primaryIdentifiers.size() > 1) { throw new UnsupportedOperationException("Multiple primary identifiers are not supported"); } if (primaryIdentifiers.size() == 1) { return primaryIdentifiers.iterator().next(); } else { // fallback, compatibility return def.findAttributeDefinition(SchemaConstants.ICFS_UID); } }
@Test public void test005ParsedSchema() throws Exception { final String TEST_NAME = "test005ParsedSchema"; TestUtil.displayTestTitle(TEST_NAME); // THEN // The returned type should have the schema pre-parsed assertNotNull(RefinedResourceSchemaImpl.hasParsedSchema(resourceType)); // Also test if the utility method returns the same thing ResourceSchema resourceSchema = RefinedResourceSchemaImpl.getResourceSchema(resourceType, prismContext); display("Parsed resource schema", resourceSchema); assertNotNull("No resource schema", resourceSchema); ObjectClassComplexTypeDefinition accountDef = resourceSchema.findObjectClassDefinition(RESOURCE_CSV_ACCOUNT_OBJECTCLASS); assertNotNull("Account definition is missing", accountDef); assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers()); assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef.getNamingAttribute()); assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass())); assertAccountDefinition(accountDef); ResourceAttributeDefinition<String> icfsNameDef = accountDef.findAttributeDefinition(SchemaConstants.ICFS_NAME); assertNull("ICFS NAME definition sneaked in", icfsNameDef); ResourceAttributeDefinition<String> icfsUidDef = accountDef.findAttributeDefinition(SchemaConstants.ICFS_UID); assertNull("ICFS UID definition sneaked in", icfsUidDef); // Check whether it is reusing the existing schema and not parsing it all over again // Not equals() but == ... we want to really know if exactly the same // object instance is returned assertTrue("Broken caching", resourceSchema == RefinedResourceSchemaImpl.getResourceSchema(resourceType, prismContext)); }
default ObjectQuery createShadowSearchQuery(String resourceOid) throws SchemaException { return ObjectQueryUtil.createResourceAndObjectClassQuery(resourceOid, getTypeName(), getPrismContext()); }
protected ObjectQuery createShadowQuerySecondaryIdentifier(ObjectClassComplexTypeDefinition rAccount, String identifier, PrismObject<ResourceType> resource) throws SchemaException { Collection<? extends ResourceAttributeDefinition> identifierDefs = rAccount.getSecondaryIdentifiers(); assert identifierDefs.size() == 1 : "Unexpected identifier set in "+resource+" refined schema: "+identifierDefs; ResourceAttributeDefinition identifierDef = identifierDefs.iterator().next(); //TODO: set matching rule instead of null return prismContext.queryFor(ShadowType.class) .itemWithDef(identifierDef, ShadowType.F_ATTRIBUTES, identifierDef.getName()).eq(identifier) .and().item(ShadowType.F_OBJECT_CLASS).eq(rAccount.getTypeName()) .and().item(ShadowType.F_RESOURCE_REF).ref(resource.getOid()) .build(); }
private static void parseObjectTypesFromSchema(RefinedResourceSchemaImpl rSchema, ResourceType resourceType, PrismContext prismContext, String contextDescription) throws SchemaException { RefinedObjectClassDefinition rAccountDefDefault = null; for(ObjectClassComplexTypeDefinition objectClassDef: rSchema.getOriginalResourceSchema().getObjectClassDefinitions()) { QName objectClassname = objectClassDef.getTypeName(); if (rSchema.getRefinedDefinition(objectClassname) != null) { continue; } RefinedObjectClassDefinition rOcDef = RefinedObjectClassDefinitionImpl.parseFromSchema(objectClassDef, resourceType, rSchema, prismContext, "object class " + objectClassname + ", in " + contextDescription); if (objectClassDef.getKind() == ShadowKindType.ACCOUNT && rOcDef.isDefault()) { if (rAccountDefDefault == null) { rAccountDefDefault = rOcDef; } else { throw new SchemaException("More than one default account definitions ("+rAccountDefDefault+", "+rOcDef+") in " + contextDescription); } } rSchema.add(rOcDef); } } //endregion
if (StringUtils.isEmpty(policyIntent)) { policyObjectClass = schema.findDefaultObjectClassDefinition(policyKind); policyIntent = policyObjectClass.getIntent(); } else { policyObjectClass = schema.findObjectClassDefinition(policyKind, policyIntent); if (objectClass != null && !QNameUtil.match(objectClass, policyObjectClass.getTypeName())) { return false;