@Override public boolean isSecondaryIdentifier(ObjectClassComplexTypeDefinition objectDefinition) { for (ResourceAttributeDefinition<?> secondaryIdentifier : objectDefinition.getSecondaryIdentifiers()) { if (this == secondaryIdentifier) { return true; } } return false; }
/** * Returns both primary and secondary identifiers. */ default Collection<? extends ResourceAttributeDefinition<?>> getAllIdentifiers() { return Stream.concat(getPrimaryIdentifiers().stream(), getSecondaryIdentifiers().stream()) .collect(Collectors.toList()); }
public static ResourceAttributeDefinition<String> getNameDefinition(ObjectClassComplexTypeDefinition def) { Collection<? extends ResourceAttributeDefinition> secondaryIdentifiers = def.getSecondaryIdentifiers(); if (secondaryIdentifiers.size() > 1) { throw new UnsupportedOperationException("Multiple secondary identifiers are not supported"); } if (secondaryIdentifiers.size() == 1) { return secondaryIdentifiers.iterator().next(); } else { // fallback, compatibility return def.findAttributeDefinition(SchemaConstants.ICFS_NAME); } }
/** * Returns the definition of secondary identifier attributes of a resource * object. * * May return empty set if there are no secondary identifier attributes. * Must not return null. * * The exception should be never thrown unless there is some bug in the * code. The validation of model consistency should be done at the time of * schema parsing. * * @return definition of secondary identifier attributes * @throws IllegalStateException * if there is no definition for the referenced attributed */ @Override public Collection<? extends ResourceAttributeDefinition> getSecondaryIdentifiers() { return getComplexTypeDefinition().getSecondaryIdentifiers(); }
/** * Returns true if the attribute with a given name is among secondary identifiers. * Matching is done using namespace-approximate method (testing only local part if * no namespace is provided), so beware of incidental matching (e.g. ri:uid vs icfs:uid). */ default boolean isSecondaryIdentifier(QName attrName) { return getSecondaryIdentifiers().stream() .anyMatch(idDef -> QNameUtil.match(idDef.getName(), attrName)); }
public static void validateObjectClassDefinition(ObjectClassComplexTypeDefinition objectClassDefinition, PrismObject<ResourceType> resource) throws SchemaException { Set<QName> attributeNames = new HashSet<>(); for (ResourceAttributeDefinition<?> attributeDefinition: objectClassDefinition.getAttributeDefinitions()) { QName attrName = attributeDefinition.getName(); if (attributeNames.contains(attrName)) { throw new SchemaException("Duplicate definition of attribute "+attrName+" in object class "+objectClassDefinition.getTypeName()+" in resource schema of "+resource); } attributeNames.add(attrName); } Collection<? extends ResourceAttributeDefinition<?>> primaryIdentifiers = objectClassDefinition.getPrimaryIdentifiers(); Collection<? extends ResourceAttributeDefinition<?>> secondaryIdentifiers = objectClassDefinition.getSecondaryIdentifiers(); if (primaryIdentifiers.isEmpty() && secondaryIdentifiers.isEmpty()) { throw new SchemaException("No identifiers in definition of object class "+objectClassDefinition.getTypeName()+" in resource schema of "+resource); } }
protected ObjectQuery createShadowQuerySecondaryIdentifier(ObjectClassComplexTypeDefinition rAccount, String identifier, PrismObject<ResourceType> resource) throws SchemaException { Collection<? extends ResourceAttributeDefinition> identifierDefs = rAccount.getSecondaryIdentifiers(); assert identifierDefs.size() == 1 : "Unexpected identifier set in "+resource+" refined schema: "+identifierDefs; ResourceAttributeDefinition identifierDef = identifierDefs.iterator().next(); //TODO: set matching rule instead of null return prismContext.queryFor(ShadowType.class) .itemWithDef(identifierDef, ShadowType.F_ATTRIBUTES, identifierDef.getName()).eq(identifier) .and().item(ShadowType.F_OBJECT_CLASS).eq(rAccount.getTypeName()) .and().item(ShadowType.F_RESOURCE_REF).ref(resource.getOid()) .build(); }
protected void assertShadowSecondaryIdentifier(PrismObject<ShadowType> shadow, String expectedIdentifier, ResourceType resourceType, MatchingRule<String> nameMatchingRule) throws SchemaException { RefinedResourceSchema rSchema = RefinedResourceSchemaImpl.getRefinedSchema(resourceType); ObjectClassComplexTypeDefinition ocDef = rSchema.findObjectClassDefinition(shadow.asObjectable().getObjectClass()); ResourceAttributeDefinition idSecDef = ocDef.getSecondaryIdentifiers().iterator().next(); PrismContainer<Containerable> attributesContainer = shadow.findContainer(ShadowType.F_ATTRIBUTES); PrismProperty<String> idProp = attributesContainer.findProperty(idSecDef.getName()); assertNotNull("No secondary identifier ("+idSecDef.getName()+") attribute in shadow for "+expectedIdentifier, idProp); if (nameMatchingRule == null) { assertEquals("Unexpected secondary identifier in shadow for "+expectedIdentifier, expectedIdentifier, idProp.getRealValue()); } else { PrismAsserts.assertEquals("Unexpected secondary identifier in shadow for "+expectedIdentifier, nameMatchingRule, expectedIdentifier, idProp.getRealValue()); } }
protected void assertShadowSecondaryIdentifier(PrismObject<ShadowType> shadow, String expectedIdentifier, ResourceType resourceType, MatchingRule<String> nameMatchingRule) throws SchemaException { RefinedResourceSchema rSchema = RefinedResourceSchemaImpl.getRefinedSchema(resourceType); ObjectClassComplexTypeDefinition ocDef = rSchema.findObjectClassDefinition(shadow.asObjectable().getObjectClass()); ResourceAttributeDefinition idSecDef = ocDef.getSecondaryIdentifiers().iterator().next(); PrismContainer<Containerable> attributesContainer = shadow.findContainer(ShadowType.F_ATTRIBUTES); PrismProperty<String> idProp = attributesContainer.findProperty(idSecDef.getName()); assertNotNull("No secondary identifier ("+idSecDef.getName()+") attribute in shadow for "+expectedIdentifier, idProp); if (nameMatchingRule == null) { assertEquals("Unexpected secondary identifier in shadow for "+expectedIdentifier, expectedIdentifier, idProp.getRealValue()); } else { PrismAsserts.assertEquals("Unexpected secondary identifier in shadow for "+expectedIdentifier, nameMatchingRule, expectedIdentifier, idProp.getRealValue()); } }
public static void assertProvisioningShadow(PrismObject<ShadowType> account, ResourceType resourceType, Class<?> expetcedAttributeDefinitionClass, QName objectClass) { // Check attribute definition PrismContainer attributesContainer = account.findContainer(ShadowType.F_ATTRIBUTES); PrismAsserts.assertClass("Wrong attributes container class", ResourceAttributeContainer.class, attributesContainer); ResourceAttributeContainer rAttributesContainer = (ResourceAttributeContainer)attributesContainer; PrismContainerDefinition attrsDef = attributesContainer.getDefinition(); assertNotNull("No attributes container definition", attrsDef); assertTrue("Wrong attributes definition class "+attrsDef.getClass().getName(), attrsDef instanceof ResourceAttributeContainerDefinition); ResourceAttributeContainerDefinition rAttrsDef = (ResourceAttributeContainerDefinition)attrsDef; ObjectClassComplexTypeDefinition objectClassDef = rAttrsDef.getComplexTypeDefinition(); assertNotNull("No object class definition in attributes definition", objectClassDef); assertEquals("Wrong object class in attributes definition", objectClass, objectClassDef.getTypeName()); ResourceAttributeDefinition primaryIdDef = objectClassDef.getPrimaryIdentifiers().iterator().next(); ResourceAttribute<?> primaryIdAttr = rAttributesContainer.findAttribute(primaryIdDef.getName()); assertNotNull("No primary ID "+primaryIdDef.getName()+" in "+account, primaryIdAttr); assertAttributeDefinition(primaryIdAttr, DOMUtil.XSD_STRING, 0, 1, true, false, false, expetcedAttributeDefinitionClass); ResourceAttributeDefinition secondaryIdDef = objectClassDef.getSecondaryIdentifiers().iterator().next(); ResourceAttribute<Object> secondaryIdAttr = rAttributesContainer.findAttribute(secondaryIdDef.getName()); assertNotNull("No secondary ID "+secondaryIdDef.getName()+" in "+account, secondaryIdAttr); assertAttributeDefinition(secondaryIdAttr, DOMUtil.XSD_STRING, 1, 1, true, true, true, expetcedAttributeDefinitionClass); }
protected void assertShadowRepo(PrismObject<ShadowType> accountShadow, String oid, String username, ResourceType resourceType, QName objectClass, MatchingRule<String> nameMatchingRule) throws SchemaException { assertShadowCommon(accountShadow, oid, username, resourceType, objectClass, nameMatchingRule, true); PrismContainer<Containerable> attributesContainer = accountShadow.findContainer(ShadowType.F_ATTRIBUTES); List<Item<?,?>> attributes = attributesContainer.getValue().getItems(); // Collection secIdentifiers = ShadowUtil.getSecondaryIdentifiers(accountShadow); if (attributes == null){ AssertJUnit.fail("No attributes in repo shadow"); } RefinedResourceSchema refinedSchema = null; try { refinedSchema = RefinedResourceSchemaImpl.getRefinedSchema(resourceType); } catch (SchemaException e) { AssertJUnit.fail(e.getMessage()); } ObjectClassComplexTypeDefinition objClassDef = refinedSchema.getRefinedDefinition(objectClass); Collection secIdentifiers = objClassDef.getSecondaryIdentifiers(); if (secIdentifiers == null){ AssertJUnit.fail("No secondary identifiers in repo shadow"); } // repo shadow should contains all secondary identifiers + ICF_UID assertRepoShadowAttributes(attributes, secIdentifiers.size()+1); }
assertEquals("Wrong displayOrder for attribute "+SchemaTestConstants.ICFS_UID, (Integer)100, uidAttributeDefinition.getDisplayOrder()); Collection<? extends ResourceAttributeDefinition> secondaryIdentifiers = accountDefinition.getSecondaryIdentifiers(); assertNotNull("Null secondary identifiers for " + objectClassQname, secondaryIdentifiers); assertFalse("Empty secondary identifiers for " + objectClassQname, secondaryIdentifiers.isEmpty()); assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef.getNamingAttribute()); assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass())); assertTrue("No NAME update",nameDef.canModify()); assertTrue("No NAME read",nameDef.canRead()); assertTrue("NAME definition not in identifiers", accountDef.getSecondaryIdentifiers().contains(nameDef)); assertEquals("Wrong refined displayName for attribute "+SchemaTestConstants.ICFS_NAME, "ConnId Name", nameDef.getDisplayName()); assertEquals("Wrong refined displayOrder for attribute "+SchemaTestConstants.ICFS_NAME, (Integer)110, nameDef.getDisplayOrder());
assertTrue("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" in not secondary identifier",idSecondaryDef.isSecondaryIdentifier(accountDefinition)); assertFalse("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" in in identifiers list and it should NOT be",identifiers.contains(idSecondaryDef)); assertTrue("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" in not in secomdary identifiers list",accountDefinition.getSecondaryIdentifiers().contains(idSecondaryDef)); assertEquals("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" has wrong native name", OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME, idSecondaryDef.getNativeAttributeName()); assertEquals("Attribute "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" has wrong framework name", Name.NAME, idSecondaryDef.getFrameworkAttributeName()); assertEquals("Unexpected secondary identifiers: "+accountDefinition.getSecondaryIdentifiers(), 1, accountDefinition.getSecondaryIdentifiers().size());
if (ocDef.getSecondaryIdentifiers().isEmpty()) { ResourceAttributeDefinition idDef = ocDef.getPrimaryIdentifiers().iterator().next(); PrismProperty<String> idProp = attributesContainer.findProperty(idDef.getName()); for (ResourceAttributeDefinition idSecDef: ocDef.getSecondaryIdentifiers()) { PrismProperty<String> idProp = attributesContainer.findProperty(idSecDef.getName()); wasValues.addAll(idProp.getRealValues());
if (ocDef.getSecondaryIdentifiers().isEmpty()) { ResourceAttributeDefinition idDef = ocDef.getPrimaryIdentifiers().iterator().next(); PrismProperty<String> idProp = attributesContainer.findProperty(idDef.getName()); for (ResourceAttributeDefinition idSecDef: ocDef.getSecondaryIdentifiers()) { PrismProperty<String> idProp = attributesContainer.findProperty(idSecDef.getName()); wasValues.addAll(idProp.getRealValues());
@Override protected void assertAccountDefinition(ObjectClassComplexTypeDefinition accountDef) { assertEquals("Unexpected number of definitions", 5, accountDef.getDefinitions().size()); ResourceAttributeDefinition<String> guidDef = accountDef.findAttributeDefinition(ATTR_GUID); assertNotNull("No definition for guid", guidDef); assertEquals(1, guidDef.getMaxOccurs()); assertEquals(1, guidDef.getMinOccurs()); assertTrue("No guid create", guidDef.canAdd()); assertTrue("No guid update", guidDef.canModify()); assertTrue("No guid read", guidDef.canRead()); ResourceAttributeDefinition<String> unameDef = accountDef.findAttributeDefinition(ATTR_UNAME); assertNotNull("No definition for uname", unameDef); assertEquals(1, unameDef.getMaxOccurs()); assertEquals(0, unameDef.getMinOccurs()); // TODO: should be 1 assertTrue("No uname create", unameDef.canAdd()); assertTrue("No uname update", unameDef.canModify()); assertTrue("No uname read", unameDef.canRead()); assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty()); }
processor.addRefAnnotation(MidPointConstants.RA_IDENTIFIER, identifier.getName(), appinfo); for (ResourceAttributeDefinition identifier : definition.getSecondaryIdentifiers()) { processor.addRefAnnotation(MidPointConstants.RA_SECONDARY_IDENTIFIER,identifier.getName(),appinfo);
assertEquals("Wrong displayOrder for attribute "+SchemaTestConstants.ICFS_UID, (Integer)100, uidAttributeDefinition.getDisplayOrder()); Collection<? extends ResourceAttributeDefinition> secondaryIdentifiers = accountDefinition.getSecondaryIdentifiers(); assertNotNull("Null secondary identifiers for " + objectClassQname, secondaryIdentifiers); assertFalse("Empty secondary identifiers for " + objectClassQname, secondaryIdentifiers.isEmpty()); assertNotNull("Null secondary identifiers in account", accountDef1.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef1.getSecondaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef1.getNamingAttribute()); assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef1.getNativeObjectClass())); assertTrue("No NAME update",nameDef.canModify()); assertTrue("No NAME read",nameDef.canRead()); assertTrue("NAME definition not in identifiers", accountDef1.getSecondaryIdentifiers().contains(nameDef)); assertEquals("Wrong refined displayName for attribute "+SchemaTestConstants.ICFS_NAME, "Modified ConnId Name", nameDef.getDisplayName()); assertEquals("Wrong refined displayOrder for attribute "+SchemaTestConstants.ICFS_NAME, (Integer)110, nameDef.getDisplayOrder());
assertNotNull("Null identifiers in account", accountDef.getPrimaryIdentifiers()); assertFalse("Empty identifiers in account", accountDef.getPrimaryIdentifiers().isEmpty()); assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in account", accountDef.getNamingAttribute()); assertFalse("No nativeObjectClass in account", StringUtils.isEmpty(accountDef.getNativeObjectClass())); assertTrue("No NAME update", idSecondaryDef.canModify()); assertTrue("No NAME read", idSecondaryDef.canRead()); assertTrue("NAME definition not in secondary identifiers", accountDef.getSecondaryIdentifiers().contains(idSecondaryDef)); assertEquals("Wrong "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" frameworkAttributeName", ProvisioningTestUtil.CONNID_NAME_NAME, idSecondaryDef.getFrameworkAttributeName()); assertEquals("Wrong secondary identifier matching rule", PrismConstants.DISTINGUISHED_NAME_MATCHING_RULE_NAME, idSecondaryDef.getMatchingRuleQName()); assertNotNull("Null identifiers in posixAccount", posixAccountDef.getPrimaryIdentifiers()); assertFalse("Empty identifiers in posixAccount", posixAccountDef.getPrimaryIdentifiers().isEmpty()); assertNotNull("Null secondary identifiers in posixAccount", posixAccountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in posixAccount", posixAccountDef.getSecondaryIdentifiers().isEmpty()); assertNotNull("No naming attribute in posixAccount", posixAccountDef.getNamingAttribute()); assertFalse("No nativeObjectClass in posixAccount", StringUtils.isEmpty(posixAccountDef.getNativeObjectClass())); assertTrue("No NAME update", posixIdSecondaryDef.canModify()); assertTrue("No NAME read", posixIdSecondaryDef.canRead()); assertTrue("NAME definition not in secondary identifiers", accountDef.getSecondaryIdentifiers().contains(posixIdSecondaryDef)); assertEquals("Wrong "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" frameworkAttributeName", ProvisioningTestUtil.CONNID_NAME_NAME, posixIdSecondaryDef.getFrameworkAttributeName());