private ValuePolicyType determineValuePolicy(
      ObjectDelta<UserType> userDelta, Task task, OperationResult result) throws SchemaException {
    ReferenceDelta orgDelta = userDelta.findReferenceModification(UserType.F_PARENT_ORG_REF);
    ValuePolicyType passwordPolicy = null;
    LOGGER.trace("Determining password policy from org delta.");
    if (orgDelta != null) {
      PrismReferenceValue orgRefValue = orgDelta.getAnyValue();

      try {
        PrismObject<OrgType> org =
            resolver.resolve(orgRefValue, "resolving parent org ref", null, null, result);
        OrgType orgType = org.asObjectable();
        ObjectReferenceType ref = orgType.getPasswordPolicyRef();
        if (ref != null) {
          LOGGER.trace("Org {} has specified password policy.", orgType);
          passwordPolicy =
              resolver.resolve(
                  ref,
                  ValuePolicyType.class,
                  null,
                  "resolving password policy for organization",
                  task,
                  result);
          LOGGER.trace("Resolved password policy {}", passwordPolicy);
        }

        if (passwordPolicy == null) {
          passwordPolicy = determineValuePolicy(org, task, result);
        }

      } catch (ObjectNotFoundException e) {
        throw new IllegalStateException(e);
      }
    }

    return passwordPolicy;
  }
Ejemplo n.º 2
0
  // TODO: refactor - this method is also in SchemaHandlerImpl
  private ResourceType resolveResource(ShadowType shadow, OperationResult result)
      throws ExpressionEvaluationException, ObjectNotFoundException, SchemaException {
    if (shadow.getResource() != null) {
      return shadow.getResource();
    }

    ObjectReferenceType ref = shadow.getResourceRef();
    if (ref == null) {
      throw new ExpressionEvaluationException(
          "Resource shadow object " + shadow + " doesn't have defined resource.");
    }
    if (ref.getOid() == null) {
      throw new ExpressionEvaluationException(
          "Resource shadow object " + shadow + " defines null resource OID.");
    }

    return modelObjectResolver.getObjectSimple(
        ResourceType.class, ref.getOid(), null, null, result);
  }
  private ValuePolicyType determineValuePolicy(
      PrismObject object, Task task, OperationResult result) throws SchemaException {
    LOGGER.trace("Determining password policies from object", object);
    PrismReference orgRef = object.findReference(ObjectType.F_PARENT_ORG_REF);
    if (orgRef == null) {
      return null;
    }
    List<PrismReferenceValue> values = orgRef.getValues();
    ValuePolicyType valuePolicy = null;
    List<PrismObject<OrgType>> orgs = new ArrayList<PrismObject<OrgType>>();
    try {
      for (PrismReferenceValue orgRefValue : values) {
        if (orgRefValue != null) {

          if (valuePolicy != null) {
            throw new IllegalStateException(
                "Found more than one policy while trying to validate user's password. Please check your configuration");
          }

          PrismObject<OrgType> org =
              resolver.resolve(orgRefValue, "resolving parent org ref", null, null, result);
          orgs.add(org);
          valuePolicy = resolvePolicy(org, task, result);
        }
      }
    } catch (ObjectNotFoundException ex) {
      throw new IllegalStateException(ex);
    }
    // go deeper
    if (valuePolicy == null) {
      for (PrismObject<OrgType> orgType : orgs) {
        valuePolicy = determineValuePolicy(orgType, task, result);
        if (valuePolicy != null) {
          return valuePolicy;
        }
      }
    }
    return valuePolicy;
  }
  private ValuePolicyType resolvePolicy(PrismObject<OrgType> org, Task task, OperationResult result)
      throws SchemaException {
    try {
      OrgType orgType = org.asObjectable();
      ObjectReferenceType ref = orgType.getPasswordPolicyRef();
      if (ref == null) {
        return null;
      }

      return resolver.resolve(
          ref,
          ValuePolicyType.class,
          null,
          "resolving password policy for organization",
          task,
          result);

    } catch (ObjectNotFoundException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
      throw new IllegalStateException(e);
    }
  }