ModelInteractionService (midPoint Project 3.4.1 API)

All Known Implementing Classes:

ModelInteractionServiceImpl
```
public interface ModelInteractionService
```
A service provided by the IDM Model that allows to improve the (user) interaction with the model. It is supposed to provide services such as preview of changes, diagnostics and other informational services. It should only provide access to read-only data or provide a temporary (throw-away) previews of data. It should not change the state of IDM repository, resources or tasks. UNSTABLE: This is likely to change PRIVATE: This interface is not supposed to be used outside of midPoint

Author:

Radovan Semancik

Field Summary

Fields
Modifier and Type	Field and Description
`static String`	`CHECK_PASSWORD`
`static String`	`CLASS_NAME_WITH_DOT`
`static String`	`GET_ASSIGNABLE_ROLE_SPECIFICATION`
`static String`	`GET_CONNECTOR_OPERATIONAL_STATUS`
`static String`	`GET_CREDENTIALS_POLICY`
`static String`	`GET_EDIT_OBJECT_DEFINITION`
`static String`	`GET_EDIT_SHADOW_DEFINITION`
`static String`	`PREVIEW_CHANGES`

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`checkPassword(String userOid, ProtectedStringType password, Task task, OperationResult parentResult)` Checks if the supplied password matches with current user password.
`Collection<? extends DisplayableValue<String>>`	`getActionUrls()` Returns a collection of all authorization actions known to the system.
`com.evolveum.midpoint.xml.ns._public.common.common_3.AdminGuiConfigurationType`	`getAdminGuiConfiguration(Task task, OperationResult parentResult)` Returns currently applicable admin GUI configuration.
`<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType> RoleSelectionSpecification`	`getAssignableRoleSpecification(PrismObject<F> focus, OperationResult parentResult)` Returns an object that defines which roles can be assigned by the currently logged-in user.
`ConnectorOperationalStatus`	`getConnectorOperationalStatus(String resourceOid, OperationResult parentResult)`
`com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType`	`getCredentialsPolicy(PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.UserType> user, Task task, OperationResult parentResult)` Returns a credential policy that applies to the specified user.
`RefinedObjectClassDefinition`	`getEditObjectClassDefinition(PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType> shadow, PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType> resource, com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase)`
`<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> PrismObjectDefinition<O>`	`getEditObjectDefinition(PrismObject<O> object, com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase, OperationResult result)` Returns a schema that reflects editability of the object in terms of midPoint schema limitations and security.
`PrismObjectDefinition<com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType>`	`getEditShadowDefinition(ResourceShadowDiscriminator discr, com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase, OperationResult result)`
`<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ModelContext<F>`	`previewChanges(Collection<ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType>> deltas, ModelExecuteOptions options, Task task, Collection<ProgressListener> listeners, OperationResult result)`
`<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ModelContext<F>`	`previewChanges(Collection<ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType>> deltas, ModelExecuteOptions options, Task task, OperationResult result)` Computes the most likely changes triggered by the provided delta.
`<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ModelContext<F>`	`unwrapModelContext(com.evolveum.midpoint.xml.ns._public.common.common_3.LensContextType wrappedContext, OperationResult result)`
`Scene`	`visualizeDelta(ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> delta, Task task, OperationResult result)`
`List<? extends Scene>`	`visualizeDeltas(List<ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType>> deltas, Task task, OperationResult result)`

Field Detail

CLASS_NAME_WITH_DOT

static final String CLASS_NAME_WITH_DOT

PREVIEW_CHANGES
```
static final String PREVIEW_CHANGES
```

GET_EDIT_OBJECT_DEFINITION

static final String GET_EDIT_OBJECT_DEFINITION

GET_EDIT_SHADOW_DEFINITION

static final String GET_EDIT_SHADOW_DEFINITION

GET_ASSIGNABLE_ROLE_SPECIFICATION

static final String GET_ASSIGNABLE_ROLE_SPECIFICATION

GET_CREDENTIALS_POLICY

static final String GET_CREDENTIALS_POLICY

CHECK_PASSWORD
```
static final String CHECK_PASSWORD
```

GET_CONNECTOR_OPERATIONAL_STATUS

static final String GET_CONNECTOR_OPERATIONAL_STATUS

Method Detail

previewChanges

<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ModelContext<F> previewChanges(Collection<ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType>> deltas,
                                                                                                         ModelExecuteOptions options,
                                                                                                         Task task,
                                                                                                         OperationResult result)
                                                                                                       throws SchemaException,
                                                                                                              PolicyViolationException,
                                                                                                              ExpressionEvaluationException,
                                                                                                              ObjectNotFoundException,
                                                                                                              ObjectAlreadyExistsException,
                                                                                                              CommunicationException,
                                                                                                              ConfigurationException,
                                                                                                              SecurityViolationException

Computes the most likely changes triggered by the provided delta. The delta may be any change of any object, e.g. add of a user or change of a shadow. The resulting context will sort that out to "focus" and "projection" as needed. The supplied delta will be used as a primary change. The resulting context will reflect both this primary change and any resulting secondary changes. The changes are only computed, NOT EXECUTED. It also does not change any state of any repository object or task. Therefore this method is safe to use anytime. However it is reading the data from the repository and possibly also from the resources therefore there is still potential for communication (and other) errors and invocation of this method may not be cheap. However, as no operations are really executed there may be issues with resource dependencies. E.g. identifier that are generated by the resource are not taken into account while recomputing the values. This may also cause errors if some expressions depend on the generated values.

Throws:: SchemaException; PolicyViolationException; ExpressionEvaluationException; ObjectNotFoundException; ObjectAlreadyExistsException; CommunicationException; ConfigurationException; SecurityViolationException

previewChanges

<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ModelContext<F> previewChanges(Collection<ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType>> deltas,
                                                                                                         ModelExecuteOptions options,
                                                                                                         Task task,
                                                                                                         Collection<ProgressListener> listeners,
                                                                                                         OperationResult result)
                                                                                                       throws SchemaException,
                                                                                                              PolicyViolationException,
                                                                                                              ExpressionEvaluationException,
                                                                                                              ObjectNotFoundException,
                                                                                                              ObjectAlreadyExistsException,
                                                                                                              CommunicationException,
                                                                                                              ConfigurationException,
                                                                                                              SecurityViolationException

Throws:: SchemaException; PolicyViolationException; ExpressionEvaluationException; ObjectNotFoundException; ObjectAlreadyExistsException; CommunicationException; ConfigurationException; SecurityViolationException

unwrapModelContext

<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> ModelContext<F> unwrapModelContext(com.evolveum.midpoint.xml.ns._public.common.common_3.LensContextType wrappedContext,
                                                                                                             OperationResult result)
                                                                                                           throws SchemaException,
                                                                                                                  ConfigurationException,
                                                                                                                  ObjectNotFoundException,
                                                                                                                  CommunicationException

Throws:: SchemaException; ConfigurationException; ObjectNotFoundException; CommunicationException

getEditObjectDefinition

<O extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> PrismObjectDefinition<O> getEditObjectDefinition(PrismObject<O> object,
                                                                                                                           com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase,
                                                                                                                           OperationResult result)
                                                                                                                         throws SchemaException,
                                                                                                                                ConfigurationException,
                                                                                                                                ObjectNotFoundException

Returns a schema that reflects editability of the object in terms of midPoint schema limitations and security. This method merges together all the applicable limitations that midPoint knows of (schema, security, other constratints). It may be required to pre-populate new object before calling this method, e.g. to put the object in a correct org in case that delegated administration is used.

If null is returned then the access to the entire object is denied. It cannot be created or edited at all.

The returned definition contains all parts of static schema and run-time extensions. It does not contain parts of resource "refined" schemas. Therefore for shadows it is only applicable to static parts of the shadow (not attributes).

This is not security-sensitive function. It provides data about security constraints but it does not enforce it and it does not modify anything or reveal any data. The purpose of this method is to enable convenient display of GUI form fields, e.g. to hide non-accessible fields from the form. The actual enforcement of the security is executed regardless of this method.

Parameters:: object - object to edit
Returns:: schema with correctly set constraint parts or null
Throws:: SchemaException; ConfigurationException; ObjectNotFoundException

getEditShadowDefinition

PrismObjectDefinition<com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType> getEditShadowDefinition(ResourceShadowDiscriminator discr,
                                                                                                             com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase,
                                                                                                             OperationResult result)
                                                                                                               throws SchemaException,
                                                                                                                      ConfigurationException,
                                                                                                                      ObjectNotFoundException

Throws:: SchemaException; ConfigurationException; ObjectNotFoundException

getEditObjectClassDefinition

RefinedObjectClassDefinition getEditObjectClassDefinition(PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType> shadow,
                                                        PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType> resource,
                                                        com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationPhaseType phase)
                                                          throws SchemaException

Throws:: SchemaException

getActionUrls
```
Collection<? extends DisplayableValue<String>> getActionUrls()
```
Returns a collection of all authorization actions known to the system. The format of returned data is designed for displaying purposes.

Note: this method returns only the list of authorization actions that are known to the IDM Model component and the components below. It does not return a GUI-specific authorization actions.

Returns:

getAssignableRoleSpecification

<F extends com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType> RoleSelectionSpecification getAssignableRoleSpecification(PrismObject<F> focus,
                                                                                                                                   OperationResult parentResult)
                                                          throws ObjectNotFoundException,
                                                                 SchemaException,
                                                                 ConfigurationException

Returns an object that defines which roles can be assigned by the currently logged-in user.

Parameters:: focus - Object of the operation. The object (usually user) to whom the roles should be assigned.
Throws:: ObjectNotFoundException; SchemaException; ConfigurationException

getCredentialsPolicy

com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsPolicyType getCredentialsPolicy(PrismObject<com.evolveum.midpoint.xml.ns._public.common.common_3.UserType> user,
                                                                                              Task task,
                                                                                              OperationResult parentResult)
                                                                                                throws ObjectNotFoundException,
                                                                                                       SchemaException

Returns a credential policy that applies to the specified user. This method is designed to be used during credential reset so the GUI has enough information to set up the credential (e.g. password policies, security questions, etc).

Parameters:: user - user for who the policy should apply; task -; parentResult - @return applicable credentials policy or null
Throws:: ObjectNotFoundException - No system configuration or other major system inconsistency; SchemaException - Wrong schema or content of security policy

getAdminGuiConfiguration

com.evolveum.midpoint.xml.ns._public.common.common_3.AdminGuiConfigurationType getAdminGuiConfiguration(Task task,
                                                                                                      OperationResult parentResult)
                                                                                                        throws ObjectNotFoundException,
                                                                                                               SchemaException

Returns currently applicable admin GUI configuration. The implementation will do all steps necessary to construct applicable configuration, e.g. reading from system configuration, merging with user preferences, etc. Note: This operation bypasses the authorizations. It will always return the value regardless whether the current user is authorized to read the underlying objects or not. However, it will always return only values applicable for current user, therefore the authorization might be considered to be implicit in this case.

Throws:: ObjectNotFoundException; SchemaException

checkPassword
```
boolean checkPassword(String userOid,
                    ProtectedStringType password,
                    Task task,
                    OperationResult parentResult)
                      throws ObjectNotFoundException,
                             SchemaException
```
Checks if the supplied password matches with current user password. This method is NOT subject to any password expiration policies, it does not update failed login counters, it does not change any data or meta-data. This method is NOT SUPPOSED to be used to validate password on login. This method is supposed to check old password when the password is changed by the user. We assume that the user already passed normal system authentication. Note: no authorizations are checked in the implementation. It is assumed that authorizations will be enforced at the page level.

Returns:
true if the password matches, false otherwise

Throws:

ObjectNotFoundException

SchemaException

visualizeDeltas

List<? extends Scene> visualizeDeltas(List<ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType>> deltas,
                                    Task task,
                                    OperationResult result)
                                      throws SchemaException

Throws:: SchemaException

visualizeDelta

@NotNull
Scene visualizeDelta(ObjectDelta<? extends com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType> delta,
                           Task task,
                           OperationResult result)
                     throws SchemaException

Throws:: SchemaException

getConnectorOperationalStatus

ConnectorOperationalStatus getConnectorOperationalStatus(String resourceOid,
                                                       OperationResult parentResult)
                                                         throws SchemaException,
                                                                ObjectNotFoundException,
                                                                CommunicationException,
                                                                ConfigurationException

Throws:: SchemaException; ObjectNotFoundException; CommunicationException; ConfigurationException

Interface ModelInteractionService

Field Summary

Method Summary

Field Detail

CLASS_NAME_WITH_DOT

PREVIEW_CHANGES

GET_EDIT_OBJECT_DEFINITION

GET_EDIT_SHADOW_DEFINITION

GET_ASSIGNABLE_ROLE_SPECIFICATION

GET_CREDENTIALS_POLICY

CHECK_PASSWORD

GET_CONNECTOR_OPERATIONAL_STATUS

Method Detail

previewChanges

previewChanges

unwrapModelContext

getEditObjectDefinition

getEditShadowDefinition

getEditObjectClassDefinition

getActionUrls

getAssignableRoleSpecification

getCredentialsPolicy

getAdminGuiConfiguration

checkPassword

visualizeDeltas

visualizeDelta

getConnectorOperationalStatus