Interface ModelService
IDM Model Interface
IDM Model Interface provides access unified to the identity objects stored in the repository and on the resources. It abstracts away the details about where and how are the data stored, it hides all the low-level system components.
Implementation of this interface are expected to enforce a consistency of access control decisions and model, e.g. to enforce Role-Based Access Control (RBAC). RBAC is only one of many possibly models and this interface may have many implementations.
Implementations of this interface may automatically derive properties and attributes for objects. E.g. RBAC models may automatically derive resource accounts attributes based on user role membership.
- Author:
- lazyman, Radovan Semancik
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
static final String
-
Method Summary
Modifier and TypeMethodDescription<O extends ObjectType>
CompareResultTypecompareObject
(PrismObject<O> object, Collection<SelectorOptions<GetOperationOptions>> readOptions, ModelCompareOptions compareOptions, @NotNull List<? extends ItemPath> ignoreItemPaths, com.evolveum.midpoint.task.api.Task task, OperationResult result) TODOdefault <T extends Containerable>
IntegercountContainers
(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) <T extends Containerable>
IntegercountContainers
(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) default <T extends ObjectType>
IntegercountObjects
(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) <T extends ObjectType>
IntegercountObjects
(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Count objects.countReferences
(ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Reference count - currently supporting roleMembershipRef and linkRef search.discoverConnectors
(ConnectorHostType hostType, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Discovers local or remote connectors.com.evolveum.midpoint.provisioning.api.DiscoveredConfiguration
discoverResourceConnectorConfiguration
(PrismObject<ResourceType> resource, OperationResult result) Method work same asProvisioningService.discoverConfiguration(PrismObject, OperationResult)
.default Collection<ObjectDeltaOperation<? extends ObjectType>>
executeChanges
(Collection<ObjectDelta<? extends ObjectType>> deltas, ModelExecuteOptions options, com.evolveum.midpoint.task.api.Task task, OperationResult result) Execute the provided object deltas.Collection<ObjectDeltaOperation<? extends ObjectType>>
executeChanges
(Collection<ObjectDelta<? extends ObjectType>> deltas, ModelExecuteOptions options, com.evolveum.midpoint.task.api.Task task, Collection<ProgressListener> listeners, OperationResult parentResult) @Nullable ResourceSchema
fetchSchema
(@NotNull PrismObject<ResourceType> resource, @NotNull OperationResult parentResult) Method work same asProvisioningService.fetchSchema(PrismObject, OperationResult)
.@NotNull CapabilityCollectionType
getNativeCapabilities
(@NotNull String connOid, OperationResult result) Method work same asProvisioningService.getNativeCapabilities(String, OperationResult)
.<T extends ObjectType>
@NotNull PrismObject<T>getObject
(@NotNull Class<T> type, @NotNull String oid, @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull OperationResult result) Returns object for provided OID.@NotNull PrismContext
void
importFromResource
(String shadowOid, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Import single account from resource.void
importFromResource
(String resourceOid, QName objectClass, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Import accounts from resource.<O extends ObjectType>
voidimportObject
(PrismObject<O> object, ImportOptionsType options, com.evolveum.midpoint.task.api.Task task, OperationResult result) Import object.void
importObjectsFromFile
(File input, ImportOptionsType options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Import objects from file.void
importObjectsFromStream
(InputStream input, String language, ImportOptionsType options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Import objects from stream.boolean
isSupportedByRepository
(@NotNull Class<? extends ObjectType> type) Returns `true` if the particular object type is supported by the current repository.<O extends ObjectType>
Collection<ObjectDeltaOperation<? extends ObjectType>>mergeObjects
(Class<O> type, String leftOid, String rightOid, String mergeConfigurationName, com.evolveum.midpoint.task.api.Task task, OperationResult result) Merge two objects into one.void
notifyChange
(ResourceObjectShadowChangeDescriptionType changeDescription, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) <O extends ObjectType>
ProcessedObject<O>parseProcessedObject
(@NotNull SimulationResultProcessedObjectType bean, @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull OperationResult result) void
postInit
(OperationResult parentResult) Finish initialization of the model and lower system components (provisioning, repository, etc).<F extends ObjectType>
voidrecompute
(Class<F> type, String oid, ModelExecuteOptions options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Recomputes focal object with the specified OID.<T extends Containerable>
SearchResultList<T>searchContainers
(@NotNull Class<T> type, @Nullable ObjectQuery query, @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull OperationResult parentResult) Search for "sub-object" structures, i.e.default <T extends Containerable>
SearchResultList<T>searchContainers
(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) <T extends Containerable>
SearchResultMetadatasearchContainersIterative
(Class<T> type, ObjectQuery query, ObjectHandler<T> handler, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) default <T extends ObjectType>
SearchResultList<PrismObject<T>>searchObjects
(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) <T extends ObjectType>
SearchResultList<PrismObject<T>>searchObjects
(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Search for objects.<T extends ObjectType>
SearchResultMetadatasearchObjectsIterative
(Class<T> type, ObjectQuery query, ResultHandler<T> handler, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Search for objects in iterative fashion (using callback).searchReferences
(ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Reference search - currently supporting roleMembershipRef and linkRef search.searchReferencesIterative
(@NotNull ObjectQuery query, @NotNull ObjectHandler<ObjectReferenceType> handler, @Nullable Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) PrismObject<? extends FocusType>
searchShadowOwner
(String shadowOid, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Returns the Focus object representing owner of specified shadow.void
shutdown()
shutdown model and lower system componentstestResource
(PrismObject<ResourceType> resource, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Test the resource connection and basic resource connector functionality.testResource
(String resourceOid, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Test the resource connection and basic resource connector functionality.testResourcePartialConfiguration
(PrismObject<ResourceType> resource, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Test partial resource connector configuration.
-
Field Details
-
CLASS_NAME_WITH_DOT
-
GET_OBJECT
-
COMPARE_OBJECT
-
SEARCH_OBJECTS
-
SEARCH_CONTAINERS
-
COUNT_CONTAINERS
-
COUNT_OBJECTS
-
SEARCH_REFERENCES
-
COUNT_REFERENCES
-
EXECUTE_CHANGES
-
EXECUTE_CHANGE
-
RECOMPUTE
-
LIST_ACCOUNT_SHADOW_OWNER
-
IMPORT_ACCOUNTS_FROM_RESOURCE
-
IMPORT_OBJECTS_FROM_FILE
-
IMPORT_OBJECTS_FROM_STREAM
-
POST_INIT
-
DISCOVER_CONNECTORS
-
MERGE_OBJECTS
-
NOTIFY_CHANGE
-
AUTZ_NAMESPACE
- See Also:
-
OPERATION_LOGGER_NAME
- See Also:
-
CHECK_INDESTRUCTIBLE
-
-
Method Details
-
getObject
@NotNull <T extends ObjectType> @NotNull PrismObject<T> getObject(@NotNull @NotNull Class<T> type, @NotNull @NotNull String oid, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException Returns object for provided OID. It retrieves the object from an appropriate source for an object type (e.g. internal repository, resource or both), merging data as necessary, processing any policies, caching mechanisms, etc. This can be influenced by using options.
Fails if object with the OID does not exist.
- Parameters:
type
- (class) of an object to getoid
- OID of the object to getoptions
- options influencing the retrieval and processing of the objectresult
- parent OperationResult (in/out)task
- Task instance. It gives context to the execution (e.g. security context)- Returns:
- Retrieved object
- Throws:
ObjectNotFoundException
- requested object does not existSchemaException
- the object is not schema compliantSecurityViolationException
- Security violation during operation execution. May be caused either by midPoint internal security mechanism but also by external mechanism (e.g. on the resource)CommunicationException
- Communication (network) error during retrieval. E.g. error communicating with the resourceConfigurationException
- Configuration error. E.g. misconfigured resource parameters, invalid policies, etc.IllegalArgumentException
- missing required parameter, wrong OID format, etc.ClassCastException
- OID represents object of a type incompatible with requested typeSystemException
- unknown error from underlying layers or other unexpected stateExpressionEvaluationException
-
executeChanges
default Collection<ObjectDeltaOperation<? extends ObjectType>> executeChanges(Collection<ObjectDelta<? extends ObjectType>> deltas, ModelExecuteOptions options, com.evolveum.midpoint.task.api.Task task, OperationResult result) throws ObjectAlreadyExistsException, ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, PolicyViolationException, SecurityViolationException Execute the provided object deltas.
The operation executes the provided object deltas. All deltas must relate to analogous objects (e.g. user and linked accounts). The implementation may throw an error if the objects are not analogous. The implementation also implicitly links the objects (mark them to be analogous) if such a link is part of the data model. E.g. the implementation links all accounts to the user if they are passed in a single delta collection. This is especially useful if the account deltas are ADD deltas without OID and therefore cannot be linked explicitly.
There must be no more than one delta for each object. The order of execution is not defined and the implementation is free to determine the correct or most suitable ordering.
The OID provided in ADD deltas may be empty. In that case the OID will be assigned by the implementation and the OIDs will be set in the deltas after the operation is completed.
Execution of ADD deltas should fail if such object already exists (if object with the provided OID already exists). Execution of MODIFY and DELETE deltas should fail if such objects do not exist.
The operation may fail if provided OIDs are in an unusable format for the storage. Generating own OIDs and providing them to this method is not recommended for normal operation.
There are no explicit atomicity guarantees for the operations. Some of the operations may pass, some may fail or even fail partially. The consistency of the data and state are not based on operation atomicity but rather a data model that can "repair" inconsistencies.
The operation may fail if any of the objects to be created or modified does not conform to the underlying schema of the storage system or the schema enforced by the implementation.
- Parameters:
deltas
- Collection of object deltas to executeoptions
- options influencing processing of the deltasresult
- parent OperationResult (in/out)task
- Task instance. It gives context to the execution (e.g. security context)- Returns:
- A collection of executed ObjectDeltaOperations (ObjectDelta + OperationResult). OIDs of newly created objects can be found in these ObjectDeltas (which may or may not be original ObjectDeltas passed to the method).
- Throws:
ObjectAlreadyExistsException
- object with specified identifiers already exists, cannot addObjectNotFoundException
- object required to complete the operation was not found (e.g. appropriate connector or resource definition)SchemaException
- error dealing with resource schema, e.g. created object does not conform to schemaExpressionEvaluationException
- evaluation of expression associated with the object has failedCommunicationException
- Communication (network) error during retrieval. E.g. error communicating with the resourceConfigurationException
- Configuration error. E.g. misconfigured resource parameters, invalid policies, etc.PolicyViolationException
- Policy violation was detected during processing of the objectSecurityViolationException
- Security violation during operation execution. May be caused either by midPoint internal security mechanism but also by external mechanism (e.g. on the resource)IllegalArgumentException
- wrong OID format, etc.SystemException
- unknown error from underlying layers or other unexpected state
-
executeChanges
Collection<ObjectDeltaOperation<? extends ObjectType>> executeChanges(Collection<ObjectDelta<? extends ObjectType>> deltas, ModelExecuteOptions options, com.evolveum.midpoint.task.api.Task task, Collection<ProgressListener> listeners, OperationResult parentResult) throws ObjectAlreadyExistsException, ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, PolicyViolationException, SecurityViolationException -
recompute
<F extends ObjectType> void recompute(Class<F> type, String oid, ModelExecuteOptions options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, PolicyViolationException, ExpressionEvaluationException, ObjectNotFoundException, ObjectAlreadyExistsException, CommunicationException, ConfigurationException, SecurityViolationException Recomputes focal object with the specified OID. The operation considers all the applicable policies and mapping and tries to re-apply them as necessary.- Parameters:
type
- type (class) of an object to recomputeoid
- OID of the object to recomputeoptions
- execute optionsparentResult
- parent OperationResult (in/out)task
- Task instance. It gives context to the execution (e.g. security context)- Throws:
SchemaException
PolicyViolationException
ExpressionEvaluationException
ObjectNotFoundException
ObjectAlreadyExistsException
CommunicationException
ConfigurationException
SecurityViolationException
- Since:
- 3.6
-
searchShadowOwner
PrismObject<? extends FocusType> searchShadowOwner(String shadowOid, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws ObjectNotFoundException, SecurityViolationException, SchemaException, ConfigurationException, ExpressionEvaluationException, CommunicationException Returns the Focus object representing owner of specified shadow.
May return null if there is no owner specified for the account.
Implements the backward "owns" association between account shadow and user. Forward association is implemented by property "account" of user object.
- Parameters:
shadowOid
- OID of the shadow to look for an ownertask
- Task instance. It gives context to the execution (e.g. security context)parentResult
- parent OperationResult (in/out)- Returns:
- owner of the account or null
- Throws:
ObjectNotFoundException
- specified account was not foundIllegalArgumentException
- wrong OID format, described change is not applicableSystemException
- unknown error from underlying layers or other unexpected stateSecurityViolationException
SchemaException
ConfigurationException
ExpressionEvaluationException
CommunicationException
-
searchObjects
<T extends ObjectType> SearchResultList<PrismObject<T>> searchObjects(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException Search for objects. Searches through all object of a specified type. Returns a list of objects that match search criteria. Note that this method has a very limited scaling capability as all the results are stored in the memory. DO NOT USE on large datasets. Recommended usage is only when using queries that cannot return large number of results (e.g. queries for unique values) or when combined with paging capability. For other cases use searchObjectsIterative instead. Returns empty list if object type is correct but there are no objects of that type. Fails if object type is wrong. Should fail if unknown property is specified in the query. When searching for objects ofShadowType
, there are specific requirements related to the query. Please seeProvisioningService.searchObjects(Class, ObjectQuery, Collection, Task, OperationResult)
for more information.- Parameters:
type
- (class) of an object to searchquery
- search queryoptions
- options influencing the retrieval and processing of the objectstask
- Task instance. It gives context to the execution (e.g. security context)parentResult
- parent OperationResult (in/out)- Returns:
- all objects of specified type that match search criteria (subject to paging)
- Throws:
SchemaException
- unknown property used in search queryObjectNotFoundException
- object required for a search was not found (e.g. resource definition)CommunicationException
- Communication (network) error during retrieval. E.g. error communicating with the resourceSecurityViolationException
- Security violation during operation execution. May be caused either by midPoint internal security mechanism but also by external mechanism (e.g. on the resource)ConfigurationException
- Configuration error. E.g. misconfigured resource parameters, invalid policies, etc.IllegalArgumentException
- wrong query formatExpressionEvaluationException
-
searchContainers
<T extends Containerable> SearchResultList<T> searchContainers(@NotNull @NotNull Class<T> type, @Nullable @Nullable ObjectQuery query, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException Search for "sub-object" structures, i.e. containers. Supported types are: AccessCertificationCaseType, CaseWorkItemType, OperationExecutionType and AssignmentType. The current implementation ignores the `readOnly` option because of the way how security constraints are applied. Currently, the objects are returned in the context of their parent values, up to the level of prism objects. (In the future, we may make this behavior configurable.) The security is applied to all levels - from the parent objects downwards. -
countContainers
<T extends Containerable> Integer countContainers(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException -
searchReferences
SearchResultList<ObjectReferenceType> searchReferences(ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException Reference search - currently supporting roleMembershipRef and linkRef search. This returns reference objects extracted from the actual object(s) that own them, but selection of which (and cardinality of the result list) is based on a repository search. Query must not be null and its filter must be: * either a OWNER-BY filter, * or AND filter containing exactly one OWNER-BY filter and optionally one or more REF filters with empty path (self).- Parameters:
query
- mandatory query with exactly one root OWNER-BY and additional REF filters- Throws:
SchemaException
SecurityViolationException
ConfigurationException
ObjectNotFoundException
ExpressionEvaluationException
CommunicationException
-
countReferences
Integer countReferences(ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException Reference count - currently supporting roleMembershipRef and linkRef search. SeesearchReferences(ObjectQuery, Collection, Task, OperationResult)
for more details.- Parameters:
query
- mandatory query- Throws:
SchemaException
SecurityViolationException
ObjectNotFoundException
ExpressionEvaluationException
CommunicationException
ConfigurationException
-
searchReferencesIterative
SearchResultMetadata searchReferencesIterative(@NotNull @NotNull ObjectQuery query, @NotNull @NotNull ObjectHandler<ObjectReferenceType> handler, @Nullable @Nullable Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException -
searchObjectsIterative
<T extends ObjectType> SearchResultMetadata searchObjectsIterative(Class<T> type, ObjectQuery query, ResultHandler<T> handler, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException Search for objects in iterative fashion (using callback). Searches through all object of a specified type. A handler is invoked for each object found. The handler is not called at all if object type is correct but there are no objects of that type. Fails if object type is wrong. Should fail if unknown property is specified in the query. When searching for objects ofShadowType
, there are specific requirements related to the query. Please seeProvisioningService.searchObjects(Class, ObjectQuery, Collection, Task, OperationResult)
for more information.- Parameters:
type
- (class) of an object to searchquery
- search queryhandler
- callback handler that will be called for each found objectoptions
- options influencing the retrieval and processing of the objectstask
- Task instance. It gives context to the execution (e.g. security context)parentResult
- parent OperationResult (in/out)- Throws:
SchemaException
- unknown property used in search queryObjectNotFoundException
- object required for a search was not found (e.g. resource definition)CommunicationException
- Communication (network) error during retrieval. E.g. error communicating with the resourceSecurityViolationException
- Security violation during operation execution. May be caused either by midPoint internal security mechanism but also by external mechanism (e.g. on the resource)ConfigurationException
- Configuration error. E.g. misconfigured resource parameters, invalid policies, etc.IllegalArgumentException
- wrong query formatExpressionEvaluationException
-
searchContainersIterative
<T extends Containerable> SearchResultMetadata searchContainersIterative(Class<T> type, ObjectQuery query, ObjectHandler<T> handler, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException -
countObjects
<T extends ObjectType> Integer countObjects(Class<T> type, ObjectQuery query, Collection<SelectorOptions<GetOperationOptions>> options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, SecurityViolationException, ConfigurationException, CommunicationException, ExpressionEvaluationException Count objects. Searches through all object of a specified type and returns a count of such objects. This method is usually much more efficient than equivalent search method. It is used mostly for presentation purposes, e.g. displaying correct number of pages in the GUI listings. When counting objects ofShadowType
, there are specific requirements related to the query. Please seeProvisioningService.searchObjects(Class, ObjectQuery, Collection, Task, OperationResult)
for more information.- Parameters:
type
- (class) of an object to searchquery
- search queryoptions
- options influencing the retrieval and processing of the objectstask
- Task instance. It gives context to the execution (e.g. security context)parentResult
- parent OperationResult (in/out)- Returns:
- number of objects of specified type that match search criteria (subject to paging). May return null if the number of objects is not known.
- Throws:
SchemaException
- unknown property used in search queryObjectNotFoundException
- object required for a search was not found (e.g. resource definition)CommunicationException
- Communication (network) error during retrieval. E.g. error communicating with the resourceSecurityViolationException
- Security violation during operation execution. May be caused either by midPoint internal security mechanism but also by external mechanism (e.g. on the resource)ConfigurationException
- Configuration error. E.g. misconfigured resource parameters, invalid policies, etc.IllegalArgumentException
- wrong query formatExpressionEvaluationException
-
searchObjects
default <T extends ObjectType> SearchResultList<PrismObject<T>> searchObjects(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException -
searchContainers
default <T extends Containerable> SearchResultList<T> searchContainers(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException -
countObjects
default <T extends ObjectType> Integer countObjects(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException -
countContainers
default <T extends Containerable> Integer countContainers(TypedQuery<T> query, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException -
testResource
OperationResult testResource(String resourceOid, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException, CommunicationException Test the resource connection and basic resource connector functionality. Authorizations are checked here. Work same asProvisioningService.testResource(PrismObject, Task, OperationResult)
.- Parameters:
resourceOid
- OID of resource to test- Returns:
- results of executed tests
- Throws:
ObjectNotFoundException
- specified object does not existIllegalArgumentException
- wrong OID formatSchemaException
ConfigurationException
SecurityViolationException
ExpressionEvaluationException
CommunicationException
-
testResource
OperationResult testResource(PrismObject<ResourceType> resource, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, ConfigurationException Test the resource connection and basic resource connector functionality. Work same asProvisioningService.testResource(PrismObject, Task, OperationResult)
. For internal use. Authorizations are NOT checked here!- Parameters:
resource
- resource to test- Returns:
- results of executed tests
- Throws:
ObjectNotFoundException
- specified object does not existSchemaException
ConfigurationException
-
testResourcePartialConfiguration
OperationResult testResourcePartialConfiguration(PrismObject<ResourceType> resource, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, ConfigurationException Test partial resource connector configuration. Testing only basic connection. Method work with OperationResult same as methodProvisioningService.testResource(PrismObject, Task, OperationResult)
. For internal use. Authorizations are NOT checked here!- Parameters:
resource
- resource to test- Returns:
- results of executed partial test
- Throws:
ObjectNotFoundException
- specified object does not existSchemaException
ConfigurationException
-
discoverResourceConnectorConfiguration
com.evolveum.midpoint.provisioning.api.DiscoveredConfiguration discoverResourceConnectorConfiguration(PrismObject<ResourceType> resource, OperationResult result) Method work same as
ProvisioningService.discoverConfiguration(PrismObject, OperationResult)
.- Parameters:
resource
- resource with minimal connector configuration- Returns:
- Suggested configuration properties wrapped in DiscoveredConfiguration.
-
fetchSchema
@Nullable @Nullable ResourceSchema fetchSchema(@NotNull @NotNull PrismObject<ResourceType> resource, @NotNull @NotNull OperationResult parentResult) Method work same as
ProvisioningService.fetchSchema(PrismObject, OperationResult)
.- Parameters:
resource
- resource with connector configuration- Returns:
- Resource schema fetched by connector
-
getNativeCapabilities
@Experimental @NotNull @NotNull CapabilityCollectionType getNativeCapabilities(@NotNull @NotNull String connOid, OperationResult result) throws SchemaException, CommunicationException, ConfigurationException, ObjectNotFoundException Method work same as
EXPERIMENTAL feature.ProvisioningService.getNativeCapabilities(String, OperationResult)
. -
importFromResource
void importFromResource(String resourceOid, QName objectClass, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException Import accounts from resource.
Invocation of this method may be switched to background.
TODO: Better description -
importFromResource
void importFromResource(String shadowOid, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException Import single account from resource.
TODO: Better description -
importObjectsFromFile
void importObjectsFromFile(File input, ImportOptionsType options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws FileNotFoundException Import objects from file. Invocation of this method may be switched to background.- Throws:
FileNotFoundException
-
importObject
<O extends ObjectType> void importObject(PrismObject<O> object, ImportOptionsType options, com.evolveum.midpoint.task.api.Task task, OperationResult result) Import object. The results will be provided in the task. -
importObjectsFromStream
void importObjectsFromStream(InputStream input, String language, ImportOptionsType options, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) Import objects from stream. Invocation of this method will happen in foreground, as the stream cannot be serialized. The results will be provided in the task. -
discoverConnectors
Set<ConnectorType> discoverConnectors(ConnectorHostType hostType, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws CommunicationException, SecurityViolationException, SchemaException, ConfigurationException, ObjectNotFoundException, ExpressionEvaluationException Discovers local or remote connectors. The operation will try to search for new connectors. It works either on local host (hostType is null) or on a remote host (hostType is not null). All discovered connectors are stored in the repository. It returns connectors that were discovered: those that were not in the repository before invocation of this operation.- Parameters:
hostType
- definition of a connector host or nullparentResult
- parentResult parent OperationResult (in/out)- Returns:
- discovered connectors
- Throws:
CommunicationException
- error communicating with the connector hostSecurityViolationException
SchemaException
ConfigurationException
ObjectNotFoundException
ExpressionEvaluationException
-
postInit
Finish initialization of the model and lower system components (provisioning, repository, etc). The implementation may execute resource-intensive tasks in this method. All the dependencies should be already constructed, properly wired and initialized. Also logging and other infrastructure should be already set up. -
shutdown
void shutdown()shutdown model and lower system components -
compareObject
<O extends ObjectType> CompareResultType compareObject(PrismObject<O> object, Collection<SelectorOptions<GetOperationOptions>> readOptions, ModelCompareOptions compareOptions, @NotNull @NotNull List<? extends ItemPath> ignoreItemPaths, com.evolveum.midpoint.task.api.Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException TODO -
mergeObjects
<O extends ObjectType> Collection<ObjectDeltaOperation<? extends ObjectType>> mergeObjects(Class<O> type, String leftOid, String rightOid, String mergeConfigurationName, com.evolveum.midpoint.task.api.Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, ConfigurationException, ObjectAlreadyExistsException, ExpressionEvaluationException, CommunicationException, PolicyViolationException, SecurityViolationException Merge two objects into one. EXPERIMENTAL feature. The method signature is likely to change in the future.- Parameters:
type
- object typeleftOid
- left-side object OIDrightOid
- right-side object OIDmergeConfigurationName
- name of the merge configuration to use- Throws:
ObjectNotFoundException
SchemaException
ConfigurationException
ObjectAlreadyExistsException
ExpressionEvaluationException
CommunicationException
PolicyViolationException
SecurityViolationException
-
notifyChange
void notifyChange(ResourceObjectShadowChangeDescriptionType changeDescription, com.evolveum.midpoint.task.api.Task task, OperationResult parentResult) throws CommonException - Throws:
CommonException
-
getPrismContext
-
isSupportedByRepository
Returns `true` if the particular object type is supported by the current repository. -
parseProcessedObject
@Experimental <O extends ObjectType> ProcessedObject<O> parseProcessedObject(@NotNull @NotNull SimulationResultProcessedObjectType bean, @NotNull @NotNull com.evolveum.midpoint.task.api.Task task, @NotNull @NotNull OperationResult result) throws SchemaException - Throws:
SchemaException
-