public PolicyConstraintsType exclusion(ExclusionPolicyConstraintType value) { getExclusion().add(value); return this; }
public List<ExclusionPolicyConstraintType> createExclusionList() { PrismForJAXBUtil.createContainer(asPrismContainerValue(), F_EXCLUSION); return getExclusion(); }
/** * Only for legacy exclusions. Not reliable. Do not use if you can avoid it. * It will get deprecated eventually. */ public Collection<ExclusionPolicyConstraintType> getExclusions() { if (exclusions == null) { exclusions = new ArrayList<>(); AssignmentHolderType focusType = target.asObjectable(); if (focusType instanceof AbstractRoleType) { AbstractRoleType roleType = (AbstractRoleType)focusType; // legacy (very old) for (ExclusionPolicyConstraintType exclusionType: roleType.getExclusion()) { exclusions.add(exclusionType); } // legacy PolicyConstraintsType constraints = roleType.getPolicyConstraints(); if (constraints != null) { for (ExclusionPolicyConstraintType exclusionType: constraints.getExclusion()) { exclusions.add(exclusionType); } } } } return exclusions; }
protected PolicyRuleType createExclusionPolicyRule(String excludedRoleOid) { PolicyRuleType policyRule = new PolicyRuleType(); PolicyConstraintsType policyContraints = new PolicyConstraintsType(); ExclusionPolicyConstraintType exclusionConstraint = new ExclusionPolicyConstraintType(); ObjectReferenceType targetRef = new ObjectReferenceType(); targetRef.setOid(excludedRoleOid); targetRef.setType(RoleType.COMPLEX_TYPE); exclusionConstraint.setTargetRef(targetRef); policyContraints.getExclusion().add(exclusionConstraint); policyRule.setPolicyConstraints(policyContraints); return policyRule; }
@Nullable private String getSituationFromConstraints(PolicyConstraintsType policyConstraints) { if (!policyConstraints.getExclusion().isEmpty()) { return PredefinedPolicySituation.EXCLUSION_VIOLATION.getUrl(); } else if (!policyConstraints.getMinAssignees().isEmpty()) {
private AssignmentType assertExclusion(PrismObject<RoleType> roleExclusion, String excludedRoleOid) { PrismContainer<AssignmentType> assignmentContainer = roleExclusion.findContainer(RoleType.F_ASSIGNMENT); assertNotNull("No assignment container in "+roleExclusion, assignmentContainer); assertEquals("Wrong size of assignment container in "+roleExclusion, 1, assignmentContainer.size()); AssignmentType exclusionAssignment = assignmentContainer.getValue().asContainerable(); PolicyRuleType exclusionPolicyRule = exclusionAssignment.getPolicyRule(); assertNotNull("No policy rule in "+roleExclusion, exclusionPolicyRule); PolicyConstraintsType exclusionPolicyConstraints = exclusionPolicyRule.getPolicyConstraints(); assertNotNull("No policy rule constraints in "+roleExclusion, exclusionPolicyConstraints); List<ExclusionPolicyConstraintType> exclusionExclusionPolicyConstraints = exclusionPolicyConstraints.getExclusion(); assertEquals("Wrong size of exclusion policy constraints in "+roleExclusion, 1, exclusionExclusionPolicyConstraints.size()); ExclusionPolicyConstraintType exclusionPolicyConstraint = exclusionExclusionPolicyConstraints.get(0); assertNotNull("No exclusion policy constraint in "+roleExclusion, exclusionPolicyConstraint); ObjectReferenceType targetRef = exclusionPolicyConstraint.getTargetRef(); assertNotNull("No targetRef in exclusion policy constraint in "+roleExclusion, targetRef); assertEquals("Wrong OID targetRef in exclusion policy constraint in "+roleExclusion, excludedRoleOid, targetRef.getOid()); return exclusionAssignment; }
&& visit(pc.getObjectMinAssigneesViolation(), F_OBJECT_MIN_ASSIGNEES_VIOLATION, visitor) && visit(pc.getObjectMaxAssigneesViolation(), F_OBJECT_MAX_ASSIGNEES_VIOLATION, visitor) && visit(pc.getExclusion(), F_EXCLUSION, visitor) && visit(pc.getAssignment(), F_ASSIGNMENT, visitor) && visit(pc.getHasAssignment(), F_HAS_ASSIGNMENT, visitor)