All Classes and Interfaces
Class
Description
Definition of an access certification - a template for
a set of access certification campaigns.
Either traditional "dynamic" action (add, modify, ...), or a search, that is considered to be an action since 4.8.
Common parts of definitions of activity-related reports.
AbstractActivityRun<WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
Implements (represents) a run (execution) of an activity in the current task.
Supertype for all activity state types.
Session process options.
Exception from naming convention (because of assignment vs inducement dichotomy).
Created by honchar.
Created by honchar.
Inbound or outbound mapping for the association as a whole.
Defines mapping(s) for an attribute.
Common supertype for all authentication module definitions.
Parameters describing the details of the situation we want to check authorization for.
Script evaluator that caches compiled scripts in
AbstractCachingScriptEvaluator.scriptCache
.Specified certification campaign definition for certification related operations.
Abstract clockwork-based synchronization action.
AbstractCompositeActivityRun<WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
Run of a set of child activities.
AbstractConstruction<AH extends AssignmentHolderType,ACT extends AbstractConstructionType,EC extends EvaluatedAbstractConstruction<AH>>
A superclass for both resource object constructions (
ResourceObjectConstruction
)
and persona object constructions (PersonaConstruction
).AbstractConstructionBuilder<AH extends AssignmentHolderType,ACT extends AbstractConstructionType,EC extends EvaluatedAbstractConstruction<AH>,RT extends AbstractConstructionBuilder<AH,ACT,EC,RT>>
Builder for all the constructions (resource object and persona).
Abstract supertype for constructions.
Current state of a correlator being used.
Definition of a correlator.
Common definition for all authentication modules that use password.
Statically-typed "execute-script" or "evaluate-expression" action.
Supertype for "execution" actions, carrying some common properties.
Evaluates an expression defined by
AbstractExpressionEvaluator.expressionEvaluatorBean
.Supertype of report export types.
Abstract supertype for all form items.
Superclass for global caches handling objects, versions, and queries.
AbstractImportActivityRun<WD extends ResourceSetTaskWorkDefinition,AH extends ModelActivityHandler<WD,AH>>
Abstract class for runner of tasks based on import (import and shadow reclassification).
abstract factory for all InputPanel panels
Common supertype for both
ItemDeltaItem
and ObjectDeltaObject
.Abstract type for key from key store.
Configuration of the logger: the facility that
collects log messages from the code.
AbstractMappingBuilder<V extends PrismValue,D extends ItemDefinition<?>,MBT extends AbstractMappingType,RT extends AbstractMappingBuilder<V,D,MBT,RT>>
Builder is used to construct a configuration of Mapping object, which - after building - becomes
immutable.
Functionality common to all "mapping config items".
AbstractMappingImpl<V extends PrismValue,D extends ItemDefinition<?>,MBT extends AbstractMappingType>
Evaluation of a mapping.
Defines how a value of a property (or attribute) should be
constructed.
Common supertype for item normalization steps (for custom indexing).
This is NOT autowired evaluator.
Abstract supertype for all data types that specify configuration properties for
a specific object type (User, Role, Org, Resource, ...)
Common supertype for policy for given operation.
Umbrella class for each page that should have the look and feel of login page.
Common definition for all authentication modules that use password.
Basic data structure for all policy constraints.
Exception from naming rules
Created by honchar
Basic super type for predefined configuration of account activation.
Takes care of reading JSON/YAML to XNode.
TODO
Abstract type for configuration of reports.
Definition for report-related activities.
Abstract action for all search-based operations, such as export and verify.
Type or class definition in schema handling.
Common implementation for both
ResourceObjectClassDefinition
and ResourceObjectTypeDefinition
.Abstract class contains common methods for panels that show uncategorized and categorized resource objects.
Base REST controller class providing common (utility) methods and logger.
Abstract class that contains the "essence" of a role.
Expression evaluator that is using javax.script (JSR-223) engine.
AbstractSearchExpressionEvaluator<V extends PrismValue,O extends ObjectType,D extends ItemDefinition<?>,E extends SearchObjectExpressionEvaluatorType>
Expression evaluator that is based on searching for an object of `O` type meeting specified criteria (like entitlement shadow),
and then converting it into "processed" form (like association value).
The result of the search: both source object, and the value that was created from it.
AbstractSearchExpressionEvaluatorCache<V extends PrismValue,O extends ObjectType,QK extends QueryKey,QR extends QueryResult<V>>
Cache for search expression-based evaluators.
Abstract "standalone" security profile, identified by an ID.
Abstract supertype for various expression and related profiles.
Common definition for all authentication modules that use security questions.
Either a resource object, or a repository shadow (after being adopted by provisioning, i.e. with the definitions applied).
The default implementation.
Definition of a shadow association type: parts that are common for native and simulated association types.
Abstract type for key from string representation.
Information about mapping or expression source during evaluation.
Prints statistics in selected format.
Class provides
OperationResult
summarizing functionality for result handler.Abstract synchronization action - either clockwork-based or arbitrary one.
Reaction to synchronization situation or situations: a common supertype for object and item-level structures.
Abstract class for panels with tiles for choice of object template.
Common supertype for various thread-local caches (parts of RepositoryCache but also others).
Something of interest during tracing of some low-level operation i.e. under of what is covered by
OperationResult
.Common superclass for TreeTablePanel and OrgTreeTablePanel
Lightweight type definition for non-prism builders.
AbstractValueTransformationExpressionEvaluator<V extends PrismValue,D extends ItemDefinition<?>,E extends TransformExpressionEvaluatorType>
Evaluates transformational expression: one that transforms input values to output values.
The
DefinitionFeatureParser
works with values of specified type, and that type should not be a parameterized one,
like "list of access rights".AbstractVerifiableWizardBasicPanel<C extends Containerable,AHD extends AssignmentHolderDetailsModel>
Abstract supertype for description of bucket contents.
IMPLEMENTATION NOTE: The fields in sub-classes should be immutable!
Marker type for an activity work definition.
TODO
EXPERIMENTAL
TODO
Common superclass for workflow (approval) work item, certification work item and case management work item.
Describes how to segment the work into buckets and manage them.
Base type for all write capabilities.
Writes XNode into JSON/YAML.
Created by Viliam Repan (lazyman).
Item annotation: access restrictions.
Scope for assignment-related reviews.
An enumeration that defines possible states of a certification campaign.
Definition of an access certification campaign.
An enumeration that defines possible strategies for case outcome (approval) computation - currently both at the stage and campaign level.
Statistics give a set of access certification cases.
An item that has to be certified, viewed in the scope of a given certification campaign.
Configuration for access certification.
Access certification definition augmented with report-related information
(e.g. number of campaigns).
Access certification definition.
An event related to access certification.
An interface through which external observers can be notified about certification related events.
The most common way of specifying scope - providing type+search filter to select "base" objects
and then some means of deriving certification cases from them.
TODO
TODO
An enumeration that defines possible styles for certification case remediation.
An enumeration that defines possible reviewers' responses.
Created by Kate on 15.12.2015.
Specifies how to select reviewers for a campaign stage.
Specifies the scope of an access certification campaign.
Interface to access certification related functionality.
Definition of an access certification campaign stage.
Information about a stage of a campaign.
Methods that facilitate working with
AccessCertificationCampaignType
and related objects at the repository level.A work item for a certification case.
Decision about access to something.
Created by Viliam Repan (lazyman).
A configuration request access UI
XSOM parser and serializer for (canAdd, canModify, canRead) access control triples.
TODO
TODO
Denotes an object capable of receiving an acknowledge that an item was processed.
Base implementation class for action, that is Ninja command.
Abstract panel for configuration of actions.
What XSD-derived class provides the configuration of this synchronization action?
Executes an action of a given type.
Executes a given action (add, modify, delete, enable, disable, assign, ...)
Contains various objects needed for the instantiation of a synchronization action.
Value of a parameter for an action.
Class that allows to return result and expected exit code from action execution.
Records information about actions on repository objects.
Collects actions executed information from a single item processing.
URI or URIs pointing to the given action.
Describes capability to process activation data, which means
enable/disable of accounts, dates for scheduled enable/disable
and similar things related to make the account active.
Created by Viliam Repan (lazyman).
Describes capability to provide lockout status (e.g. account temporarily disabled due to many failed login attempts).
The processor that takes care of user activation mapping to an account (outbound direction).
Describes capability to provide activation status (e.g. account enable and disable).
An enumeration that indicates the activation status of a particular entity.
Type that defines activation properties.
Describes capability to provide activation validity dates (validFrom, validTo)
Panel is used as an active campaigns preview on the Certification items page.
Item processing information for activity tree.
Shows "item processing" statistics for a collection of activities.
Provides statistics (item processing, synchronization, actions executed) for an activity with sub-activities.
Panel for activity-level statistics (item processing, synchronization, actions executed) for a list of activities.
Tailors the work specification by adding activity or activities before or after existing ones,
or by changing specification (execution mode, flow of control, distribution) of existing activities.
Binds together all the information about an activity and its run (if present).
Must be thread-safe.
Shows what actions were executed.
Objects affected by a simple activity.
TODO
Work definition for the auto-scaling activity.
Work state for the auto scaling activity.
Handler for tasks that are based on activity (activities) definition.
Implementation of
TaskInformation
based on new, activity-based tasks.A run of an activity-based task.
TODO
TODO
Information about the bucket processing within an activity.
Information about bucket management operations performance within an activity.
TODO
Defines control flow aspects of an activity: various preconditions, error handling, and so on.
TODO
Defines the features related to the flow of control within an activity (simple or composite).
Counters related to the execution of the activity, grouped into related categories.
A group of related counters.
A single counter.
Customization of an activity in a task template; e.g. for
ModelInteractionService.submitTaskFromTemplate(String, ActivityCustomization, Task, OperationResult)
.No change.
Replacing the set of objects in the root activity.
Definition of an activity.
Helps with creating
ActivityDefinitionType
objects.Describes an activity, i.e. something that has to be carried out within a task.
Defines the distribution aspects of an activity: buckets, worker tasks, worker threads, subtasks, and so on.
TODO
Describes how we are going to distribute the work that is to be done:
how to divide it into work buckets, and how to distribute these buckets to worker tasks.
Specifies a reaction when a given error during activity execution occurs.
Specifies a strategy for handling errors during iterative activities.
An event related to an execution of an
Activity
.Option about logging a particular task-related event.
Defines "execution mode" aspects of an activity: production/preview/dry-run/... plus additional information.
Detailed definition of the execution mode.
Handles task creation and activity execution requested by
-
ModelInteractionService.submit(ActivityDefinitionType, ActivitySubmissionOptions, Task, OperationResult)
- ModelInteractionService.createExecutionTask(ActivityDefinitionType, ActivitySubmissionOptions, Task, OperationResult)
Currently limited to their submissions in the form of background tasks.Spring component that ensures handling activity invocations.
Registry of activity handlers for different work definition types (either standard or customer-provided).
How should the activity deal with item counting, i.e. determining "expected total"
for a bucket or overall.
When are expected items in a bucket counted in an activity?
"Items processing" statistics for a single activity.
This is "live" iteration information.
Prints the item processing statistics.
Information about item processing in given activity.
Notifies external observers about activity-related events.
Controls logging aspects of an activity execution.
When are expected items (overall) counted in an activity?
Object identifying an activity in the (logical) activity tree.
Path from the root of the activity tree to the specified activity.
Extract of the most relevant performance information about an activity.
Output of activity precondition expression.
Takes care of reporting the activity progress.
TODO better name
Summarized representation of a progress of an activity and its sub-activities.
Builds
ActivityProgressInformation
from task tree or from root task with tree overview.Prints activity progress information.
Progress of an activity.
A realization of an
Activity
is complete.Realization state of an activity.
Should be an activity re-executed when the task is restarted (e.g. resumed)?
A collection of related report data objects.
Reporting characteristics of an activity.
Defines reporting features of the activity, like logging, tracing, profiling, and reports.
Provides default values for some of the
ActivityReportingDefinition
items.How should the task report its various aspects?
Defines specific activity-related reports.
Reports related to activity execution.
Exception that carries supplementary information on how it should be treated
(with the respect to operation result and task run result status).
Context for instantiating activity run.
Information about individual activity run.
Result of an run of an activity.
Creates (typed)
AbstractActivityRun
objects for given activityRealization state of an activity - simplified for the sake of activity overview.
Represents a running simulation with open simulation result.
Should the simulation result be created for the activity?
State related to the "simulated" execution of this activity (and its children).
TODO better name
Defines basic facts about activity work state, like type of the work state, the persistence level, and so on.
Parameters related to the maintenance of activity tree state overview.
Is progress information present?
How is the progress updated?
Describes an overview of the state of an activity.
Utilities related to the helper activity tree state overview structure (maintained in the root task).
How much is the activity state (full / overview) persistent across individual realizations?
Describes the state of an activity.
Utility methods related to activity state and activity work state.
Statistical information for individual activities.
How the part is realized via subtask.
Must be thread-safe.
Information about synchronization situations of objects processed by synchronization-related tasks:
live sync, import, reconciliation.
TODO
Execution state of an activity task - to be used in activity overview.
State of the local activity run in an individual task.
Definition for tracing execution of an iterative activity.
Represents the tree of activities that comprise a logical task.
Responsible for purging detailed state of the activities, including worker and delegator tasks.
Realization state of an activity tree.
Represents the activity tree state overview that is stored in the root task.
Describes the state of an activity tree.
Utility methods for navigating throughout activity trees, potentially distributed throughout a task tree.
Activity state with all the necessary context: the path, the task, and the partial states of coordinated workers.
Activity state in local context: just the path and the state.
State of the worker tasks (in the broad sense - i.e. tasks that do the real execution) in an activity:
- how many workers are there in total,
- how many workers (of them) are executing,
- how many workers (of executing ones) have been stalled,
- on what cluster nodes,
- if stalled, then since when.
Statically-typed "add" action.
Denotes ADD, DELETE, REPLACE sets in item deltas.
Creates an owning focus for the resource object.
Creates an owning focus value for the resource object value.
Authorizations to be applied in addition to or instead of the ones of current/selected subject.
Created by Kate on 19.09.2016.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Add object operation context; used only for true add, not overwrite which is more like modify.
Result of the addObject operation.
Indication that ADD and REMOVE of attribute values is reliably supported.
Configuration related to approvals GUI.
Default display formats for various UI elements.
Role management features that are potentially user-specific i.e. assigned as part of GUI configuration.
Administration GUI configuration.
The enum describes the administrative availability of the resource, if it is operational or undergoing maintenance.
Structure containing metadata about administrative operational state of the resource.
Created by Viliam Repan (lazyman).
Advanced features needed for activity run, like
1. calling `modelObjectResolver` for search/count operations,
2. model-level processing of expressions in search queries,
3. authorizations,
4. resolving provisioning definitions in queries,
5. managing simulation result objects.
Implements clustering of advanced category.
Contains free form logging configuration.
Provides just a core of
AffectedObjectsInformation
- the set of objects.Information about objects affected by an activity plus some extra data (type of activity, execution mode, and so on).
Provides full
AffectedObjectsInformation
.Condition controlling item report collection that is evaluated after the item is processed.
Created by Viliam Repan (lazyman).
AjaxTabbedPanel<T extends org.apache.wicket.extensions.markup.html.tabs.ITab>
Ajaxified version of the tabbed panel.
List of implemented resolver algorithms for schema context.
Filter designed to explicitly match everything.
This policy constraint always applies.
Holds the value corresponding to the "alwaysUseForEquals" annotation.
Representation of AMQP 0-9-1 message attributes.
Representation AMQP 0-9-1 message.
AMQP client configuration
Contains information about matching rules for attribute analysis.
Contains information about matching rules for object analysis process.
The container consists of statistical data about role analysis cluster.
A specialization of a
DefinitionFeature
, such that:
. the XSOM source being always XSAnnotation
,
. the list of these features is provided in the form of a Java enum (Annotation
, i.e., a fixed list of values.Basically the same as the default (and currently only) implementation of the
DefinitionFeature
.A list used for JAXB getAny() methods.
Async update carrying any data.
Any value (property, reference, container).
Configuration of the logger: the facility that
collects log messages from the code.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Specification of policies that are applicable to this object type.
Created by honchar.
Created by honchar.
Statically-typed "apply-definition" action.
Applies definitions to relevant objects.
Created by honchar
Prescribes how individual approval requirements should be composed into overall approval schema.
Describes the approval context, i.e. what has to be approved, the approval schema, and so on.
TODO clean up these formatting methods
Result (outcome) of an approval process stage.
Approval action.
Extract from ApprovalSchemaExecutionInformationType that could be directly displayed via the GUI as "approval process preview"
(either for the whole process or only the future stages).
TEMPORARY IMPLEMENTATION.
TEMPORARY IMPLEMENTATION.
Trace for operation(s) that create approval process start instruction(s).
Information on actual or expected execution of an approval schema.
Rules for approving something (e.g. assignment of a role to a user).
Provides functionality that deals with the approval cases.
One "level" (or stage) in the approval process.
GUI-friendly information about historic, current or future execution of a given approval stage.
Information of an actual or expected execution of an approval stage.
Preview of an execution of an approval stage.
Record of an actual execution of an approval stage.
Utility methods related to approval cases.
GUI-friendly information about an engagement of given approver in a historic, current or future execution of an approval stage.
Definition of GUI-related configuration for the archetyped objects.
Component that can efficiently determine archetypes for objects.
Definition of archetype policies, such as object template, lifecycle, type display properties and so on.
Processes the `archetypeRef` clause.
Module is used for the refining user search based on archetype selection.
Defines a set of archetypes.
Archetype definition.
Type of the archetype determining how it can be assigned and used.
Specifies category or "area" of a particular concept.
Delta processor for multi-value property represented by single array column.
Filter processor for multi-value property represented by single array column.
ActiveMQ Artemis target.
Formats data as "nice" ASCII table.
Returns value set triple of the default source.
Copy value as is, without any modification.
Statically-typed "assign" action.
Request to evaluate a mapping held by an assignment (in focusMappings container).
Resource object construction that was assigned to the focus.
These are "purified" parameters: targets and constructions to assign.
Data structure that contains information about possible assignment targets or holders for a particular object.
Created by honchar.
Created by honchar.
Specifies constraints on assignments that are placed in the same focus.
Created by Viliam Repan (lazyman).
TODO: unify with AssignmentItemDto
Trace for assignment evaluation operation.
An engine that creates EvaluatedAssignment from an assignment IDI.
Handles everything about AssignmentHolder-typed focus:
inbounds (for FocusType),
activation before object template (for FocusType),
object template before assignments,
activation after object template (for FocusType),
assignments (including processing orgs, membership/delegate refs, conflicts),
focus lifecycle,
object template after assignments,
activation after second object template (for FocusType),
credentials (for FocusType),
focus policy rules.
All of this is executed with regard to iteration.
Abstract supertype for all object types that can have assignments.
When new assignments are being created (either as part of focus "add" or "modify" operation), we need to know their PCV IDs
beforehand.
Not to be confused with AssignmentDto.
TODO: unify with AssignmentEditorDto
Merges
AssignmentType
objects.A merger specific to assignment: creates inheritance relations between the same assignments
(matched by kind and intent).
Constraint that triggers the rule when the object is assigned.
Assignment object relation specification.
Describes assignment origin, namely:
- if it's in object old, current, or in delta;
- if it's virtual or not;
- where it originated -
ConfigurationItemOrigin
.Path from the source object (focus) to the ultimate assignment that is being processed or referenced.
Path from focus object to a given assignment.
Assignment path leading to this data.
Single assignment in an assignment path.
Primary duty of this class is to be a part of assignment path.
One segment in the metadata assignment path.
One segment in the assignment path.
Sequence of assignment paths, e.g. one chain of evaluated assignments.
TODO
Created by honchar.
Assignment processor is recomputing user assignments.
Overall assignmentRelation approach for archetypes objects.
Specifies what types of assignments can be made to the focal object when it is a target of an assignment.
Trace for assignment evaluation operation.
Selects some assignments from all the assignments in the object.
Abstract superclass for dialogs that display a list of assignments.
A key for assignment:mode => modifications map (for policy state).
Created by honchar.
Creates
AssignmentTargetSearchExpressionEvaluator
objects.Create an expression that provides an assignment based on search results.
Evaluates all assignments and sorts them to triple: added, removed and "kept" assignments.
Generic assignments of one object to another object.
Created by honchar.
EvaluatedPolicyRule
that is associated to given EvaluatedAssignment
, either as "own"
(i.e. directly evaluated and triggered on) or as "foreign" (triggered on another assignment but connected to this one,
typically because of an exclusion constraint).Definition of an associated object.
Container for association-to-be-added in the context: resource shadow discriminator.
Used to access both "legacy" and "modern" association definitions.
Creates association values by constructing it via mappings for individual attributes and object references.
Provides
ShadowAssociationDefinition
s.Created by Viliam Repan (lazyman).
Created by honchar
For now only value/shadowRef and associationTargetSearch expression are supported to be edited.
Creates
ShadowAssociationValue
s based on projections of given role.Definition of an expression that creates association from links (linkRefs)
TODO
Inbound mapping for the association as a whole.
Outbound mapping for the association as a whole.
Search expression evaluator dealing with shadows - requires specific invalidation strategies.
Synchronizes association values by correlating and mapping them to values of respective focus item
(typically, an assignment).
Result of the evaluation of
AssociationSynchronizationExpressionEvaluator
.TEMPORARY/EXPERIMENTAL class that provides a full computation of an association values triple,
based on "modern" configuration style of association type.
Interface that provide ability to query status of asynchronous operation.
Mode of asynchronous script execution.
Options for asynchronous script execution.
JAXB version of OperationRequested.Add class.
JAXB version of OperationRequested.Delete class.
JAXB version of OperationRequested.Modify class.
JAXB version of OperationRequested class.
Connection to asynchronous provisioning targets.
Connection to asynchronous provisioning target.
Activity handler for controlled processing of asynchronous updates.
Describes capability to process asynchronous updates.
How to handle errors during async update processing.
TODO
TODO
Information on async update listening activity.
Status of the asynchronous update listening activity.
Representation of an async update message.
Sources of asynchronous updates.
Source of asynchronous updates.
Executes the asynchronous update from a resource.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
The container consists of statistical data about object.
Represents an attribute analysis structure.
Utility class for attribute analysis.
Specifies requirement on attribute values that should be passed to an operation.
Provides information about resource object attributes: both simple and reference ones.
The way how an attribute is fetched from the resource.
Defines inbound mapping(s) for an attribute.
Defines outbound mapping(s) for an attribute.
Path pointing to a specific
ShadowAttribute
.The way how an attribute is stored in repo - in case of passive caching.
The module can be used as an additional verification of the already authenticated user.
Created by Viliam Repan (lazyman).
This class serves as simple POJO that is build from configuration available in
SystemConfigurationAuditType
.Filter processor for an audit custom column attribute path (Prism item).
Audit event record describes a single event (usually data change) in a format suitable for audit.
One custom column property entry for audit record.
Common supertype for multi-value key-value properties in the audit record.
Temporary implementation.
One property entry for audit records.
Type representing named set of references for an audit record.
Type representing a single additional references for an audit record.
Audit event record describes a single event (usually data change) in a format suitable for audit.
Enumeration that helps distinguish phase when and where audit record was created.
Stage of event processing: request or execution.
Type of audit event, see the usage for more information.
Audit factory is a managed component that hides multiple actual
AuditServiceFactory
components - and AuditService
s they create - behind a single proxy implementation.Uses cache repository service to resolve object names.
Constants related to case management
Provides specific (approval/provisioning/correlation) functionality related to auditing.
Throw-away object realizing DB insertion of a single
AuditEventRecordType
and all related subentities.Created by honchar.
Created by honchar
Filter processor for audit properties stored in a single JSONB column.
Restricted version of ObjectReferenceType/PrismReferenceValue to be used for audit records.
TODO - get rid of XMLGregorianCalendar - Date conversions
Clickable (first) column for audit records.
Service contract for audit - this can actually represent multiple audit services.
Interface representing a factor class providing concrete
AuditService
implementation.Behavioral data about past authentications.
Wrapper for define channel of authentication, channel define scope of authentication etc. rest, gui, reset password ...
AuthenticationEvaluator<T extends AbstractAuthenticationContext,A extends org.springframework.security.core.Authentication>
Evaluator which checks credentials of identity and return authenticated data about authenticated identity.
Define actual state of authentication module between requests
Definition of authentication modules that midPoint is aware about.
Channel specification for authentication sequence.
Necessity, i.e. the level of requirement, whether the module is mandatory or optional.
Specification of authentication module in the sequence.
Authentication sequence.
Definition of the use of authentication mechanisms.
Define authentication module created by module configuration, with all filters and configuration
Parsed form of
AuthorizationType
.Definition of authorization.
Limitations of this authorization when it is applied to other authorizations.
A request to evaluate authorization-based access decision.
A request to evaluate authorization-based filter processing.
Request to evaluate authorizations for diagnostics purposes.
Response of diagnostic evaluation of authorizations.
How the evaluation should be traced.
Exception indicating violation of authorization policies.
Limitations of this authorization when it is applied to other authorizations.
Migrates authorizations from a legacy format into a new one.
Object-related authorization parameters.
Authorization define fine-grained access to midPoint objects and system functionality.
Collects auto-assignment mappings from auto-assignable roles.
Unfortunately, this cannot extend MappingConfigItem because of the conflict in generic type parameters.
Specification of role auto-assignment properties.
Autocomplete field for QNames.
Autocomplete field for Strings.
Reason for automated decision.
Provides simple "auto refresh" panel: buttons for start/stop auto refreshing, requesting manual refresh, and status label.
Activity handler for "auto-scaling" activity.
Defines how auto-scaling should be carried out.
Describes capability to specify additional (auxiliary) object classes in addition to the
primary object class.
The enum describes the availability of the resource, if it is down, unreachable or ok.
Available (saved or preconfigured) filter which can be applied during the search.
Reads files:
* localization/locale.properties from classpath
* locale.properties from _midpoint.home_
Loads available locales, format of properties is:
.name=
.flag= # used for css of flag
.default=true
e.g.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
// available responses can be configured in 3 places:
// 1. systemConfiguration -> accessCertification -> availableResponses
// 2. certificationCampaign -> accessCertification -> defaultView -> action
// 3. accessCertificationDefinition -> view -> action
// todo for now this class takes care only for 2 first options. the third should be counted as well
This class provides an empty implementation of
AxiomListener
,
which can be extended to create a listener which only needs to handle a subset
of the available methods.This class provides an empty implementation of
AxiomVisitor
,
which can be extended to create a visitor which only needs to handle a subset
of the available methods.This interface defines a complete listener for a parse tree produced by
AxiomParser
.Marker interface for AxiomPath Arguments
This class to represent all semantics validation and autocompletion query for Axiom Query Language.
Created by Dominik.
Created by Dominik.
Created by Dominik.
This class provides an empty implementation of
AxiomQueryParserListener
,
which can be extended to create a listener which only needs to handle a subset
of the available methods.This class provides an empty implementation of
AxiomQueryParserVisitor
,
which can be extended to create a visitor which only needs to handle a subset
of the available methods.This interface defines a complete listener for a parse tree produced by
AxiomQueryParser
.This interface defines a complete generic visitor for a parse tree produced
by
AxiomQueryParser
.This interface defines a complete generic visitor for a parse tree produced
by
AxiomParser
.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
A resource schema that is certain to contain no refinements.
Abstract (base) action class for clustering and pattern detection.
Superclass for all action executors.
Base class for bucket content factories.
How should be the base context in the delineation used for the classification?
Abstract superclass for built-in correlators.
Deprecated.
Common base type for handler and notifiers - filtering and common information.
The BaseGeneratorOptions class provides configuration options for data generation operation, such as importing,
transforming, specifying the number of users, and enabling archetype roles and users.
Created by Viliam Repan (lazyman).
Provides common functionality for the majority for (non-trivial) item mergers.
Implements the actual merging of two objects (
Containerable
) of the same type.Base for all operation handlers.
Created by Viliam Repan (lazyman).
Base class for most midPoint GUI panels.
Base worker class that either produces or consumes
BaseWorker
object for/from queue.Library of standard midPoint functions.
The BasicGeneratorOptions interface provides basic configuration options for data generation operation.
Created by Viliam Repan (lazyman).
Specifies the basic features of a repository-based object set.
Provides basic information about
ResourceType
for the purpose of refined resource object type/class definitions.Specifies a set of resource objects to be processed with only basic identifiers.
Analogous to PrismUnmarshaller, this class unmarshals atomic values from XNode tree structures.
An enumeration that defines when the activity will be executed.
Condition controlling item report creation that is evaluated before the item is processed.
Container for various behavior-related capabilities.
General-purpose behavioral data.
Created by Viliam Repan (lazyman).
Specification of how string-based segments are delineated.
Breadcrumb object that is stored in the session.
Creates content for new buckets.
Creates configured bucket content factories.
BucketContentFactorySupplier<ST extends AbstractWorkSegmentationType,CF extends BucketContentFactory>
Formats bucket content value into three columns (characterization, from, to).
Creates buckets when needed.
Generally useful constants related to bucketing.
Responsible for managing task work state:
1.
Methods related to bucketing part of an activity state and activity distribution definition.
Information about specific kind of work bucket management operation performance.
Information about bucket completion or analysis to be recorded in buckets report.
Information on buckets processing (for activity state overview).
Defines how buckets should be created.
Defines report on buckets processing.
Role in the work buckets processing.
Task progress counted in buckets.
Represents a report on individual buckets.
Defines the sampling of buckets.
TODO
TODO
Registry for built-in metadata mappings.
Built-in simulation metric.
A catalogue of all bulk actions.
Result of a bulk action execution.
Specifies limitations on the use of a particular bulk action (e.g. assign, unassign, etc).
Specifies restrictions and permissions for a specific action.
Main entry point for evaluating scripting expressions.
Specifies limitations on the use of a scripting actions.
A profile concerning the use of actions.
Interface of the Model subsystem that provides scripting (bulk actions) operations.
The BusinessRoleApplicationDto class represents a Data Transfer Object (DTO) that holds
information about a specific role, its associated cluster, and a list of BusinessRoleDtos that holds information
about a user's delta to a specific role.
The BusinessRoleDto class represents a Data Transfer Object (DTO) that holds information
about a user's assignment to a specific role and associated deltas.
Created by honchar
Defines basic contract for local caches (various caching components or services).
Delegate implementation for secret providers that is able to cache the resolved secrets and check keys for allowed prefixes.
This is a "compiled" configuration for a cache.
TODO consider better place for this component
Dispatches events to cache listeners (currently CacheRegistry and ClusterCacheListener).
Dispatches cache-related events - mainly invalidation ones - to all relevant listeners:
CacheRegistry
(grouping local caches) and ClusterCacheListener (for
inter-node distribution).Breadcrumbs text is not changing over time, we'll try to use this behavior to cache string value created by underlying IModel object.
Looking for resource bundle in compressed JAR and compressed libraries inside JAR is pretty expensive.
Whether (and how) we use cached shadows during processing.
How to deal with remote cache invalidation uncertainty.
How is the cache invalidated?
Provides additional information/hints for the particular cache to employ.
Provides more specific information e.g. about the nature of the change that triggered the invalidation event.
Deprecated.
Settings for a given cache and object type(s).
Temporary implementation.
Prints cache performance information.
Registry of all local caches (various caching components/services).
Registry of all local caches (various caching components or services).
CacheAccessInfo for all six caches.
Creates CacheSetAccessInfo objects.
Settings for a given cache.
Information about performance of various caches present in midPoint.
Report on the state of midPoint caches.
Level of details when reporting cache performance statistics.
How are cache statistics collected.
Level of details when reporting cache performance statistics.
How cache statistics are collected and reported.
How was the cache used?
Profiles for various kind of caching.
Metadata that record when a cache copy was retrieved, the identifiers (etags) of that
copy and possibly also other data.
Definition of object attribute caching policies.
Specific caching profile that can be used system-wide or for individual threads.
Definition of overall caching strategy.
Callout panel with message.
Request to cancel the specified case.
A candidate owner along with its confidence value (a number between 0 and 1, inclusive).
Traditional, object-based owner.
Collection of (unique) candidate owners.
The `CandidatePattern` class represents a candidate pattern in role analysis.
Fixme: Rename this to its actual use and meaning - item path representation normalized for textual search (used in indexing)
Filter processor for an
ItemPathType
attribute path (Prism item)
with canonicalization of the path before using it as a value for condition.Collection of resource capabilities.
Collection of resource capabilities.
Abstract supertype for all (static schema) capabilities.
Various useful methods related to capabilities.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Event describing the completion of a workflow process instance.
Information related to correlation request that is to be resolved.
Event describing the creation of a workflow process instance.
An interface through which external observers can be notified about case-related events.
TODO
TODO
Event related to a case (as a whole).
An interface through which external observers can be notified about case-related events.
Dispatcher for case creation events.
Any event occurring during case lifetime that needs to be recorded, e.g. an action done by a user.
Event related to case management: either case-level or work-item-level.
TODO specify and clean-up error handling
Utility methods related to case management.
Manipulation of work items and cases at the model API level.
Created by honchar
Methods that facilitate working with
CaseType
and CaseWorkItemType
objects at the repository level.TODO is this the correct place?
TODO
Companion light-weight utilities for
CaseType
and CaseWorkItemType
.Created by honchar
Created by honchar
Created by honchar
Created by honchar
Created by honchar.
A work item for a (generic) case.
Created by honchar
Created by honchar
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by honchar
DTO for displaying cases as part of certification campaign information.
A common superclass for CertCaseDto + CertWorkItemDto.
Some common functionality used from PageCertCampaign and PageCertDecisions.
Provides a correct handler for a given handler URI.
Specified certification campaign for opening next stage.
BEWARE: CertificationManager is responsible for authorizing all actions carried out through it.
Specified certification campaign for opening next stage.
TODO
Specified certification campaign for opening next stage.
Specified certification campaign for remediation.
Specified certification campaign for opening next stage.
Popup panel that displays cert. case activities and responses
Event for certification reviewers (reminding him/her of the need to do the work).
DTO representing a particular workItem.
Describes a change that was detected on a repository object:
- type
- OID
- additional information related object ADD/MODIFY/DELETE operation
Batch of changes to be executed.
Various information related to the execution of changes in an execution wave.
Executes precomputed changes.
TODO
This applies to all changes, therefore it will "hook" into addObject, modifyObject
and also deleteObject.
Classification of deltas (in approval case) according to their state.
Java class for ChangeTypeType.
Enumeration of built-in channels.
Describes migration from (potentially) old channel URI to a current channel URI.
Set of characters to be used when generating or checking a string value.
As a CharacterClassType, but it can contain a reference to a class defined elsewhere.
Definition of valid characters in a character class.
Checkbox that is supposed to be used in forms - checkbox with label.
Almost the same as Runnable but this one can throw CommonException and is serializable.
Almost the same as Consumer but this one is Serializable and can throw CommonException.
Almost the same as Function but this one is Serializable and can throw CommonException.
Almost the same as
Producer
but this one can throw CommonException
.Runnable version with thrown exception.
Expression used to check the data and report a user-friendly message in case
that the check fails.
Configuration of comment text field in last step (checkout) of request access UI wizard.
Configuration structure related to request access UI wizard and its last step - checkout.
Configuration of validity (assignment validity) for requested roles in last step (checkout) of request access UI wizard.
Created by honchar
Created by honchar
Created by Viliam Repan (lazyman).
TODO
Loosely based on XML encryption standard.
Request to claim a work item (or multiple work items in given case),
i.e. to assign it to the current user.
Definition for a classic report export activity.
Definition for a classic report import activity.
Configuration of the logger: the facility that
collects log messages from the code.
Created by Viliam Repan (lazyman).
Information how to override logging level for specified logger(s).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Various class path, class loading and class scanning utilities.
Externally-imposed exception from application of some clauses.
Description of the processing context, mainly for tracing and error reporting.
Listener that can be used to react on cleanup events created for items that are marked
with action
CleanupPathAction.ASK
.Activity execution for an elementary cleanup part.
Class that defines schema type (using
QName
). item path and action that should be used during cleanup operationCleanup action to be taken when a path is encountered.
Configuration of cleanup intervals and policies for various midPoint subsystems.
Configuration of cleanup intervals and policies for a specific subsystem or feature.
Definition for a cleanup activity.
System-wide clock.
The "clockwork" that drives the change processing.
Audit-related responsibilities during clockwork processing.
Represents and executes a single clockwork click.
Trace for Clockwork.click operation.
Resolves conflicts occurring during clockwork processing (multiple threads modifying the same focus).
Responsible for invoking hooks (both Java and scripting ones).
Interface used to intercept the ModelContext as it passes through the computation.
Authorizes clockwork requests.
Trace for Clockwork.run operation.
Common clockwork-related settings for synchronization purposes.
Abstract trace for clockwork events.
Represents a role analysis cluster of data points of a specific type.
Interface for clustering actions in role analysis.
An interface representing data points that can be used in clustering algorithms.
An abstract base class for role analysis clustering data points of a specific type using a distance measure.
Generally, execute(..) methods prepare a configured WebClient (URL, authentication, ...) and execute
specified client code on it.
Options related to remote code execution in the cluster.
Clustering action.
Contains information about matching rules for clustering process.
Contains information about matching rules for clustering process.
Resolves the clustering behavior for role analysis.
Enumeration representing different clustering modes.
Utility class for performing clustering operations in the context of role analysis.
REST service used for inter-cluster communication.
URL pattern constants shared by cluster client and REST service.
State of the cluster for the purposes of auto-scaling.
The `ClusterStatistic` class provides statistics for a clustering operation, such as the number of members,
properties, and various measures related to the clustered data.
Takes care for clusterwide user session management.
Takes care for clusterwide user session management.
Specification of an explicit or implicit object collection (including reference to the collection).
Depth parameter for collection interpretations that allow distinction between direct and indirect relation.
Method how implicit or explicit object collection should be interpreted.
Specification of an explicit or implicit object collection, without reference to the collection.
Stats (summary information) about a specific collection.
Constraints for collection stats (statistics).
Stats (statistics) setting and entries.
Just and extension of
RelatedObjectsProvider
, which prepends currently displayed processed objects into
list of related objects (for better navigation).Enumeration of Ninja commands (or actions).
TODO
Specifies a command to be executed on an operating system command-line.
Superclass for all common midPoint exceptions.
Generic communication exception.
Generic communication error.
EXPERIMENTAL.
Compiled user profile.
Compiled form of either object collection view or an implicit object collection, such as (e.g.) an
ArchetypeType
.Result of a correlation operation.
Wraps everything we need to count or look for objects.
Resource schema that is complete with regards to the resource definition, i.e., it contains the full `schemaHandling`,
including refined object types and object classes, and all the resource-level definitions, e.g., for shadow caching.
TODO
EXPERIMENTAL
Request to complete a set of work items (on given case).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Provides a definition for a complex type, i.e. type that prescribes inner items.
Accepts information about this complex type definition during schema parsing.
An interface to mutate the definition of a complex type.
Provides the functionality for
ComplexTypeDefinition.migrateIfNeeded(PrismContainerValue)
.Direct implementation of
ComplexTypeDefinition
.ComplexTypeDefinitionPanel<AH extends AssignmentHolderType,ADM extends AssignmentHolderDetailsModel<AH>>
Created by Viliam Repan (lazyman).
Names of projector/clockwork components invoked by medic.partialExecute method calls.
Report on structured object size.
CompositeActivityRun<WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
Composite correlator that evaluates its components (child correlators) and builds up the result according to their results.
Factory for
CompositeCorrelator
instances.Definition of scaling for the composite correlator.
User-friendly way of defining a correlator or correlators.
Represents ad-hoc combination of definitions of structural and auxiliary object classes.
Represents ad-hoc combination of definitions of structural and auxiliary object classes.
Composition-enabled composite correlator.
Definition for pure composite activity.
This class is responsible for preparing the chunk structure for role analysis in the Midpoint system.
Do we do our computation during preview or during actual execution?
Exceptional concurrency state or operation invocation.
Exceptional concurrency state or operation invocation.
A filter with an expression that denotes a necessary condition for the filter to be applied.
Describes the evaluation state of assignment / object condition.
Generalized confidence information.
The
Confidence
extended by per-item confidence values.This class should provide user-understandable messages related to configuration errors, i.e. something that is (clearly)
wrong with the configuration.
TODO better name (also for factory)
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Defines properties of a specific dashboard widget.
Provides value policy when needed (e.g. in generate expression evaluator).
Visitor with configurable behavior.
Configuration exception indicates that something is mis-configured.
Configuration exception indicates that something is mis-configured.
Helper class that provides complex information about a configuration item (e.g., a mapping).
Description of an origin of a configuration item (expression, mapping, and so on).
Represents an item that was defined out of context of any prism object.
Represents an item that was generated by the system.
An item that is a part of a delta (of unspecified provenience) that is targeting a given object.
A typical case: an item that is a part of a prism object.
Represents an origin we are not currently able to determine exactly.
Connector configuration properties
What parts of a system configuration (in the most broad sense of the word), or what changes thereof should be
(or are) used for the particular execution?
TODO
Created by Honchar.
Created by Viliam Repan (lazyman).
Conflict<PV extends PrismValue,ID extends ItemDefinition<I>,I extends Item<PV,ID>,V extends ItemTreeDeltaValue<PV,ITD>,ITD extends ItemTreeDelta<PV,ID,I,V>,ITDV extends ItemTreeDeltaValue<PV,ITD>>
TODO better name
An expected conflict was detected by repository, throwing
PreconditionViolationException
.Created by honchar.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
What to do in the case of modify-modify conflict during model (clockwork) operation.
How to resolve write-write conflicts on focal objects, i.e. if two threads modify given objects at once.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
A bit experimental.
Created by Viliam Repan (lazyman).
Resource configuration (hostname, port, ...).
Host definition for remote connector, remote
connector framework or a remote "gateway".
Complete specification of a connector instance with configuration and capabilities.
Configuration of ConnId connector pools.
The schema for connector configuration.
Description of a generic connector.
Information about a ConnId operation.
Obtains information about ConnId operations executed.
Represents a report on ConnId operations.
Defines report on ConnId operations.
Determines the scope of consistency checks.
Coverts delta set triples to secondary account deltas (before/after reconciliation)
Computes value metadata during consolidation.
Returns zero set with a single value obtained by resolving given https://docs.evolveum.com/midpoint/reference/expressions/constants/[constant].
How constraints checking (for focus and projections) should be done.
Created by honchar.
ConstructionCollector<AH extends AssignmentHolderType,K extends HumanReadableDescribable,ACT extends AbstractConstructionType,AC extends AbstractConstruction<AH,ACT,EC>,EC extends EvaluatedAbstractConstruction<AH>>
Collects evaluated constructions from evaluatedAssignmentTriple into a single-level triple.
Strength of the construction defines how aggressively will
the construction be applied.
Specifies the target of resource object construction - i.e. to which projection context it should be applied.
Projection construction.
Execute changes for duplicated containerable object.
Created by Viliam Repan (lazyman).
Request to process a containerable.
Handles iterative processes that concern containerables.
Created by honchar
Definition for the panel which will be used on details panel.
Secrets provider that reads secrets from files.
Abstract container secrets provider.
ContainerTableDeltaProcessor<T extends Containerable,Q extends QContainer<R,OR>,R extends MContainer,OQ extends FlexibleRelationalPathBase<OR>,OR>
Delta value processor for multi-value containers stored in separate tables.
ContainerTableRelationResolver<Q extends FlexibleRelationalPathBase<R>,R,TS extends Containerable,TQ extends QContainer<TR,R> & QOwnedBy<R>,TR extends MContainer>
Resolver that knows how to traverse to the specified container table.
ContainerTableUpdateContext<S extends Containerable,Q extends QContainer<R,OR>,R extends MContainer,OR>
Update context for multi-value containers stored in separate table.
Allows customization of postFilter, pageStore and contentQuery for data providers
Generator assigning missing IDs to PCVs of multi-value containers.
Context loader loads the missing parts of the context.
The interface provides methods for create resolvers.
Created by Dominik.
Module is used for the user authentication using the correlation rules.
Describes a correlation case, typically when it's going to be presented to the user.
How well the candidate matches the object being correlated on given correlation property?
Manages correlation cases.
Legacy definition of whether to create correlation cases.
Defines the custom confidence value for given correlator.
These values are used to determine the correlation results.
The context of the correlation and correlator state update operations.
Context for correlating an association value to a set of matching focus assignments.
Context for correlating a focus to a set of matching focuses.
Context for correlating a shadow to a set of matching focuses.
Definition of a correlation (e.g. for resource object type).
Details of the error state for the use in
CompleteCorrelationResult
; and later maybe also in CorrelationResult
.Describes how the correlator (could) came to a given candidate owner, and the specific confidence value of it.
This is for correlators that support candidate check (i.e., determining confidence for the provided candidate)
but do not provide any the specific explanations of their decisions.
This is for correlators that do not support neither explanation nor candidate check (i.e., determining confidence
for the provided candidate).
Instance of a correlation item
TODO finish!
Item that should be correlated as part of this correlator (i.e., correlation rule).
Configuration for correlation module.
Defines some restrictions for the correlation authentication module.
Represents a correlation option: a candidate owner or a "new owner".
Contains information about a correlation property that is to be (e.g.) displayed in the correlation case view.
Values (primary and secondary) for given correlation property.
Result of the correlation at the level of
Correlator
, i.e. the return value of
Correlator.correlate(CorrelationContext, OperationResult)
method.Contains correlation-related methods that should be accessible from the outside of `model` module.
Provides correlation-related functionality, primarily on top of
Correlator
interface:
. the correlation itself (`correlate`) - including creation of CompleteCorrelationResult
out of correlator-provided
CorrelationResult
object;
. determining candidate owner suitability (`checkCandidateOwner`);
. describing the correlation case (`describeCorrelationCase`);
. completing a correlation case;
and further auxiliary methods.TODO
Describes situations in which the correlator should be activated.
Finds a focus object for given resource object.
Definition of how the results of the correlator should be integrated in the parent (composite) one.
Wrapper for both typed (bean-only) and untyped (bean + item name) correlator configuration.
Overall context in which the correlator works.
Creates
CorrelatorContext
instances.Used to select relevant correlator among multiple ones defined - currently only in object template.
Instantiates configured correlators.
A registry of correlator factories.
Merges
AbstractCorrelatorType
objects.Utilities for manipulating correlators definitions.
TODO better place, better name
A loadable model of a list that knows how to provide count of list items without having to retrieve the actual data.
Tab that can display object count (small bubble with number) in the tab label.
Represents/carries out an execution of a set of updates of a counter group in an activity.
Delta processor for columns storing size of multi-value item.
Resolver that maps the container item to the count column.
Interface for objects that provide Wicket model which represents
object count or similar tag.
Ability to efficiently count objects.
Strategy to simulate count operation using a different operation.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Describes create capability.
Creates (or updates) a correlation case for resource object in "disputed"
synchronization state, i.e. one whose owner cannot be reliably determined.
Created by Viliam Repan (lazyman).
Panel for reference that allow creating of new object for reference
Factory for reference values that support creating of new object.
Mapping that provides storage/createTimestamp.
Interface for authentication module which works with internal midpoint credentials
CredentialPolicyEvaluator<R extends AbstractCredentialType,P extends CredentialPolicyType,F extends FocusType>
Processor for evaluating credential policies on the focus object.
Structure that specifies common elements to all the credential policies.
Describes capability to present credentials in a structured way.
Source of a new credential value.
Credentials management policy.
Processor for focus credentials.
Constraints that define how propagation of credentials can be controlled by the
user.
Specifies the method of resetting the credential.
Credentials reset management policy.
Prepares credentials (focus, shadow) for storage in the repository, taking into account the storage method
specified in the relevant security policy.
Specifies the method of storing the credential in midPoint.
This is a container type for various credentials types: passwords, public keys, one-time password
scheme identifiers, etc.
Specifies criticality of an operation.
Created by Viliam Repan (lazyman).
CSV export type for Report.
Formats data as CSV file.
Activity state for the current activity run.
Custom message source provided by a Java class.
Handles custom composite activities, see
https://docs.evolveum.com/midpoint/reference/tasks/activities/#configuring-custom-composite-activities.
Work state for a custom composite activity.
TODO describe
NOTE: This class is experimental and may be removed in the future.
Factory for custom events.
CustomImageResource generates images for role mining clusters based on a MiningOperationChunk.
Created by Viliam Repan (lazyman).
Normalization carried out using custom expression.
Custom notifier which uses expression to produce the message object.
Custom ways of evaluating a policy constraint.
Configuration of the custom secrets provider, that is not known at the compile time.
Custom secrets provider implementation, that is not known at the compile time.
NOTE: This class is experimental and may be removed in the future.
Custom type transport that can be realized either as a Java class (e.g. using overlay
mechanism) specified in `type` element or via `expression`.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Specifies layout of a dashboard, such as the user dashboard (home screen)
or administration dashboard.
Configuration of dashboard-based reports.
Created by honchar.
Configuration Dasboard dashboard showing in GUI.
Properties of a specific widget data field.
Type of the field.
Specifies widget data source.
Specifies widget presentation properties.
Type of widget content data source.
Defines properties of a specific dashboard widget.
Conditional variation in the way how the widget is displayed.
Data to be displayed.
Parts of
SchemaTransformer
devoted to applying read constraints to objects and deltas
(by removing invisible items and values).Temporary implementation.
EXPERIMENTAL
EXPERIMENTAL
Represents a data point for clustering, containing members and properties.
Parts of
SchemaTransformer
devoted to modifying prism data and definitions according to policies
in object templates or archetypes.Container which specify legal content for the role related to the GDPR.
Data Provider registry for customizable data providers
Spring based Data Provider registry
Factories are expected to be instantiated by Spring using
Component
annotation
and autowired using Autowired
Converter for Date to String.
Created by honchar
Component for displaying date value as a label
By default (if no converter is set) the date is formatted
according to the client's locale, timezone (not implemented yet),
with applying long style for date and long style for time.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Options that will be used for date time picker in js.
Panel for Date.
Way of rounding deadline(s) e.g. for certification or approval stages.
Cleanup policy for dead nodes.
Evaluates outlier detection on RBAC generated dataset which contains outlier labels.
Debugging listener for reconciliation tasks.
Represents the "deep clone" and "ultra deep clone" operations on items and complex type definitions.
List that freezes its members as well.
Reference that freezes the referenced object as well.
Whether to use default approval policy rules.
Column related utilities shared by reporting and GUI.
A class responsible for executing the detection of patterns in role and user mining chunks/role analysis process.
Default expression profiles to be used in specific situations.
Default phase or phases for evaluation of inbound mappings.
Declarative information how an item (from schema/prism world) is to be processed
when interpreting query.
Default matching rule used as a fall-back if no explicit matching rule is specified.
A
NaturalKeyDefinition
implementation that uses a simple list of constituent items to compare container values.Default operation policy for those operations that do not have their behavior specified explicitly
via object marks.
The DefaultPatternResolver class is responsible for detecting and resolving patterns within a role analysis session.
Used when PrismReferenceValue.getRealValue is called, and no referencable is present in the PRV.
Minimalistic context needed to evaluate inbound mappings outside of both
LensContext
and SynchronizationContext
.Common interface to access all definitions.
An interface that provides an ability to modify a definition.
Parts of
SchemaTransformer
devoted to modifying prism definitions according to access allowed.Factory for prism definitions (Definition and all its subtypes in prism-api).
An identifiable feature of a item or type definition.
Parses a schema definition feature value from the source form (currently, XSD/XSOM) to the real value.
Special parser for "marker" boolean values, like `a:container`.
Marks the parser as always returning a value, and provides appropriate getter method.
A collection of definition features known in prism.
Serializes given feature, currently into XSD DOM.
Interface through which we put information into DOM.
Root of all those definition builders.
Abstract definition in the schema.
How should be definitions processed when object is to be retrieved.
How should be definitions processed when object is to be retrieved.
Resolves a definition in a parent.
Created by honchar.
Created by Kate Honchar.
Common elements for all definitions.
Should be definitions updated after an object is retrieved via model API?
If an account is unassigned and there is no other existing assignment for an account midPoint
will de-provisioning that account.
This evaluator delayed delete base on duration from configuration
DelayedDeleteActivationMappingType
.TODO
EXPERIMENTAL
Request to delegate work items (of a given case).
This is default item delta processor that decides what to do with the modification.
Created by honchar.
State for a delegation (delegating) activity run.
See https://docs.evolveum.com/midpoint/reference/security/authorization/configuration/selectors/delegator/.
Statically-typed "delete" action.
Created by Honchar.
Describes delete capability.
Executes the "delete" action.
Deletes the owning focus for the resource object.
Deletes the owning focus value for the resource object value.
Contains information about object deletion result; primarily needed by repository caching algorithms.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Deletes the resource object.
Deletes the resource object value.
Deletes specified objects.
Deletes specified objects.
Grammar
----
ObjectDelta ::= (ItemDelta)* ( 'OBJECT-DELTA(oid)' | 'ITEM-DELTA' | 'ITEM-DELTAS' )
ItemDelta ::= 'ITEM(...)' ( ( 'ADD-VALUES(...)'
Options used when serializing deltas to "bean" form (ObjectDeltaType).
Converts between "XML" (i.e.
Just a marker interface for now, reminding us that there seems to be a repeated pattern of "delta execution preprocessors"
(currently
OperationalDataManager
, TaskOperationalDataManager
, and IndexingManager
) that tweak
the deltas before they are executed.TODO clean up these interfaces!
Deprecated.
Deprecated.
Deprecated.
The triple of values (added, unchanged, deleted) that represents difference between two collections of values.
The triple of values (added, unchanged, deleted) that represents difference between two collections of values.
Collection of plus/minus/zero sets of values with origins (mappings or similar providers), keyed by target item path.
Responsible for consolidation of a
DeltaSetTripleIvwoMap
(plus, minus, zero sets for individual items) to item deltas.A priori delta is the one that led to the current state of the target object.
Represents the situation when there's no a priori delta.
Experimental.
TODO
EXPERIMENTAL
Utility class for keeping things in three: plus, zero and minus.
Performs density-based clustering of data points based on specified parameters and distance measure.
Represents the dependencies between items.
An item that can tell us about its dependencies.
Represents a topological sort of items.
Information about midPoint deployment: subscription information, deployment name,
description, color and so on.
Deprecated.
Experimental.
loader for url, initialize all urls with authorizations
Specifies the method how page save/preview buttons are shown and processed.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
DetailTableItemFilterProcessor<S,Q extends FlexibleRelationalPathBase<?>,DQ extends FlexibleRelationalPathBase<DR>,DR>
Filter processor for a an attribute path (Prism item) that is stored in detail table.
Contains information about the outlier assignment anomaly result.
Contains information about the outlier assignment anomaly result.
The `DetectedPattern` class represents a detected pattern in role analysis.
The `DetectionActionExecutor` class is responsible for executing the pattern detection process
within the role analysis.
The `DetectionOperation` interface defines the operations required for performing pattern detection
within the role analysis process.
A diagnostic information attached to an object.
Presentation form of diagram element.
Inclusion of diagram element.
Annotation that describes how the item should be presented in data model diagrams.
Expands object references (from pointers to dictionary to full objects).
JAXB representation of DigestMethodType.
Specific elements for export/import.
Direction of report.
Object resolver that works on files in a directory.
Statically-typed "disable" action.
This evaluator change midpoint default behaviour and disable account.
Describes capability to do configuration discovery, check and recommendation
(`DiscoverConfigurationApiOp`).
Executes "discover-connectors" action.
Suggested configuration properties of connector.
Created by Viliam Repan (lazyman).
Enumeration for "display" annotation.
Display hints for an item.
Display hints for an item.
TODO: refactor for lazy loading
Specifies the kind of view of value.
A distance measure interface for calculating the similarity or distance between two sets of values.
Specifies whether "distinct" option should be used in database searches.
Matching rule for LDAP distinguished name (DN).
Normalizer for LDAP Distinguished names.
Definition for a distributed report export activity.
DistributingActivityRun<WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
An activity that distributes (usually bucketed) activity to a set of worker tasks.
URL format: https://download.evolveum.com/midpoint//midpoint--dist.zip
VERSION can be: 3.4.1, ..., 4.7, latest
VERSION_NUMBER can be: 3.4.1, ..., 4.7, SNAPSHOT
Custom implementation of
ContainerSecretsProvider
for Docker secrets.Docker secrets provider.
Created by Viliam Repan (lazyman).
Universal button to display drop-down menus.
TODO
A no-op implementation of
Operation
used when there's nowhere to record the execution to.EXPERIMENTAL
Module is used for 2FA authentication.
Contains method for creating and modifying new duplicated object.
Maps namespaces to preferred prefixes.
TODO
How were the effective privileges modified?
A sub-activity that does not have its own (explicit) definition.
Delta processor for whole embedded single-value containers.
Resolver supporting dereferencing of embedded references.
Custom configuration (factory) for embedded tomcat factory.
Type that contains nothing.
Statically-typed "enable" action.
Implements "enable" and "disable" actions.
TODO
Contains data protected by (reversible) encryption.
TODO
Loosely based on XML encryption standard.
Enforcement action.
Provides functionality that the case engine calls when dealing with specific case archetypes (like approval cases, etc).
Simple type, which behaves as enumeration in most modeling languages.
Definition of enumeration value
Elements for enumeration definition.
Collects values with their labels and documentation from XSD.
Elements for enumeration value definition.
Delta processor for an attribute path (Prism item) of enum type that is mapped to matching
PostgreSQL enum type - this allows to use schema enums directly.
Filter processor for an attribute path (Prism item) of enum type that is mapped
to matching PostgreSQL enum type - this allows to use schema enums directly.
Filter processor for a an attribute path (Prism item) of enum type that is mapped
to SQL as ordinal value.
Thread safety: Instances of this class may be accessed from more than one thread at once.
Statistics related to performance and state of external environment, namely provisioning via connectors,
mappings (as these might contain code that invokes external systems), and notifications.
Custom implementation of
SecretsProvider
that reads secrets from environment variables.Environment variables secrets provider.
Explicit "equals" interface for easy lambda usage.
A strategy used to determine equivalence of prism items and values.
Categorizes errors.
Executes iterative task error handling strategy.
Temporary.
What should a task do when an error of given type is encountered?
Selects error categories, e.g. for the purpose of criticality definition, selection
which error types to handle, etc.
Description of an error condition to act on.
PoC implementation of dumping a "logical" stack, consisting of a sequence of nested
OperationResult
objects.Describes the "error state" of the current activity run.
TODO
EXPERIMENTAL
Facade interface for evaluated resource object and persona constructions.
Evaluated resource object construction that is assigned to the focus.
Evaluated assignment that contains all constructions and authorizations from the assignment
itself and all the applicable inducements from all the roles referenced from the assignment.
EvaluatedConstructionMappingExtractor<V extends PrismValue,D extends ItemDefinition<?>,AH extends AssignmentHolderType>
Common abstract superclass for triggered exclusion and requirement constraints.
Represents triggered exclusion constraint.
Evaluated resource object construction that is defined in the schemaHandling part of resource definition.
TODO document this interface and its methods
To which object is the policy rule targeted, from the point of assignment mechanisms - and how?
Description of a situation that caused a trigger of the policy rule.
Arranges externalized triggers into trees according to presentation instructions (hidden, final, displayOrder).
Represents triggered requirement constraint.
Facade interface that provides insight about construction that was evaluated by projector code.
EvaluatedResourceObjectConstructionImpl<AH extends AssignmentHolderType,ROC extends ResourceObjectConstruction<AH,?>>
Evaluated construction of a resource object.
Statically-typed "evaluate-expression" action.
Executes "evaluate-expression" (s:evaluateExpression) actions.
This is to reduce the number of parameters passed between methods in this class.
Java class for EvaluationTimeType.
Defines how a value of a property (or attribute) should be
constructed.
Notification event that should be propagated, filtered, externalized (typically to ascii or html), and send out.
TODO
Dispatcher of change notifications.
Set of callback methods used to convey information from the validator to the "working" code.
Handles a single notification event.
Currently used for custom event handlers, as they are security-sensitive.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
An event handler type - extends common handler with filter/info
and additionally can contain one or more notifiers of various kinds.
Domain of a given event mark.
Information specific for event marks.
TODO
Global context for processing a single event.
TODO
Created by lazyman on 09/03/2017.
Additional information for an exception.
An exception that can provide the
ExceptionContext
.A matching rule for Microsoft Exchange EmailAddresses attributes.
A normalizer for Microsoft Exchange EmailAddresses attribute consisting of `SMTP:`/`smtp:` prefix and email address.
Container that defines exclusion of entities (e.g. roles).
Evaluates exclusion and requirement policy constraints.
A response from executeChanges operation.
A request for executeChanges operation.
Processor with deltas and post process after successful executing of these deltas.
Statically-typed "execute-script" action.
Executes "execute-script" (s:execute) actions.
Output of a single script execution.
Result of a single script execution.
A response from executeScripts operation.
A request for executeScripts operation.
TODO move to
ExecuteScriptConfigItem
.Context of a command execution.
TODO
Privileges and identity that will be used to execute an expression or similar operation.
Functionality that supports the activity execution that is going on within this task.
Group of counters.
Filter processor that resolves
ExistsFilter
.Used to signal that we have to exit handler processing with a given run result.
This class is responsible for preparing the expanded structure for role analysis in the Midpoint system.
Marks experimental code.
Segmentation strategy based on explicit enumeration of buckets.
Executes a set of change requests, each consisting of a set of deltas (presenting a single model operation).
Executes given changes.
Segmentation strategy that explicitly enumerates the buckets.
Consumer writing exported audit events to the writer (stdout or file).
Producer worker for audit export operation.
Similar to normal repository
ExportRepositoryAction
, but not extended from
AbstractRepositorySearchAction
because we need containers here and objects are quite
deeply embedded in the existing classes.Created by Viliam Repan (lazyman).
Anonymize and write midpoint's objects
Created by Viliam Repan (lazyman).
Ninja action realizing "export" command.
"Compiled" form of
ExpressionType
bean.Constants for all names of the variables in the system.
A correlator based on expressions that directly provide focal object(s) (or their references) for given resource object.
Factory for
ExpressionCorrelator
instances.A correlator that uses a specified expression to find shadow owner.
Describes an environment in which an
Expression
is evaluated.Holds
ExpressionEnvironment
(containing e.g. current task and operation result; or other items in the subclasses)
to be used from withing scripts and methods that are called from scripts.Simple almost-DTO used to contain all the parameters of the _whole_ expression evaluation.
Error during evaluation of expression.
Trace for expression evaluation operation.
Methods _internal_ to the processes of expression evaluation.
Represents an expression evaluator (e.g. literal, path, script, assignmentTargetSearch, etc).
Creates expression evaluators from their definitions (evaluator elements) and parts of the context
(e.g. output item definition).
Specifies limitations on the use of a particular expression evaluator (e.g. script, path, value, etc).
Specifies restrictions for execution of specific expression evaluators.
Specifies limitations on the use of a individual expression evaluators (e.g. script, path, value, etc).
Wrapper for expression evaluator.
Factory for expressions and registry for expression evaluator factories.
Describes input parameters to the expression.
Specifies restrictions and permissions for a specific class.
Specifies restrictions and permissions for a specific method.
Specifies restrictions and permissions for a package.
Compiled expression permission profile.
Specifies restrictions and permissions for various evaluators, especially for
scripting expressions.
Pipeline of expressions - they are executed one after another,
input sent to the pipeline as a whole is sent to the first expression.
Profile for evaluation of "regular" expressions, bulk actions, and function libraries.
Manages (cached) expression profiles.
An indexed set of
ExpressionProfile
objects.Specifies restrictions for execution of expressions and scripts.
Created by honchar
Expression result multiplicity.
Sequence of command expressions - they are executed one after another,
input sent to the sequence as a whole is then sent individually
to each expression.
Information about mapping source during evaluation.
Composition-enabled expression correlator.
TODO
Created by honchar
Various methods to assist in creating (maybe later parsing?)
Created by honchar
Definition of a variable.
Created by honchar
Contains the expression that can be part of e.g. prism filters (or other data).
Created by honchar
Java class for extension complex type.
Delta processor for extension container stored as a single JSONB column.
Filter processor for extension items stored in JSONB.
Extension item mapper that is much lazier than
SqaleItemSqlMapper
for typical column.This acts like a container mapping for extension/attributes containers.
Resolver for indexed extension/attributes containers.
Contains ext item from catalog and additional info needed for processing.
Represents extension properties associated with a data point.
Special REST methods to access external schemas.
Place for non-standard object properties.
Update context for extension/attributes JSONB column.
Externally-provided resource event.
Cache for
MExtItem
catalog.The `ExtractPatternUtils` class provides utility methods for preparing and transforming detected patterns.
Utilities and constants related to extension item processing, especially as JSONB.
How are failed objects selected.
Provides specification (selector) of failed objects that are to be re-processed by an activity.
Selects objects that were failed to be processed in previous activity run(s).
The enum describes the operation during the account was processed.
Behaviour class that determines visibility of (configurable) UI feature.
How should be errors during object fetch process handled and reported.
How should be errors during object fetch process reported.
Where and how to store "file" notifications.
Export configuration.
Report export type.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Secrets provider that reads secrets from files.
Where and how to store "file" messages.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Java class for FilterType complex type.
TODO describe
Keeps/removes selected items from the input value.
A correlator based on a filter that matches focal object(s) to given resource object.
Factory for
FilterCorrelator
instances.A correlator that uses a specified filter to find shadow owner.
TODO decide what to do with this
Filters input on a given condition.
Gizmo (device,gadget,thing) that handles search filters and other filter-like things during security processing of search filters.
Keeps everything needed to produce a filter from given selector and clause.
This represents operation between the path (typically) and value(s).
Filter processor is very abstract thing that takes the filter and returns the SQL predicate.
Created by Dominik.
Composition-enabled filter correlator.
Work bucket content defined explicitly by a filter.
Common delta processor logic for storing based on the final value of the property.
A response from findShadowOwner operation.
A request for findShadowOwner operation.
Target object is a given (fixed) prism object: either the same as focus ODO (but with no updates!)
Model that returns string value for a flexible label.
Extension of
RelationalPathBase
that adapts the Q-class to midPoint
(mainly extension columns) while preserving all the features provided by Querydsl.Specification of role auto-assignment properties.
Contains some of the information necessary to evaluate a mapping.
Evaluates a set of focus -> focus mappings.
Builder for
FocalMappingSetEvaluation
objects.Created by honchar.
Option for updating focus authentication behaviour attributes.
Executes changes in the focus context.
1.
Receives notifications when focus object is modified (or added, or deleted).
Signals that we should stop the Projector because the focus is gone, and it was deleted by an inner clockwork run
(i.e., during a discovery process).
Created by honchar.
TODO
Alternative identities for a focus.
Source of a focus identity.
Alternative identity for a focus.
Common functionality for "focus list" pages or panels - e.g. roles, services; in the future also users and maybe orgs.
Provides common inline menu functionality for focal objects: enable, disable, reconcile, delete.
Information about focus being loaded.
A single (alternative) identity.
Abstract supertype for all object types that can be focus of full midPoint computation.
Created by honchar
Execution of a single focus validity scanner task part.
Executes validity scan on focal objects.
Executes a given command individually for each item arriving at the input.
A rule that has been "transplanted" onto new owner (
EvaluatedAssignment
) - currently, the other side
of "one-sided" exclusion constraint.Describes formatting at abstract level.
Setting that influence how authorizations are used to display
and evaluate the form.
This part defines the actual form presentation and layout.
A group of fields.
A single form field.
javascript stuff, we replace ${this} with proper input id, probably
some jQuery black magic
TODO: add event type attribute to client element for this validator
Server-side validation rules.
Validation rules for the item.
Specifies a form using several different methods, e.g. by
specification of Java class, internal form OID, etc.
Form definition.
Created by Viliam Repan (lazyman).
Something that can be made immutable.
A list that can be made immutable.
A reference that can be made immutable.
Evaluation of inbound mappings from all projections in given lens context.
Inbound mapping source (
InboundsSource
) that is used in clockwork-based inbound mapping evaluation.Target in the "full mode".
SimulationData
for the whole clockwork operation.Information about full shadow being loaded.
Filter processor that resolves
FullTextFilter
.Configuration of the full text search feature.
What items to index.
Represents an
ExpressionParameterType
that is part of a FunctionExpressionEvaluatorType
i.e. a function call.Represents an
ExpressionType
that is part of a FunctionLibraryType
as a custom function.Calls specified library function expression.
Represents an
FunctionExpressionEvaluatorType
i.e. a call to a library function.Creates
FunctionExpressionEvaluator
objects.Evaluates custom defined functions from Function Library
Limitations on calling individual function libraries.
What function libraries and their functions can be called?
A "parsed form" of a
FunctionLibraryType
.Any function library that can be used in scripts.
Manages the function libraries, especially the ones that are created by parsing
FunctionLibraryType
objects.Specifies limitations on the use of a particular function library methods.
What functions in a given function library can be called?
Define reusable functions
TODO should we move this to test code?
Object that is able to produce given notification event (with the help of
CaseEventCreationListener
)
when the FutureNotificationEvent.send(CaseEventCreationListener, Task, OperationResult)
method is called.Specifies the fuzzy search algorithm to use for searching.
Trigram similarity
TODO consider using Double instead of Float
Configuration for GeneralChangeProcessor.
A scenario for GeneralChangeProcessor.
Formats any object value.
General notifier that can handle any type of event.
Configuration that is common to all transport configurations.
Created by Viliam Repan (lazyman).
Generates a string value based on given value policy.
This is NOT autowired evaluator.
Value generator mode.
Generate value according to a policy that is associated with the property/attribute.
Statically-typed "generate-values" action.
Executes "generate-value" action.
Repository action for generating role mining data in the system, including importing initial objects and performing
mining-related tasks.
Options for generating mining data.
Generic indistinguishable error of a connector framework.
The generic item merger that follows these rules:
1.
This is a generic component that server to edit various types
of Serializable objects in GUI.
Generic object for storing unknown (unexpected) object types.
Created by Viliam Repan (lazyman).
A generic configuration for a wf aspect.
Request to process a generic data item.
Generic visualization type (off, one-liner, detailed).
Implements "get bucket" operation.
Handles getObject calls.
A response from getObject operation.
A request for getObject operation.
TODO this Impl class could be removed.
See GetOperationOptions for a description.
Utilities related to GetOperationOptions and their externalized ("bean") representation.
Handler for getVersion operation.
Created by Viliam Repan (lazyman).
FIXME Creation of this interface was most probably a design mistake.
Maps namespaces to preferred prefixes.
Node-level cache for objects.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Policy rule for use in global configuration.
TEMPORARY
Expression evaluator that is using Groovy scripting engine.
How should be "groups" (orgs, roles) expanded?
Group selection structure creates new tile in first step of request access wizard UI (person of interest).
Actions are special things that can be done with particular object or list of objects.
Specifies the settings for GUI object export.
Flexible configurable label.
Class for misc GUI util methods (impl).
Base data Provider configuration
Configuration of the object list column.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Specifies form that are used for displaying and
editing of specific object type
Created by Viliam Repan (lazyman).
Specifies the set of default panels that are used for displaying and
editing of objects, such as User, Role, Org, ...
Specifies the configuration of a generic table listing various things (usually objects).
Configuration of additional panels that can be present in some view types.
Specifies the set of pages that are used for displaying lists of objects
such as Users, Roles, Orgs, ...
Specifies the page used to list specific object type or object collection.
Parameter which can be used within GUI.
Compiles user interface profile for a particular user.
Principal that extends simple MidPointPrincipal with user interface concepts (user profile).
Specifies form that are used for displaying and
editing of specific object type
EXPERIMENTAL.
Specifies form that are used for displaying and
editing of specific object type
EXPERIMENTAL.
List pages for shadows.
TEMPORARY.
TEMPORARY
Constraint that triggers when the focus has given assignment(s).
JAXB representation of HashedDataType.
Sample showing a custom object form that displays simple greeting.
Created by Kate on 07.04.2016.
Created by Viliam Repan (lazyman).
Represents equality check, possibly between two different types.
Just like
PrismContainerWrapperFactoryImpl
but sets PrismContainerValueWrapper.isHeterogenous()
flag to `true`.TODO
Very simple object to hold a single value.
Definition for self dashboard.
Behaviour have to be added to form.
TODO
TODO
TODO consider moving this downwards to make it available for the rest of midPoint (not only to config.xml parsing).
HTML export type for Report.
Definition of HTTP BASIC authentication module (RFC 7617).
Information about the HTTP connection.
Pseudo-authentication for pre-authenticated users.
Individual HTTP methods.
Definition of HTTP SecQ module.
Object that can provide short, human-readable description.
Panel for Icon color with insight.
Factory for Color of IconType container.
Created by Viliam Repan (lazyman).
Factory for Css class of IconType container.
Panel for Icon css class with insight.
Tab that can display icon in the tab label.
User interface icon specification.
This value indicates, whether the evaluation of this role gives the
same results regardless of its position in the assignment/inducement
hierarchy.
Denotes identifier of the object or container (i.e.
Provides information about primary and secondary identifiers.
PRELIMINARY/LIMITED IMPLEMENTATION
Wraps all the configuration related to management of `identities` container, correlation, and so on.
Define additional configuration for SAML2 Identity provider
Identity recovery management policy.
Attributes to be sent to the external ID Match service.
What properties should be sent to the ID Match service.
A correlator based on an external service providing ID Match API.
Factory for
IdMatchCorrelator
instances.State of the process driven by ID Match correlator.
Correlation using ID Match service.
Object to be matched, resolved or updated.
Represents external ID Match service that is invoked as part of correlation (and other processes)
within ID Match-based correlator.
An interface from midPoint to real ID Match service.
Composition-enabled ID Match correlator.
Just the value holder to ensure type safety; for the "ignored namespaces" definition feature.
Error should be ignored and the processing should continue.
Ignores the value in the source object.
Argument provided to the operation is illegal.
Resolves `ImplicitWorkSegmentationType` in a specific context.
A segmentation strategy that is interpreted by the specific activity run.
Class responsible for importing initial objects into the Midpoint system.
Consumer importing audit events to the database.
Action for importing audit event records to the repository.
Responsible for launching "import from resource" activity task,
as well as for importing a single account on foreground.
A response from importFromResource operation.
A request for importFromResource operation.
Created by Viliam Repan (lazyman).
The options for import tasks.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Definition for an import activity.
Inactivates the owning focus for the resource object.
Inactivates the owning focus value.
Inactivates the resource object.
Inactivates the resource object value.
Operation cannot be applied to the object.
Background information for value provenance metadata (
MappingSpecificationType
) for inbound mappings.Phase or phases in which the mapping should be evaluated.
Configuration of inbound mappings evaluation.
What purpose or purposes does the inbound mapping serve?
Processor that takes changes from accounts and synchronization deltas and updates user attributes if necessary
(by creating secondary user object delta
ObjectDelta
).Overall context of the inbounds processing: system configuration, environment (time, task), operation result, and the like.
A
ShadowType
or ShadowAssociationValue
that provides the source data for inbound mappings.Source for the whole inbounds processing.
The target for the inbounds processing i.e. the object (focus, assignment, ...) into which the output of mappings will be put.
This is a marker that a given prism item is incomplete.
FIXME: This could be effective singleton
Currently only for BAR chart.
Definition of item normalization (for custom indexing).
A
ValueNormalizer
configured for an indexed item.TODO
PRELIMINARY VERSION - e.g. no support for object template inclusion, etc
Helps with searching through model-indexed values (currently, in identities/identity[X]/items/normalized container).
Type of index maintained by the data store.
Configuration for indirect search item.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Short information about the currently used environment, including repository diagnostics.
TODO Replace by forms eventually.
TODO Replace by forms eventually
TEMPORARY
Item Name of Infra Model Items.
Technical (infrastructure) configuration of midPoint deployment.
This interface represents an abstract role generator used for initial role object generation.
This interface represents an archetype generator used for initial archetype object generation.
This interface represents a business role generator used for initial role object generation.
Imports initial data objects as needed, ignoring already imported objects.
The InitialObjectsDefinition class facilitates the generation of initial objects, including roles, organizations,
and archetypes, which are essential for data generation.
This interface represents an org generator used for initial org object generation.
TODO: update to better use with DropdownButtonPanel.
In Memory Assignment Data Provider
TODO create a better name for this filter
Filter processor that resolves
InOidFilter
.Exception that is thrown when action execution is in progress and input parameters combination is invalid,
e.g. when two mutually exclusive parameters are specified
Not to be used for validation of individual parameters, parameter parsing using
IParameterValidator
that happens in JCommander throws ParameterException
for that.Integer stat (statistic) entry.
Simple monitoring object.
"Fast filter" that can reject a raw operation result.
Information about a midPoint internal operation.
Represents a report on internal operations.
Defines report on internal operations.
Various internals configuration elements.
Unfinished.
Wrapping invalidation event.
Listens for invalidation events that are received by RepositoryCache/Invalidator.
Contains functionality related to cache entry invalidation.
Parser for "is any" definition feature.
Isolated checkbox - checkbox that is displayed as (visually) stand-alone component.
Item is a common abstraction of Property, Reference and Container.
Interface for objects that behave like an item: they have a name and may have a definition.
What to do with the changes computed for the given item?
Trace for item consolidation.
Definition of a property constraints.
Definition of correlation-related aspects of a focus item.
Definition of a single-item correlator for an item (a resource object attribute or a focus item).
A definition of a specific item (as opposed to a type).
To be seen if useful.
Abstract item definition in the schema.
Provides definitions of an item (for bucketing purposes).
To be used e.g. by query or delta builders.
Used to provide delayed definition building.
Item Delta describes a change of an item which is a property, container or a reference.
Filters item deltas according to specified criteria.
A class defining old item state (before change), delta (change) and new item state (after change).
THIS IS NOT A GENERATED CLASS.
Essential contract for processing item delta modifications.
Applies single item delta value to an item.
THIS IS NOT A GENERATED CLASS.
Utilities related to
ItemDelta
and ItemDeltaType
objects.Applies item delta values to an item and arranges necessary SQL changes using update context.
Just the value holder to ensure type safety.
Factory for items (property, reference, container, object) and item values.
ItemHeaderPanel<V extends PrismValue,I extends Item<V,ID>,ID extends ItemDefinition<I>,IW extends ItemWrapper>
Item is a common abstraction of Property and PropertyContainer.
Definition of a custom indexing for an item.
Checks item limitations.
TODO
ItemName without prefix specified, ideal item name for runtime data, constants, etc.
General interface to ItemPath objects.
Methods that operate on path collections.
Converter and validator for ItemPath objects used in command-line parsing.
Holds internal (parsed) form of midPoint-style XPath-like expressions.
Natural key consisting of an item path.
Parses string representation of
ItemPath
and ItemPathType
objects.Holds internal (parsed) form of midPoint-style XPath-like expressions.
Defines a type for XPath-like item pointer.
Whether or how data should be persisted.
Maintains information on processing of a given item: a resource object (for tasks like import or reconciliation),
a repository object (e.g. for recomputation tasks), a change (for livesync or async update), or basically whatever.
How item processing ended?
Information about item processing to be recorded in items report.
Holds an item that is scheduled for processing.
Specifies the "depth" of item processing.
Specifies the "depth" of item processing.
Description of the common item handling details, such as display name,
read/write access and value and synchronization expressions.
TODO
Columns common to all specific item-related reports (like ConnId operations, internal operations, etc).
ItemRelationResolver<Q extends FlexibleRelationalPathBase<R>,R,TQ extends FlexibleRelationalPathBase<TR>,TR>
Common contract for resolver that helps with navigating over complex (non-single) item paths
for query purposes.
Condition controlling item report creation or collection that is evaluated before or after item is processed.
A generalized
ItemPath
: It allows pointing to a specific item value, while allowing to select
from multivalued items not only by ID, but by arbitrary filter.TEMPORARY
A segment of ItemRouteType.
Generalized item path.
A "user-friendly" correlator based on a list of items that need to be matched between the source
(usually the pre-focus, but a shadow is acceptable here as well), and the target (set of focal objects).
Factory for
ItemsCorrelator
instances.Correlator that compares individual items.
Defines the custom confidence value for given search item.
Specifies how to search for the item.
Compiled security constraints for a given prism value (usually containerable) and operation, at the granularity
of individual contained items.
Defines report on items processing.
Task progress counted in items.
Information on items processing (for activity state overview).
Defines contract for mapping component holding information how an item (from schema/prism world)
is to be processed when interpreting query.
Composition-enabled items correlator.
Action(s) that have to be executed in specified synchronization situation.
Defines reaction(s) to synchronization-related situations, plus other synchronization settings,
at the level of focus item.
Reaction to synchronization situation or situations at the level of focus item.
Synchronization situation of an association (or similar) item value.
ItemTreeDelta<PV extends PrismValue,ID extends ItemDefinition<I>,I extends Item<PV,ID>,V extends ItemTreeDeltaValue>
Experimental.
Type of
FilterProcessor
for a single Prism item (not necessarily one SQL column).Specification of value metadata processing for a given data item: mappings that should be applied
and item definitions driving e.g. storage and applicability of built-in processing of individual
metadata items.
Value of an item along with the information where it came from:
ItemValueWithOrigin.producer
and ItemValueWithOrigin.construction
.ItemWrapperFactoryImpl<IW extends ItemWrapper,PV extends PrismValue,I extends Item,VW extends PrismValueWrapper>
TODO better name
How to iterate through entities in searchObjectsIterative method.
Definition of iteration properties for a resource account or other resource objects.
IterativeActivityRun<I,WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
Represents a run of an iterative activity: either plain iterative one or search-based one.
This interface summarizes what should an implementor of
IterativeActivityRun
(either plain or search-based) provide.Executes specified deltas on specified set of objects.
Executes specified changes on specified objects.
Represents data about iterative operation that starts.
Executes a script (a.k.a. action) over a set of objects.
IvwoConsolidator<V extends PrismValue,D extends ItemDefinition<?>,I extends ItemValueWithOrigin<V,D>>
Consolidate the output of mappings for a single item to a delta.
IvwoConsolidatorBuilder<V extends PrismValue,D extends ItemDefinition<?>,I extends ItemValueWithOrigin<V,D>>
A distance measure implementation for calculating the Jaccard distance/similarity between two sets of values.
Just to (statically) hold the information about `midpoint.jar` file signature validity.
Generic universal type converter.
A set of ugly hacks that are needed for prism and "real" JAXB to coexist.
Represents visitable JAXB bean.
Represents visitor of generated JAXB beans.
Common contract for SQL-based repository configuration.
Wrapper around JDBC
Connection
representing "session", typically a transactional one.Representation of JMS message.
JMS asynchronous provisioning target.
JMS client configuration
Representation of JMS text message.
A simplified representation of a requested asynchronous provisioning operation.
Simple representation of an ItemDelta: contains collections of real values being
added/deleted/replaced.
Type representing JSONB columns in PostgreSQL database as a wrapped string.
Technical exception capturing problems with reading or writing the JSONB value.
Path representing JSONB column.
Delta processor for multi-value poly-strings represented as array in JSONB column.
Filter processor for multi-value property stored as JSONB array.
TODO what about thread safety?
Generic expression evaluator that is using javax.script (JSR-223) engine.
Define that resource server expect token in format JWT.
TODO
Loosely based on XML digital signature standard.
TODO add other relevant methods here
Builder for KeyStoreBasedProtector implementation.
Class that manages encrypted and hashed values.
Experimental.
A free-form string value with a label.
Created by Viliam Repan (lazyman).
Describes capability of resource to provide last login timestamp.
A definition that can be viewed at from different layer's point of view.
Defines a system layer.
LDAP authentication module supports authentication via LDAP server.
Search configuration which uses an Ldap filter to locate the user
How to deal with legacy approvers specifications, i.e. approvalRef, approvalExpression, approvalSchema,
automaticallyApproved items in AbstractRoleType?
This type exists just to allow (deprecated) "cases" element in legacy synchronization bean.
TODO
Created by Viliam Repan (lazyman).
Responsible for updating the legacy progress for the current task.
Reaction to a synchronization situation.
The
TaskInformation
based on a legacy task structure.LEGACY: This is all very old code.
Class to validate (and possible transform) large sets of objects.
This class does nothing.
Values of sequences used in the computation.
Value of a sequence used in the computation.
A serialization of model context, i.e. a context of an operation in the model.
Lens context for a computation element - a focus or a projection.
Currently, just a single-use interface for
LensElementContext.modifyPrimaryDelta(DeltaModifier)
method.TODO
Helps with evaluating expressions during the "lens" execution.
TODO
Metadata-related utility methods.
Describes operation executed during the clockwork.
TODO
TODO
Enumeration of approval strategies at a particular stage.
Overrides logging level for given loggers, based on thread-specific configuration.
TODO move to a better place?
Specifies the use of Levenshtein edit distance for searching.
Takes care of converting between XNode tree and specific lexical representation (XML, JSON, YAML).
Note that this interface does not contain handleError method.
Executes a function from a function library.
Specifies restrictions and permissions for a specific library function.
Action that reduces (purges) object data.
TODO
EXPERIMENTAL
Specification of lifecycle states and state transitions.
Specification of lifecycle state transition.
Specification of lifecycle state.
Lightweight identifier is a "reasonable unique" identifier that is very cheap
to create.
Handler for a lightweight task.
A merger specific to
PropertyLimitationsType
.Definition of complexity and string policy
A
InboundsContext
for inbound mappings evaluation that is used in SingleShadowInboundsProcessing
.In what situations (change-related) does the link match?
Created by Kate on 23.09.2015.
Selects objects among linked ones (for this object).
Functions related to "linked objects" functionality.
Created by honchar
Created by Kate Honchar.
Translates a linked selector (LinkedObjectSelectorType) to appropriate ObjectFilter.
Manages link definitions.
Selects objects among linked sources (for this object).
Links resource object to its owning focus.
Selects objects among link targets (for this object).
Definitions of link types for objects having this archetype.
Definitions of a link type.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Always returns zero set with literal value (values) specified in the evaluator.
Creates
LiteralExpressionEvaluator
objects.TODO ... describes operations executable when the definition is "live and well" in its place,
like the complex type definition in prism container
Work in progress.
Task handler for controlled processing of asynchronous updates.
Describes capability to detect changes in almost real time (live synchronization).
Represents [live] synchronization change event obtained from a resource.
Handles changes retrieved by
ProvisioningService#synchronize(ResourceShadowCoordinates, LiveSyncOptions, LiveSyncTokenStorage, LiveSyncEventHandler, Task, OperationResult)
method.Manages the storage of a live sync token.
Definition for a live sync activity.
State of the live sync activity.
Lazy loading Wicket model.
LocalActivityRun<WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,BS extends AbstractActivityWorkStateType>
The "real" run of an activity - i.e. not a delegation nor a distribution.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Used to retrieve item definition from 'local definition store' - i.e. store that contains definition(s)
related to one parent item.
Argument that is to be used for localized message parameter.
This class is final and must remain so, as it's not cloneable.
List of localizable messages, to be presented as a single message.
A template that produces a localizable message after argument expressions are evaluated into specific arguments.
A message that is to be localized into specified language.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
For use in tests ONLY.
Created by Viliam Repan (lazyman).
Single language localization for the message template.
Thread-local cache for storing objects.
Thread-local cache for storing query results.
Set of three thread-local repo caches (object, version, query).
Thread-local cache for object version.
This defines the state of account lock-out.
Created by Viliam Repan (lazyman).
Statically-typed "log" action.
It was simply not possible to provide an empty default value for logback property.
Executes "log" scripting action.
Auditing configuration for auditing by using the logging subsystem.
TODO
Configuration of logging levels, categories, log
files, etc.
Gathers log lines as they are produced by
TracingAppender
.TODO
Information how to override logging configuration.
Java class for LogicalOperatorFilterType complex type.
Collects [evaluated] assignments during login process.
Definition of "login form" module.
not use it, temporary needed interface for old reset password configuration
Segment of the logfile.
Created by Viliam Repan (lazyman).
Data structure that represents entire content of the lookup table, organized into table rows.
An object that represents lookup table.
A normalizer that converts all string to lowercase (and compares strings in a case-insensitive way).
Querydsl "row bean" type related to
QAbstractRole
.Querydsl "row bean" type related to
QAccessCertificationCampaign
.Querydsl "row bean" type related to
QAccessCertificationCase
.Querydsl "row bean" type related to
QAccessCertificationDefinition
.Querydsl "row bean" type related to
QAccessCertificationWorkItem
.Querydsl "row bean" type related to
QAccessCertificationWorkItemReference
.Querydsl "row bean" type related to
QAffectedObjectReference
.Where and how to send mail notifications (or any other mail messages).
Mail nonce authentication module.
Configuration of a particular mail server host.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Where and how to send mail messages (or any other mail messages).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
How to ensure transport-level security when sending the message.
Class that allows to return result and expected exit code from ninja execution.
May happen in case that resource is administratively set to maintenance mode.
Created by Kate on 16.12.2015.
TODO
Created by honchar
Describes the context of the manual provisioning request that is represented by a case.
Mapping prepared for evaluation (or already evaluated).
Builder for (traditional) data mappings.
Executes mappings in diagnostic mode.
Attribute mapping related attributes
To avoid passing contextDescription + now + task to many places let us aggregate this information
in this class.
Everything needed to evaluate already prepared inbound mapping.
Holds all mappings waiting for their evaluation.
TODO ...
TODO ...
Trace for mapping evaluation operation.
Evaluates
Mapping
objects.MappingEvaluatorParams<V extends PrismValue,D extends ItemDefinition<?>,T extends ObjectType,F extends FocusType>
TODO determine the fate of this class
(Traditional) data mapping.
Kind of mapping.
To be used when the exact reason of not-loaded state is not known.
Output of mappings computation: basically the triple plus some flags.
Information about mapping source during evaluation.
Specification of a mapping, typically used to identify the mapping that provided a particular focus value.
TODO
TODO
Mapping state properties after evaluation.
Mapping state property.
Strength of the mapping defines how aggressively will
the mapping be applied.
Generic set of mappings.
Specification of time-based mapping constraints.
Informs that the value was provided by a mapping (and how exactly).
Specialization of abstract mapping for regular data mappings.
Note we cannot use "extends Map" here, because in that case we would have to declare XNodeImpl as map value parameter.
Querydsl "row bean" type related to
QArchetype
.Information about the marking rule that provided a value for effectiveMarkRef (for shadows).
Manages
MarkType
objects.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
A mark is a "label" given to an object - currently a prism object, an assignment, or audited/simulation event.
Utilities for
MarkType
.Querydsl "row bean" type related to
QAssignment
.Querydsl "row bean" type related to
QAssignmentReference
.Context for matching a value against a selector or clause.
A request for matching to be sent to an external ID Match service.
A response from an external ID Match service.
Interface for generic matching rules.
Registry for matching rules.
Creates MatchingRuleRegistry populated with standard matching rules.
TEMPORARY implementation!
Querydsl "row bean" type related to
QAuditDelta
.Querydsl "row bean" type related to
QAuditEventRecord
.Querydsl "row bean" type related to
QAuditRefValue
.Querydsl "row bean" type related to
QCase
.Querydsl "row bean" type related to
QCaseWorkItem
.Querydsl "row bean" type related to
QCaseWorkItemReference
.Querydsl "row bean" type related to
QConnector
.Querydsl "row bean" type related to
QConnectorHost
.Querydsl "row bean" type related to
QContainer
.Type for container stored in database, used for
MContainer.containerType
.This class allow output for given MDC value and given level
implments logback turbofilter feature
Helps with GUI aspects of member operations on abstract roles.
Helps with creating queries regarding members of an abstract role.
Creates and optionally submits tasks for member operations on abstract roles.
"Assign members" operation.
Helps with "member unassign" operations.
Created by honchar
Created by honchar
Created by Viliam Repan (lazyman).
Configuration of memory diagnostics features.
Created by Viliam Repan (lazyman).
Configuration that specifies automatic merging of two objects.
Created by honchar.
Created by honchar.
TODO
Delivery mode.
Message property (key-value pair).
Created by Viliam Repan (lazyman).
Specifies the content of the message used with a transport mechanism, for instance mail.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Localizable template of the message used with a transport mechanism, for instance mail.
A configuration for message transports.
Provides basic message-manipulation methods to be used in scripts (typically, async update transformation scripts).
Some XNodes can hold value metadata.
Convenient data structure to provide input for metadata computation for custom transformational
metadata mappings.
Defines handling of a metadata items.
Description of the metadata item handling details, such as (TODO)
Provides information about processing of given metadata item (e.g. provenance)
related to various data items (e.g. givenName, familyName, etc).
Specification of processing of individual metadata items.
Evaluates metadata mappings.
Evaluated or to-be-evaluated metadata mapping.
Scope for this metadata mapping.
Specialization of abstract mapping for metadata mappings.
Created by honchar.
Created by Viliam Repan (lazyman).
In what situations should be this mapping template applied?
Selection of items to include/exclude when applying given metadata processing.
How object metadata should be recorded or updated.
Meta-data about data creation, modification, etc.
This class provides functionality as a holder for method performance statistics.
Created by Viliam Repan (lazyman).
Querydsl "row bean" type related to
QExtItem
.Specifies cardinality of the
MExtItem
.The container holding the extension item.
Querydsl "row bean" type related to
QFocus
.Querydsl "row bean" type related to
QOperationExecution
.Created by Viliam Repan (lazyman).
Authentication token on top of hierarchy.
A simple interface that aims to work as a custom validation plugin used in GUI.
This is a simple implementation of MidpointFormValidator interface
In this class, we define some Pointcuts in AOP meaning that will provide join points for most common
methods used in main midPoint subsystems.
Checks the signature of `midpoint.jar` file (if applicable).
Extension to the default Querydsl PostgreSQL template adding operations used by midPoint.
Simple midPoint principal.
Service that exposes security functions for internal use inside midPoint and for other
spring-security-enabled purposes.
In this filter, all incoming requests are captured and we measure server response times
using
System.nanoTime()
.Used to compare metadata from the provenance point of view.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Custom tomcat factory that used to hack embedded Tomcat setup.
The `MiningBaseTypeChunk` class represents a common base for role and user based analysis data chunks.
The `MiningOperationChunk` class represents a chunk of data used in the role analysis process.
The `MiningRoleTypeChunk` class represents a chunk of role analysis data for a specific role.
The `MiningUserTypeChunk` class represents a chunk of role analysis data for a specific user.
What is to be done when the planned start time arrives without
the task actually starting.
Refreshes a projection context after the shadow was found to be missing.
Querydsl "row bean" type related to
QLookupTable
.Querydsl "row bean" type related to
QLookupTableRow
.Querydsl "row bean" type related to
QNode
.Querydsl "row bean" type related to
QObject
.Definition enum, counterpart for our custom Postgres type `ObjectType`.
Provides access to audit events at the model level.
Created by Viliam Repan (lazyman).
Represents a model-level action (method) that can be authorized.
Commonly-used beans for model-impl module.
Commonly-used beans for model-common module.
Options to be used for compareObject calls.
EXPERIMENTAL.
Searches for container values at the model level.
Created by Viliam Repan (lazyman).
This used to be an interface, but it was switched to class for simplicity.
Simple version of model service exposing CRUD-like operations.
A service provided by the IDM Model focused on system diagnostic.
Event about model operation (TODO)
Trace for model's delta execution.
Options for execution of Model operations.
Options for execution of Model operations.
Describes an environment in which an
Expression
is evaluated.ModelExpressionEnvironment.ExpressionEnvironmentBuilder<V extends PrismValue,D extends ItemDefinition<?>>
Accesses
ModelExpressionEnvironment
via ExpressionEnvironmentThreadLocalHolder
(containing e.g. lens context, projection context, mapping, and task) to be used
from withing scripts and methods that are called from scripts.TODO
A service provided by the IDM Model that allows to improve the (user) interaction with the model.
Provides access to objects at the model level.
Model constants referenced from the outside.
Looks up security policies.
IDM Model Interface
Interface that allows location of model and model-like services,
such as ModelService and ModelInteractionService.
TODO
ModificationConstraintEvaluator<C extends ModificationPolicyConstraintType,T extends EvaluatedModificationTrigger<C>>
Preliminary version.
Handles modification operations: add, modify, delete, and a couple of others.
Constraint that triggers the rule on object modification, addition or deletion.
Created by tchrapovic.
Java class for ModificationTypeType.
Statically-typed "modify" action.
Executor for 'modify' actions.
Contains information about object modification result; primarily needed by repository caching algorithms.
Wrapper for authentication module, provide all information about actual state and
contains method that help during authentication and maybe specific for current authentication module.
TODO
SAML2 key from key store.
Possible types of key.
SAML2 key from string representation.
Define configuration for authentication module, contains all variables which we need for creating authentication filters
for module and all component which authentication modules uses.
Information about selected monitored operations.
Information about selected monitored operation.
Monitored operation.
Utility methods related to operations and cache performance monitoring.
Querydsl "row bean" type related to
QOperationExecution
.Querydsl "row bean" type related to
QOrg
.Querydsl "row bean" type related to
QOrgClosure
.Querydsl "row bean" type related to
QRole
.Querydsl "row bean" type related to
QReference
and its subtypes.Enumeration of various types of reference entities (subtypes of
QReference
)Querydsl "row bean" type related to
QReportData
.Querydsl "row bean" type related to
QResource
.Querydsl "row bean" type related to
QRole
.Querydsl "row bean" type related to
QService
.Querydsl "row bean" type related to
QShadow
.Querydsl "row bean" type related to
QTask
.Querydsl "row bean" type related to
QTrigger
.Created by Viliam Repan (lazyman).
Created by honchar
How should we handle the situations when a sub-report produces multiple values?
This handler can take a collection of triggers that have the same timestamp.
Constraint on multiplicity of assigned objects.
Work definition for the multi-propagation activity.
MultiSelectContainerTileWizardStepPanel<E extends Serializable,C extends Containerable,ODM extends ObjectDetailsModels>
MultiSelectObjectTypeTileWizardStepPanel<SI extends Serializable,O extends ObjectType,ODM extends ObjectDetailsModels>
Defines the possibility to select multiple items.
How should be a multi-source item handled.
Definition of "multi-source" item.
Created by honchar.
Created by honchar.
Created by honchar
todo not finished [lazyman]
Querydsl "row bean" type related to
QUri
.Querydsl "row bean" type related to
QUser
.Mutable interface to (some of)
ShadowSimpleAttributeDefinition
implementations.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Name of a visualization or a visualization item.
Any value (property, reference, container) along with its name.
A "safe" set of
QName
- i.e. the one where (e.g.) presence is checked using QNameUtil.match(QName, QName)
,
not Object.equals(Object)
method.Java class for NAryLogicalOperatorFilterType complex type.
Represents native object class or reference type definition.
Association class that is backed by a native implementation.
Object class definition as seen by the connector (or manually configured via XSD).
Getter interface to "UCF" part of resource object class definition.
Definition of an association class as seen by the connector (or defined in the simulated associations capability).
The resource schema as obtained from the connector (or manually specified via XSD).
NOTE: Never try to determine type (simple/reference) by querying the interfaces.
Represents native attribute (simple or reference).
Describes how to handle a natural key of multivalued items.
Created by Viliam Repan (lazyman).
Update context for nested containers stored in the same table used by the parent context.
Resolver that maps the nested items (next component of the path) to the same table (query type).
Created by lazyman on 13/03/2017.
Next planned recompute event.
Represents different levels of Spring application context initialization for midpoint.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Identify specific node authentication
State of this node w.r.t. error conditions.
Node state from the user's point of view.
Basic node operational state: whether it is up (e.g. accepting REST queries),
or it is down (known to be turned off or just not checking-in for a longer time), or starting.
Node describes a single installation of midPoint.
Specific kind of SchemaException.
Structure that specifies policy for nonce management.
Filter designed to explicitly match nothing.
Loadable model whose object is always not null.
This is a handler for "old", non-iterative (single) bulk actions.
Executes a script (a.k.a. action) on an empty or explicitly specified input.
Just a dummy activity to be used for demonstration and testing purposes.
Should a step of NoOp activity be interruptible?
A correlator that does nothing: returns "no owner" in all cases.
Factory for
NoOpCorrelator
instances."No-op" correlation that always returns "certainly no owner" result.
"No-op" normalization step (for custom indexing).
The default ("no-op") normalizer that preserves the original value unchanged.
Work definition for a no-op activity.
An alternative representation of a
ShadowSimpleAttributeDefinition
that describes a normalization-aware resource attribute:
one that has both original and normalized values.Steps to be applied during item normalization (for custom indexing).
Normalizes and matches (arbitrary) values, typically strings.
The registry of normalizers.
Creates
NormalizerRegistry
populated with standard normalizers.How should we handle the situations when a sub-report produces no values?
Asserts (mainly to the compiler) that the flow of control really should not go here.
A configuration for user notifications.
Handles notification events.
Message attachment for notifications.
XML version of Message (in notifications module).
TODO
Defines how the notification should be generated and sent.
TODO
TODO
Type for notification specific transport configuration.
Configuration that is common to all notification transports.
Type for more descriptive message transport declaration inside notifiers.
Statically-typed "notify" action.
A response from notifyChange operation.
A request for notifyChange operation.
Executes "notify" actions.
No user is logged in, although it is expected.
Implements work state "segmentation" into single null work bucket.
"Null" processor that reads XNodes into XNodes and writes XNodes as XNodes.
Object filter that passes all shadows.
DO NOT USE in production code.
"Null" work bucket content: does not restrict the query in any way.
Implements work state management strategy based on numeric identifier intervals.
Represents an integer interval.
Interprets numeric interval segmentation.
Work bucket content defined as an interval of numeric values of discriminator item.
Segmentation strategy that divides the processing space (represented by an interval of numeric
values) into a number of work buckets.
TODO
Actions executed on a given object type, with given operation (change type) and via given channel.
Object already exists.
Object with specified criteria (OID) already exists in the
repository.
ValuePolicyOriginResolver that resolves origin based on some context object (that can be retrieved).
Utility class that can be used to process objects and remove unwanted items.
Configuration of object collection-based reports.
Specifies a set of object collections ("views") to be displayed (used) at
a specific location in the system.
Object collection specification.
Specifies how a specific collection ("view") is to be displayed (used) at
a specific location in the system.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Relative difference (delta) of the object.
List of object deltas.
A class defining old object state (before change), delta (change) and new object state (after change).
Experimental.
List of object delta operations (deltas + operation results).
TODO
The name is a bit ridiculous but we need to distinguish it from ObjectDeltaUtil in prism module.
Describes a change of a specific object.
Java class for anonymous complex type.
Secondary deltas from already completed waves.
Delta for a specific execution wave.
TODO
EXPERIMENTAL
This object contains factory methods for each
Java content interface and Java element interface
generated in the com.evolveum.prism.xml.ns.
This object contains factory methods for each
Java content interface and Java element interface
generated in the com.evolveum.prism.xml.ns.
Functional interface to inject filter evaluation code.
Specifies the set of forms that are used for displaying and
editing of objects, such as User, Role, Org, ...
Specifies form that are used for displaying and
editing of specific object type
Classes implementing this interface are used to handle arbitrary objects (not always
PrismObject
instances),
typically - but not necessarily - coming from iterative search operation.Extension of validator used to import objects to the repository.
TODO better name?
Task handler for "Object integrity check" task.
Definition for object integrity check activity.
Created by honchar.
Computes effective object marks and their deltas.
Class responsible for object merging.
Describes a change of attributes of a specific object.
Object with specified
ObjectNotFoundException.type
and identifier (ObjectNotFoundException.oid
) has not been found in the repository or in other
relevant context.Object with specified criteria (OID) has not been found in the
repository.
Deals with
effectiveOperationPolicy
in objects (currently shadows).Contains effective mark refs (both production-mode and current-mode), and computed effective operation policy
(for the current mode).
Shadow specific provisioning policy.
Describes definition of object ordering.
Position of an object (an item in the language of prism) within midPoint objects structure.
Definition of policy for a specific object type.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Evaluation context for object-based policy rule.
Request to process an object.
Was the object added, modified, deleted, or unchanged (unmodified)?
Formats object reference value into two columns (oid, name).
Denotes referenced object, like "assignment/targetRef/@/name" (name of assignment's target object)
Reference to an object.
TODO update this class by adding missing features (targetName, oid, type, relation).
Java class for anonymous complex type.
The callback from some object utilities to resolve objects.
Resolves the owner referenced to by
OwnerClause
.TODO
Extracted relevant security constraints related to given object.
TODO what about the subtypes of
ObjectSelectorType
?Selects some objects from all the objects in midPoint.
This is a set of objects that considers objects being equal by simply comparing their OIDs.
A definition that applies to a set of repository objects.
This is a specification of objects to be processed in more-or-less raw form.
Work definition that can provide object set specification.
Specifies a set of repository objects to be processed.
On what object state is the constraint evaluated?
TODO
Defines a synchronization properties (configuration) for a
resource.
Defines a synchronization properties (configuration) for a
resource.
Defines a synchronization properties (configuration) for a
specific type of object, e.g.
Object-template-related settings related to correlation.
Internal interface used for handling includeRef references.
TODO
Description of the common item handling details, such as display name,
read/write access and value and synchronization expressions.
Unfortunately, this cannot extend MappingConfigItem because of the conflict in generic type parameters.
Merges
ObjectTemplateType
objects.Processor to handle object template.
TODO: update
The user template used to create new users.
Structure that contains all primary changes requested: from focus as well as from projections.
Container for ChangesRequested (focus primary delta and/or projection primary deltas).
Common supertype for all identity objects.
A merger specific to resource definitions: creates inheritance relations between the same definitions
(matched by kind and intent).
Util class for creating different list types, e.g. list of assignable object,
list of searchable objects, list of object types, etc.
Created by Viliam Repan (lazyman).
Configuration for default object type.
Methods that would belong to the ObjectType class but cannot go there because
of JAXB.
Enhanced validator that also produces more information about how validation item should be updated.
Validator that can process objects, validate them, check for errors and warning
and possibly even transform object during upgrades.
Evaluator that validates the value of any object property.
Specifies how reference variables should be provided for the script.
OpenId Connect authentication module.
Possible client authentication methods.
OpenID Connect client.
OpenID Provider.
OpenID Connect resource server.
Segmentation strategy that divides the processing space into a number of buckets based on OID values.
This encoder with encode/decode
OnePageParameterEncoder.PARAMETER
to path
and all other parameters as query parameters.Define that resource server expect opaque token, which have to be verified by user info endpoint.
Request to open a (pre-created) case.
In-memory repository of open simulation result transactions.
Operation being recorded: represents an object to which the client reports the end of the operation.
Use new
OperationsPanel
and OperationPanelPart
to create proper HTML for this panel ("card" with fieldsets that are responsive)Manages metadata (mostly before delta execution), but also some other operational data, namely assignment effective status.
All values are parent-less here, to be directly insertable into beans and deltas.
Structure containing metadata about operational state of the resource.
The business context of an operation.
Prepares complex OperationExecutionType records for search-iterative and live-sync/async-update tasks.
Specification of where to write operation execution record.
How operationExecution records should be updated.
Information about operation execution record real owner.
Type of an operation execution record.
Information about an operation executed on an object.
Writes provided OperationExecutionType records into objects.
A request to write an operation execution record.
This class provides basically the functionality of MidpointInterceptor.
Kind of operation (captured by OperationResult).
Monitored operation.
What monitored operations to trace.
Created by Viliam Repan (lazyman).
Experimental.
TODO
Severity level of operation policy violation.
Collection of scripts to be executed for various provisioning operations.
Specifies how and when a script is executed during provisioning.
Created by honchar
Provides rich information about an operation being executed; mainly for the sake of error reporting and functional/performance troubleshooting.
== Information Collected
There is a lot of information collected, but the following properties are the most important:
- result *status* (
OperationResultStatus
): success, partial/fatal error, warning, ..., along with
an optional *message* and *Java exception*,
- operation invocation *parameters*, *return value(s)*, and sometimes information about the execution *context* (e.g. implementation
class name),
- *performance-related information*, like start/end timestamps, or duration (for performance diagnostics),
- TraceType
records (for troubleshooting),
- *logfile lines* produced during the operation execution (for troubleshooting).Used to postpone initialization of OperationResult until parameters and context items are set - in order to log
operation entry correctly.
Specifies what level of detail should be preserved in the operation result.
Strategy for operation result aggregation.
Level of importance of given OperationResult.
TODO
TODO
Created by Viliam Repan (lazyman).
Prints operations performance information.
Information about methods performance.
EXPERIMENTAL.
Operation execution statistics/state.
Created by Viliam Repan (lazyman).
The purpose of this class is unclear.
Define type of operation.
TODO
Options for showing
OpResult
objects.Adds recompute triggers to objects in an optimized way:
- The triggers are set to a given time in future (e.g. 1 minute from now)
This is a preliminary implementation.
TODO
TODO
Java class for OrderDirectionType.
Filter processor that resolves
OrgFilter
.Definition of object with respect to subject membership in organizational hierarchy.
Defines applicability scope in the organizational structures.
Created by honchar.
Created by honchar
Created by honchar
Evaluates organization tree questions.
Created by honchar
Created by honchar
Organizational unit, division, section, object group, team, project or any other form of
organizing things and/or people.
Sets the origin information in prism values being merged.
This enum defines source from where a change in property value occurred.
The object (currently supported are tasks) is orphaned i.e. has declared a parent but the parent does not exist.
State of activity not connected to the current activity run.
TODO description + better name
Represents limitation to a given target (i.e. through a given assignment path or paths).
Limitations related to other privileges, like the ability to complete work items.
Processor that evaluates values of the outbound mappings.
Counter keyed by a qualified outcome.
TEMPORARY
The container consists of statistical data about object.
Represents the outlier status in role analysis.
Implements the outlier category clustering operation for role analysis.
Category classification.
The `PatternResolver` class implements the `DetectionOperation` interface and provides
the algorithms for performing user-based and role-based pattern detection within the
role analysis process.
The `PatternResolver` class implements the `DetectionOperation` interface and provides
the algorithms for performing user-based and role-based pattern detection within the
role analysis process.
Represents the outlier status in role analysis.
TODO
Filter processor that resolves
ExistsFilter
.Selects some objects from all the objects in midPoint.
Internalized (parsed) form of correlation option identifier (like `none` or `existing-XXX`).
Resolves the owner referenced to by
OwnerClause
.Created by Viliam Repan (lazyman).
Umbrella class for each page created for any authentication module.
Created by acope on 9/14/17.
Created by Viliam Repan (lazyman).
PageAssignmentHolderDetails<AH extends AssignmentHolderType,AHDM extends AssignmentHolderDetailsModel<AH>>
Created by Viliam Repan (lazyman).
Created by honchar.
Annotation for the page which contains url address, on which the page is available,
and authorization urls for page, which logged user have to have.
Behavior which disables component if actual page class equals to disabledPage defined by constructor parameter.
How to handle paged searches.
Base class for error web pages.
Created by honchar
this class is created to link Import resource definition
menu item to a separate class (to fix menu item enabling issue)
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by honchar.
Displays all certification decisions.
Result object for potentially paginated content.
Page that displays just the operation result.
Created by honchar.
Automatically redirected after successful authentication when password reset requested.
Created by honchar
Created by honchar
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Subpage for system configuration of secrets providers.
Page with no authorizations.
Created by honchar.
This is simple visible/enable behaviour for use in top menu.
Created by Viliam Repan (lazyman).
Created by honchar.
Created by Viliam Repan (lazyman).
Parameters limiting the number of returned
entries, offset, etc.
Tab that contains a singleton panel.
List of constants used to identify panels.
Implementation of EquivalenceStrategy that uses a parametrization of built-in equals/hashCode/diff methods.
Describes input parameters.
Formatter for `ParamsType` objects.
A container for task parent and root.
A clause that:
.
Denotes parent object or container.
Allows a visitor to follow the path along the "parent" relationship.
Internal (parsed) representation of a collection of selector-qualified
GetOperationOptions
.Source for prism parser (file, input stream, string, DOM tree, ...).
TODO TODO TODO
Migrator that comes into play when content is parsed.
TODO description
Options that allows to select only some of the projector/clockwork parts to process.
Specifies whether a particular part should be processed or not.
Code common to all three reconciliation sub-activities: operation completion, resource reconciliation,
and remaining shadows reconciliation.
Parsed form of
SimulationMetricPartitionScopeType
.Accepts (maybe repeatedly) a value and - on request - passes it to specified
Consumer
.Describes capability to present password in a structured way.
Additional security applied when changing a password.
The way how a resource password is compared with the current password.
Structure that specifies policy for password management.
Created by Viliam Repan (lazyman).
Additional options for configuring the password hint when changing or resetting the password.
Contains a single entry of the password history.
TODO
Returns value set triple derived from specified (or default) source by resolving specified path.
This is NOT autowired evaluator factory.
Special case of a map that has ItemPath as a key.
Carries out and holds assignment evaluation:
1. evaluation of the condition,
2. evaluation of payload (delegates to
PayloadEvaluation
),
3. evaluation of targets (delegates to TargetsEvaluation
).A "safe" set of
ItemPath
- i.e. the one where (e.g.) presence is checked using ItemPath.equivalent(ItemPath)
,
not Object.equals(Object)
method.Visits only objects that are on the specified path or below.
Experimental class for calculating confidence values based on detection patterns.
The `DetectionOption` class represents detection options for role analysis.
Matches a string against a set of patterns that can be either in "naive" format, using "*" as a wildcard,
or in regex format.
The `PatternResolver` class implements the `DetectionOperation` interface and provides
the algorithms for performing user-based and role-based pattern detection within the
role analysis process.
Configuration for a primary change processor aspect.
Execution status.
Created by Viliam Repan (lazyman).
Description of an operation that is pending (in progress) or that was
recently completed.
Type of pending operation.
EXPERIMENTAL.
This class simply collects basic information about midPoint performance, specifically basic
CPU, memory usage and current thread state.
Ensures formatting of performers (approvers, reviewers) comments before storing them into metadata.
Simple "no-op" formatter to be used when no real implementation is available.
Instructions how to format approvers/reviewers comments before storing them into metadata.
TEMPORARY
Persona construction.
Runs persona-related changes after the primary operation is all done.
Created by Viliam Repan (lazyman).
Represents a JSON request to match a person (`Request`) or to force a reconciliation of
a person (`Forced Reconciliation Request`).
Data that are passed between individual scripting actions.
PlainIterativeActivityRun<I,WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
Run of a plain iterative activity.
Provides execution logic and/or execution state related to a plain iterative activity run.
Special construction subclass that represents resource object constructions as defined in the `schemaHandling`
section of the resource definition.
PlainStructured object is "bean-like" value object, which contains
set of getters / setters generated from schema.
Describes an attempt that is to be made.
Simple enumeration that refers to the plus, minus or zero concepts
used in delta set triples.
Specifies the point in time for the returned data.
TODO
Actions that are executed as reactions to triggered policy rules.
Common supertype for policy actions.
Trace for policy constraint evaluation operation.
PolicyConstraintEvaluator<C extends AbstractPolicyConstraintType,T extends EvaluatedPolicyRuleTrigger<C>>
Evaluates given policy constraint within specific context.
TODO
How should be triggering of this constraint presented, e.g. in enforcement messages,
in approvals, in certification, in notifications, etc.
References another policy constraint.
Set of governance, risk management, compliance (GRC) and similar policy constraints
that influence the identity model.
Describes what the policy "decides" about a specific account.
Recorded exception from a policy rule.
Defined items and rules for generating/validating values
Defined items and rules for generating/validating values
TODO
EXPERIMENTAL
Evaluation context for a policy rule.
On what target is the policy rule intended to be evaluated.
Trace for policy rule evaluation operation.
Any event that is triggered by the 'notify' policy rule action.
A facade for various actions related to handling of policy rules: evaluation, enforcement, and so on.
Context related to evaluation and processing of policy rules.
Executes scripts defined in scriptExecution policy action.
Information about the policy rule that provided a value for effectiveMarkRef.
These rules specify compliance and governance constraints.
Constraint that triggers the rule when the object is in a given policy situation(s).
Information about the policy statement that provided a value for effectiveMarkRef (for shadows).
Statement specifying explicit include (marking) of object or exclude from specified policy.
Specifies limits when is the action executed.
Object containing elements of business or governance policy.
Provided object does not conform to the policies (such as password policy).
Polymorphic string.
Created by honchar
Created by honchar
Filter processor for a polystring attribute path (Prism item).
This is NOT a generated class.
Polystring->string normalization step (for custom indexing).
Normalizer for strings, usually connected with
PolyString
.Created by Viliam Repan (lazyman).
Special normalizer that keeps only the `norm` value of
PolyString
instances.Special normalizer that keeps only the `orig` value of
PolyString
instances.WARNING: this is NOT a generated code.
WARNING: this is NOT a generated code.
Polymorphic string.
Created by Viliam Repan (lazyman).
TODO
TODO
Populates prism value with values as defined in PopulateType
Node by locations position cursor in AST, cursorIndex points to branch in node where the terminal symbol is located
Created by Dominik.
Supports "intelligent" specification of a set of item paths formed by three kinds of primitives:
- "include all items" (corresponds to an authorization with neither `item` nor `exceptItem` values)
- "include specified items (plus children)" (corresponds to an authorization with `item` values)
- "include all items except for specified items (plus children)" (corresponds to an authorization with `exceptItem` values)
This object is gradually built by calling
PositiveNegativeItemPaths.collectItemPaths(Collection, Collection)
method providing increments
to `item` and `exceptItem` sets.Additional filter used to match objects (returned by the iterative search) with the objectclass/kind/intent
specification, which is typically given in the synchronization task.
Represents a potential match obtained from ID Match service.
Abstract class for predefined activation mapping evaluators.
Predefined configuration sets.
Predefined transformation of an operation requested to specific request.
A normalization step taking only prefix into account (for custom indexing).
Evaluates "pre-mappings" i.e. inbound mappings that are evaluated before the actual clockwork is run.
Prepared Prism Query with placeholders.
Prepared Query represents query with filter with placeholders, which can be used for search.
This configuration will pre-provision a disabled account defined time before focus's activation/validFrom date.
This evaluator pre-provision account base on duration from configuration
PreProvisionActivationMappingType
.A code that executes before local or distributing activity run takes place.
Used to define preview panels, for now it is only used on home (dashboard), but maybe later, we will need to
show tables/forms in preview form also at other places.
Configuration for PrimaryChangeProcessor.
Set of prism-related asserts.
Prism specific configuration, mainly for performance optimizations and tuning
Prism container groups items into logical blocks.
Definition of a prism container.
The "createXXX" methods also add the new definition into this container.
Definition of a property container.
Property container groups properties into logical blocks.The reason for
grouping may be as simple as better understandability of data structure.
Used when accessing an item whose definition was removed.
Model that returns PrismContainerValueWrapperModel base on path.
Compiled security constraints for a given operation and phase applicable to a prism entity
(
Item
or PrismValue
).Compiled constraints related to an
Item
; they describe access to their values.Compiled constraints related to a
PrismValue
; they describe access to contained sub-items.Just a DTO.
"Basic" aspect of a prism item definition (whatever that means - TBD)
Common elements for property, reference and container definition.
PrismItemInstantiableDefinition<T,V extends PrismValue,I extends Item<V,ID>,ID extends ItemDefinition<I>,D extends ItemDelta<V,ID>>
Creating values, deltas, and so on.
How values are matched/compared.
MISC - to be decided
TODO
Presentation and documentation related aspects (originally from
Definition
).Marker interface to distinguish property/reference/container/any lists in prism containers.
Interface to plug in a monitoring code to prism.
Common supertype for all identity objects.
TODO
MidPoint Object Definition.
Common supertype for all identity objects.
Extension of PrismContainerValue that holds object-specific data (OID and version).
Extension of PrismContainerValue that holds object-specific data (OID and version).
Parses a given input into prism or POJO objects.
The same as PrismParser but has no IOException on parseXYZ methods.
Presentation and documentation related aspects (originally from
Definition
).Property is a specific characteristic of an object.
Definition of a prism property.
Property Definition.
Property is a specific characteristic of an object.
Object Reference is a property that describes reference to an object.
Object Reference Schema Definition.
Object Reference is a property that describes reference to an object.
Schema as a collection of definitions.
Object that allows modifying a
PrismSchema
- unless it's immutable.Methods that help non-standard (lazy?)
Util methods for PrismSchemaTypeUtil for converting xsd schema to PrismSchemaType and PrismSchemaType to xsd schema
Takes care of serializing prism objects and other beans, i.e. converts java form to
lexical representation (XML/JSON/YAML strings, DOM tree) or intermediate one (XNode).
Statically holds an instance of PrismContext (and maybe other beans later).
Class that statically instantiates the prism contexts and provides convenient static version of the PrismContext
and processor classes.
TODO clean this up as it is part of prism-api!
DeltaSetTriple that is limited to hold prism values.
DeltaSetTriple that is limited to hold prism values.
Describes set of items that are or have been processed.
Describes an item (typically an object) that is or has been processed.
Parsed analogy of
SimulationResultProcessedObjectType
.Metric information, currently for reporting purposes.
ItemDelta
augmented with functionality needed to display it in a complex way, for example,
with the information on real change(s) to the object.Value touched by a delta, along with their processing
ProcessedObject.ValueWithState.State
.Default (and the only) implementation of
ProcessedObject
.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Responsible for distributing instances of
ItemProcessingRequest
to individual worker threads.Specifies the basic scope of synchronization (or potentially other resource-related) activity, usually given
by [resource, kind, intent, object class name] tuple.
Traces processing of low-level operations like selectors or authorizations processing.
Specifies requirements on execution of processor methods through ClockworkMedic.partialExecute
and related methods.
Marker annotation for medic-invocable projection processor method.
Typical processor "component-level" method that performs a well defined part of the computation.
Almost the same as
Supplier
, but this one is Serializable
.A configuration for profiling features of midPoint.
This is a blueprint for single method call, or ProfilingEvent as we call it.
IMPORTANT NOTES:
1.
This filter provides functionality to profiling loggers to act as they don't inherit
rootAppender, thus forwarding profiling and performance logs only into MIDPOINT_PROFILE_LOG.
EXPERIMENTAL
Represents a progress bar component used for visualizing progress in the user interface.
Represents a form containing multiple progress bars, each visualizing the frequency of certain values.
Represents a progress bar component used for visualizing progress in the user interface.
Object capable of receiving updates on progress.
Describes a state of the operation.
There are some basic kinds of activities relevant for progress reporting.
We usually report on entering and exiting a particular activity.
An interface that model uses to report operation progress to any interested party (e.g.
Just collects model contexts as they are reported by the clockwork.
Created by Viliam Repan (lazyman).
A page that supports progress reporting, e.g. page for editing users, orgs, roles.
A page that supports progress reporting, e.g. page for editing users, orgs, roles.
Typical processor "component-level" method that performs a well defined part of the computation.
Represents execution of a change on given projection.
Used to find a matching projection context.
Uniquely identifies
ModelProjectionContext
.Processor for projection credentials.
Updates focus -> shadow links (linkRef, to be renamed to projectionRef)
based on
ShadowDeathEvent
emitted by provisioning.Evaluates a set of mappings related to a projection.
TODO
TODO
TODO
Specification of the way how projections are handled on the resource.
Responsible for the acquisition of all projections for a focus.
Creates value metadata for source projections: resource objects that are to be fed into inbound
mappings.
Processor that determines values of account attributes.
Projector recomputes the context.
Runnable with proper set of exceptions that fit running of projector components.
Trace for Projector component operation.
Marker interface for processors in Projector.
Trace for Projector.project operation.
Work definition for the propagation activity.
Properties secrets provider.
This class is used to wrap
PrismProperty
values for JAXB objects with
List
properties.Java class for PropertyComplexValueFilterType complex type.
Relative difference (delta) of a property values.
TEMPORARY.
Relative difference (delta) of a property values.
TODO
JAXB version of PropertyModificationOperation class.
Java class for PropertyNoValueFilterType complex type.
DEPRECATED
Java class for PropertySimpleValueFilterType complex type.
Helps with the consolidation of attribute and auxiliary object class values.
Expression gets IntegerStatType as an input, IntegerStatType is derived from collection.
TODO
Specific subtype for protected binary byte array data.
This class was originally generated.
Panel factory for protected strings in connector configuration.
Panel for ProtectedStringType that contains choices for 'clean' password panel and configuration of secret provider
Panel factory for protected strings.
Created by honchar
This class was originally generated.
Created by honchar
Created by honchar
Creates protectors based on corresponding builder objects.
Ultimate origin of the data.
Mapping that manages provenance metadata.
Specifies data provenance properties for a particular data feed (source), such as resource.
Provenance metadata provide high-level information about origin of the value.
Configuration of a service provided by midPoint.
DTO that contains provisioning run-time configuration and diagnostic information.
Util methods for working with shadows and resources.
TODO reconsider usefulness of this class
Client-provided context of a provisioning operation.
Trace for provisioning operation.
Type of an operation (change).
Script argument.
An enumeration that defines where the script will be executed.
Specifies a script to be executed during provisioning.
Provisioning Service Interface
* Status: public
* Stability: STABLE, only compatible changes are expected
This service retrieves information about resource objects and resources
and handles changes to resource objects.
This is "live" provisioning statistics.
Statistical information on operations executed on a specified resource, dealing with given object class.
Information on operations of given type and result status.
Prints provisioning statistics.
Statistical information on operations executed on resources.
TODO
Work state for a pure composite activity.
Statically-typed "purge-schema" action.
Executes "purge-schema" action.
Querydsl query type for "m_abstract_role" table.
Mapping between
QAbstractRole
and AbstractRoleType
.Querydsl query type for "m_access_cert_campaign" table.
Mapping between
QAccessCertificationCampaign
and AccessCertificationCampaignType
.Querydsl query type for "m_access_cert_case" table.
Mapping between
QAccessCertificationCase
and AccessCertificationCaseType
.Querydsl query type for "m_access_cert_definition" table.
Mapping between
QAccessCertificationDefinition
and AccessCertificationDefinitionType
.Querydsl query type for "m_access_cert_wi" table.
Mapping between
QAccessCertificationWorkItem
and AccessCertificationWorkItemType
.Querydsl query type for case work item reference tables.
Mapping between
QAccessCertificationWorkItemReference
and ObjectReferenceType
.Querydsl query type for affected object reference tables.
Mapping between
QAffectedObjectReference
and ObjectReferenceType
.Querydsl query type for "m_archetype" table.
Mapping between
QArchetype
and ArchetypeType
.Querydsl query type for "m_assignment" table.
Querydsl query type for "m_assignment_holder" table.
QAssignmentHolderMapping<S extends AssignmentHolderType,Q extends QAssignmentHolder<R>,R extends MObject>
Mapping between
QAssignmentHolder
and AssignmentHolderType
.Mapping between
QAssignment
and AssignmentType
.Querydsl query type for assignment reference tables (for assignment metadata references).
Mapping between
QAssignmentReference
and ObjectReferenceType
.Mapping between
QAssignmentReference
and ObjectReferenceType
.QAssignmentReference<O extends com.evolveum.midpoint.repo.sqale.qmodel.assignment.MAssignmentReference.Owner>
Querydsl query type for assignment reference tables (for assignment metadata references).
Mapping between
QAssignmentReference
and ObjectReferenceType
.Querydsl query type for `MA_AUDIT_DELTA` table.
Mapping between
QAuditDelta
and ObjectDeltaOperationType
.Querydsl query type for `MA_AUDIT_EVENT` table.
Mapping between
QAuditEventRecord
and AuditEventRecordType
.Querydsl query type for `MA_AUDIT_REF` table.
Mapping between
QAuditRefValue
and AuditEventRecordReferenceType
.Querydsl query type for "m_case" table.
Querydsl query type for "m_case_wi" table.
Mapping between
QCaseWorkItem
and CaseWorkItemType
.Querydsl query type for case work item reference tables.
Mapping between
QCaseWorkItemReference
and ObjectReferenceType
.Querydsl query type for "m_role_analysis_cluster" table.
Querydsl query type for "m_connector" table.
Querydsl query type for "m_connector_host" table.
Mapping between
QConnectorHost
and ConnectorHostType
.Mapping between
QConnector
and ConnectorType
.Querydsl query type for "m_container" table.
Mapping between
QContainer
and Containerable
.QContainerWithFullObjectMapping<S extends Containerable,Q extends QContainerWithFullObject<R,OR>,R extends MContainerWithFullObject,OR>
Querydsl query type for "m_dashboard" table.
Mapping between
QDashboard
and DashboardType
.Querydsl query type for "m_ext_item" table with the catalog of indexed extension items.
Querydsl query type for "m_focus" table.
Querydsl query type for "m_focus_identity" table.
Mapping between
QFocusIdentity
and FocusIdentityType
.Querydsl query type for "m_form" table.
Querydsl query type for "m_function_library" table.
Mapping between
QFunctionLibrary
and FunctionLibraryType
.Querydsl query type for "m_generic_object" table.
Mapping between
QGenericObject
and GenericObjectType
.Querydsl query type for "m_lookup_table" table.
Mapping between
QLookupTable
and LookupTableType
.Querydsl query type for "m_lookup_table_row" table.
Mapping between
QLookupTableRow
and LookupTableRowType
.Querydsl query type for "m_mark" table.
Querydsl query type for "m_message_template" table.
Mapping between
QMessageTemplate
and MessageTemplateType
.Deprecated.
A list of QNames, to be used e.g. for
Annotation.NATURAL_KEY
.QName <-> URI conversion.
Search wrapper for search only in memory for multivalue containers.
Search wrapper for search only in memory for multivalue containers.
Querydsl query type for "m_node" table.
Querydsl query type for "m_object_view" table.
Querydsl query type for "m_object_collection" table.
Mapping between
QObjectCollection
and ObjectCollectionType
.Mapping between
QObject
and ObjectType
.Querydsl query type for object owned references.
Mapping between
QObjectReference
and ObjectReferenceType
.Querydsl query type for "m_object_template" table.
Mapping between
QObjectTemplate
and ObjectTemplateType
.Querydsl query type for "m_operation_execution" table.
Mapping between
QOperationExecution
and OperationExecutionType
.Querydsl query type for "m_org" table.
Querydsl query type for org closure table.
Querydsl query type for "m_role_analysis_outlier" table.
Behavior common for child tables owned by other table, either directly by object
or another container.
Marks mappings for
QOwnedBy
entities.Querydsl query type for "m_policy" table.
Mapping between
QPolicy
and PolicyType
.Querydsl query type for "m_reference" table that contains all persisted object references.
QReferenceMapping<Q extends QReference<R,OR>,R extends MReference,OQ extends FlexibleRelationalPathBase<OR>,OR>
Base mapping between
QReference
subclasses and ObjectReferenceType
.Querydsl query type for "m_report" table.
Querydsl query type for "m_report_data" table.
Mapping between
QReportData
and ReportDataType
.Mapping between
QReport
and ReportType
.Querydsl query type for "m_resource" table.
Mapping between
QResource
and ResourceType
.Querydsl query type for "m_role" table.
Querydsl query type for "m_security_policy" table.
Mapping between
QSecurityPolicy
and SecurityPolicyType
.Querydsl query type for "m_sequence" table.
Mapping between
QSequence
and SequenceType
.Querydsl query type for "m_service" table.
Mapping between
QService
and ServiceType
.Querydsl query type for "m_role_analysis_session" table.
Querydsl query type for "m_shadow" table.
Mapping between
QShadow
and ShadowType
.Querydsl query type for "m_shadow_partition_def" table.
Querydsl query type for "m_system_configuration" table.
Mapping between
QSystemConfiguration
and SystemConfigurationType
.Querydsl query type for "m_task" table.
Querydsl query type for "m_trigger" table.
Mapping between
QTrigger
and TriggerType
.Item processing outcome plus optional qualification.
Formats bucket content value into three columns (characterization, from, to).
Here is the language structure:
TODO cleanup this interface
Note that expressions are not serialized yet.
Instant converter for Querydsl.
String to JSONB converter for Querydsl.
Query related repository exception.
TODO it is still unclear if this interface will be officially supported.
Defined how the expression will be interpreted in queries when it returns
empty (or null) values.
Key for repository query cache.
Common mapping functionality that covers the need for mapping from item paths
to table columns, but also to nested embedded mappings (e.g. metadata).
Holds
QueryTableMapping
instances obtainable by various key (e.g. schema type Q-name).Common supertype for mapping items/attributes between schema (prism) classes and tables.
TODO
TODO move to more appropriate place (common for both wf and certifications)
Specifies type of quote.
Querydsl query type for "m_uri" table that contains repetitive URIs (e.g. channels).
Querydsl query type for "m_user" table.
Querydsl query type for "m_value_policy" table.
Mapping between
QValuePolicy
and ValuePolicyType
.Implementation of the top-level of the Query fluent API grammar (see
QueryBuilder
).Sampling using random distribution of samples.
Variable is in the form
- (empty)
- number
- number:Y or
- number:X:Y
Returns a random number between X and Y (inclusive), with the default values of X = 0, Y = 999999999.
TODO
TODO
Formatting that - in fact - does nothing.
A shadow that was fetched from the repository OR that is going to be (or was) added to the repository.
A class used to hold raw XNodes until the definition for such an object is known.
This interface represents a basic property used for rbac user type generation.
Utility methods for generating rbac data.
This class represents a Contractor in the system.
This class represents an Irregular User in the system.
This class represents a Manager User in the system.
This class represents a Regular User in the system.
This class represents a Sales User in the system.
This class represents a Security Officer in the system.
This class represents a Semi Regular User in the system.
This abstract class represents a user type generator used for initial user object RBAC generation.
Describes read capability.
This applies to all read operations, therefore it will add "hook" into:
ModelService.getObject(Class, String, java.util.Collection, com.evolveum.midpoint.task.api.Task, com.evolveum.midpoint.schema.result.OperationResult)
ModelService.searchObjects(Class, com.evolveum.midpoint.prism.query.ObjectQuery, java.util.Collection, com.evolveum.midpoint.task.api.Task, com.evolveum.midpoint.schema.result.OperationResult)
ModelService.searchObjectsIterative(Class, com.evolveum.midpoint.prism.query.ObjectQuery, ResultHandler, java.util.Collection, com.evolveum.midpoint.task.api.Task, com.evolveum.midpoint.schema.result.OperationResult)
TODO: this is just super simple, not stable, not finished yet.Deprecated.
Type for recipient expression, which can be either a focus or a string.
Created by Dominik.
Recomputes specified objects.
Recomputes specified objects.
Statically-typed "recompute" action.
Executes "recompute" action.
The reason of existence of this class is to send
ReconciliationResult
object to ReconciliationResultListener
after the whole activity finishes.Launches reconciliation activity tasks.
Processor that reconciles the computed account and the real account.
Testability interface.
Executes the reconciliation.
State of the reconciliation activity.
TODO
TODO
Defines the target (page/panel/url) to be redirected to
Executes "reencrypt" action.
Common contract for types representing reference real values (not
PrismReferenceValue
).Creates
ShadowReferenceAttributeValue
s based on projections of given role.Panel for selecting object by autocomplete field for name of object and button for selecting of reference.
Validator for reference object.
Converter from Name of object (String) to ObjectReferenceType, includes supported types and custom filters
Filter processor that resolves
ExistsFilter
.Post processor for reference attributes.
Denotes reference path segment: either ".." meaning owner, or "@" meaning referenced object.
Resolves references in intelligent way: taking filters (and embedded expressions) into account.
May specify either the native or simulated references.
Creates a generic reference (or references) based on specified condition for the referenced object.
Create an expression that provides a reference based on search results.
Operation on an object would cause inconsistencies in referential
integrity.
TODO
Filter processor for reference item paths embedded in table as three columns.
Refreshable page (or component).
Delta value processor for multi-value references stored in separate tables.
RefTableItemFilterProcessor<Q extends QReference<R,OR>,R extends MReference,OQ extends FlexibleRelationalPathBase<OR>,OR>
Filter processor for reference item paths resolved via
QReference
tables.RefTableTargetResolver<Q extends QReference<R,?>,R extends MReference,TQ extends QObject<TR>,TR extends MObject>
Resolver that knows how to traverse from reference table to the reference target.
How to ensure transport-level security when sending the message.
TODO
TODO
Sampling using regular distribution of samples.
Activity handler for reindexing activity.
Re-indexes specified repository objects.
Definition of a single (custom) relation.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Deprecated.
Denotes a set of relations serving a single purpose.
Created by Viliam Repan (lazyman).
A component that holds current definition of object relations.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Definition of (custom) relations.
Configuration for relation search item.
Configuration structure related to request access UI wizard and its second step - relation selection.
Created by Viliam Repan (lazyman).
Built-in (hardcoded) relations.
A request to release work item(s) that have been claimed previously.
TODO
Element state that we can return to e.g. in the new iteration.
Interface for authentication module for remote authentication module
EXPERIMENTAL.
Activity handler for reindexing activity.
Re-indexes specified repository objects.
Represents a form containing attribute analysis results for role or user objects.
Represents a form containing attribute analysis results for role or user objects.
Provides access to audit events at the repository (
AuditService
) level.Check if database is up and available.
This is only used in tests.
Provides access to objects at the repository level.
Behavior for report.
Report configuration based on report configuration schema.
Reports outputs.
Selects which report engine should be used to render this report.
State of the report export activity.
Signals that a report output has been created.
Notifies external observers about "report created" events.
General utilities to support report creation.
Specification of midPoint report.
Base implementation class for action (Ninja command) running against the repository.
Trace for repository ADD operation.
Repository Assignment Data Provider
Interface for beans that are repository-ware, i.e. those that hold
the instance of repository service.
Read-through write-through repository cache.
TODO
Configuring various aspects of the repository - in addition to those that are configured statically
using config.xml file.
Trace for repository DELETE operation.
DTO that contains repository run-time configuration and diagnostic information.
Base repository exception.
Trace for repository getObject operation.
TEMPORARY - REMOVE
Trace for repository getVersion operation.
Creates an appropriate
SearchableItemSource
at the repository level.Runtime exception wrapping other exception that occurred during object transformation
inside mapping (e.g. tuple to schema object).
Trace for repository MODIFY operation.
Result for deserialization of prism values stored in the repository.
Information about single repository operation kind (e.g. getObject) performance.
Trace for repository operation.
General repository op (raw/cached, read/update, ...).
Formats sql (repo/audit) performance information.
Information about repository performance.
Query diagnostics request: contains query to be executed (or at least translated) and some options.
Response from the "diagnose query" operation.
Trace for repository searchObjects/searchObjectsIterative operation.
TEMPORARY - REMOVE
Identity Repository Interface.
Level of details when reporting repository performance statistics.
How are repository statistics collected.
How repository statistics are collected and reported.
Abstract request that is going to be processed by the case engine.
Created by Viliam Repan (lazyman).
Does no actual data movement; just requires that the value does exist in the target object.
not use it, temporary needed interface for old reset password configuration
Information on the resource referenced by particular
ResourceObjectConstruction
- the object
as well as information what to do in case it couldn't be resolved.Resolution of a path in a prism container definition, as far as possible.
Resolves a reference, e.g. a linkRef into a set of accounts.
Resolves definitions and old values.
Statically-typed "resolve" action.
"One stop shop" for accessing various aspects of a resource (defined by
ResourceType
object).Defines how the mapping of the activation section is handled for the resource.
The state of the resource how the administrator want it to be.
Description of the attribute handling details, such as display name,
read/write access and value and synchronization expressions.
Definition for different behaviors are handled for the resource.
Configuration of resource "business" aspects such as workflow parameters, notifications,
approvers, owners, etc.
Configuration of consistency mechanisms.
Deprecated, for removal: This API element is subject to removal in a future version.
Deprecated, for removal: This API element is subject to removal in a future version.
Deprecated, for removal: This API element is subject to removal in a future version.
TODO
Description of the common item handling details, such as display name,
read/write access and value and synchronization expressions.
"Getter" interface to "prism" part of resource attribute and association definitions.
Mutable interface to resource attribute and association definitions.
Configuration of inbound/outbound resource mappings evaluation.
Merges
ResourceType
objects.Used for both association definitions and resource object construction with associations.
Access to legacy configuration (i.e. combined association item definition + simulation definition).
Direction of a resource object association.
Describes how entitlement is associated to the subject (e.g. account or other entitlement).
Listens for notifications about resource object changes.
Describes a resource object class (e.g.
Interface allowing modifications of an object class definition.
Default implementation of
ResourceObjectClassDefinition
.Result of the object classification.
ResourceObjectConstruction<AH extends AssignmentHolderType,EC extends EvaluatedResourceObjectConstructionImpl<AH,?>>
Contains "construction bean" (ConstructionType) - a definition how to construct a resource object.
ResourceObjectConstructionBuilder<AH extends AssignmentHolderType,EC extends EvaluatedResourceObjectConstructionImpl<AH,?>,RT extends ResourceObjectConstructionBuilder<AH,EC,RT>>
Builder for resource object constructions.
Trace for evaluation resource object construction.
A definition that describes either an object class (as fetched from the resource, optionally refined by `schemaHandling`),
or an object type (as defined in `schemaHandling` part of resource definition).
Uniquely identifies resource object type or class on a resource.
Event about resource object (account) creation, modification, or deletion.
Specification of focus objects corresponding to given resource object type.
Identification of a resource object using its primary and/or secondary identifiers.
Identification that does not contain a primary identifier.
Identification that contains a primary identifier.
Specialized class that wraps a single-valued non-null primary or secondary identifier attribute.
Identifier that is a primary one.
Primary and/or secondary identifiers of a resource object.
Secondary-only identifiers.
Identifiers that contain a primary identifier.
Defines "complex inbound processing": correlation, synchronization reactions, inbounds for attributes and associations.
Definition of resource object lifecycle handling.
Describes how "multi-accounts" are treated for given object type.
Describes the options for an owner of a resource object.
An option when choosing an owner for a resource object.
Resource object pattern.
A context generally useful for the manipulation of a shadow, e.g. correlation or synchronization.
The default implementation of
ResourceObjectProcessingContext
.The strategy used to resolve resource object references.
The strategy used to resolve resource object references.
Reference to a resource object.
Generalized specification of a set of resource objects.
How should be the explicit query applied to the default query stemming from
resourceRef / objectclass / kind / intent specification.
Work definition that can provide object set specification.
Specifies a set of resource objects to be processed.
Describes a change of a specific resource object together with definitions of the source and possibly
also other information.
Description of the change in the external resource.
Execution of resource objects reconciliation (the main part of reconciliation).
Wrapper for ResourceType/schemaHandling/objectType/focus/archetypeRef.
Definition of "resource object type".
Default implementation of
ResourceObjectTypeDefinition
.Merges
ResourceObjectTypeDefinitionType
objects.Defines a type of resource objects.
Helps with
ResourceObjectTypeDefinitionType
objects.Reference to a super-type of an object type.
Delineates the boundary of a resource object type (i.e. objects that belong to that type).
Delineates the boundary of a resource object type (i.e. objects that belong to that type).
Level of binding between dependent resource objects.
TODO
Describes a dependency of an object type on another object type.
Identifies a resource object type - by kind and intent.
References an object type.
Wrapper for ResourceType/schemaHandling/objectType/focus/archetypeRef.
Specifies volatility of resource objects or their attributes, i.e. whether they can change without
explicitly requested by midPoint.
Specifies the "coordinates" of a resource operation covering multiple objects, like search, or live sync.
Describes an attempt to apply a change to a specific resource object.
Listens for
ResourceOperationDescription
events.Represents the status of a "modifying" operation (add, modify, delete) on a resource.
== Note about `fromResult` methods that create objects of this type
The content of these objects overlaps with the content of
OperationResult
.A schema covering the whole resource.
The official place where resource schemas are created.
Direct implementation of
ResourceSchema
interface.Keeps
CompleteResourceSchema
objects.TEMPORARY!
Various utility methods related to resource schema handling, including sophisticated object definition lookup.
Specialization of standard
SearchSpecification
dealing with resource objects search.Abstract class for Work Definition that work with resource set.
Aggregate bean containing resource OID, kind, intent, object class and tag flags.
Creates resource-related tasks: import, reconciliation, live sync, and maybe others in the future.
Options for
ProvisioningService.testResource(String, Task, OperationResult)
operation.Whether capabilities and schema should be written back to the resource (into repository or in-memory version).
Resource represents a system or component external to the IDM
system which we manage.
Created by honchar
Methods that would belong to the ResourceType class but cannot go there
because of JAXB.
TODO find appropriate place for this class
EXPERIMENTAL
TODO make interface generic and integrate it into model API
EXPERIMENTAL
TODO:
- existence of dependent kind/intent/resource (in thorough scope)
- checking references (thorough)
- mapping: unknown channel / except-channel
- empty mapping (?)
Because ResourceWizard is so simple, we want to change Previous button semantics:
it should go to physically previous step (in the list of steps); not to the previously visited step.
Marker type for an activity work definition that use resourceObjects.
TODO review
Support for simple index page with REST API endpoints (HTML and JSON).
Represents a REST action (method) that can be authorized.
Spring configuration for MVC-based REST service.
MidPoint-specific information about a REST handler method.
Classes implementing this interface are used to handle iterative results.
Helps with row transformation of result lists, possibly in stateful context.
Type that contains configuration of ConnId results handlers.
Statically-typed "resume" action.
Executes "resume" action.
TODO
Processing of the specified account should be retried later.
todo this class contains a lot of duplicate code from ReviewerStatisticsPanel
should be cleaned up
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Hyperlink with a label, menu and other data that control a rich presentation of the link.
Created by Viliam Repan (lazyman).
The RoleAnalysisAggregateChartModel class is a LoadableModel that generates aggregate
charts for role analysis based on provided data.
The `RoleAnalysisAlgorithmUtils` class provides utility methods for processing and analyzing data clusters
and outliers in role analysis.
Contains information about...
Contains information about...
The model for the role analysis attribute chart.
Represents the role analysis attribute chart panel.
Represents an attribute match with associated extension properties.
The RoleAnalysisAggregateChartModel class is a LoadableModel that generates aggregate
charts for role analysis based on provided data.
Contains information about...
Contains information about candidate roles and their analysis.
Category classification.
Enumeration representing different chunk modes that can be used for role mining data set generation.
Role analysis relation
TODO
TODO
A set of grouped objects based on density and similarity.
NOTE: This class is experimental and may be removed in the future.
Options for Detecting Business Roles
These parameters serve as key specifications for performing searches
and analyzes aimed at discovering different business roles.
Contains information about detected or found patterns.
Role analysis detection processing mode.
The RoleAnalysisModel class stores role analysis data, count of roles and users that are used in the histogram chart.
The `RoleAnalysisObjectState` enum represents the state of the role analysis object.
Role analysis operation.
Enumeration representing different operation modes for role analysis.
Information about an operation executed on an object.
This complex type defines options for role analysis.
Partitions contains information about outliers analysis result for specific session.
Contains detailed information about similar objects analysis.
Contains information about outliers and their analysis.
Contains information about the outlier statistic result.
This class represents a panel that provides an overview of a role analysis partition.
Contains detailed information about pattern analysis.
TODO
TODO
Role analysis type.
Role analysis processing mode (user or role).
The `RoleAnalysisProgressIncrement` class provides a way to increment progress during role-mining operations.
Utility methods for working with role analysis objects in the Midpoint system.
Object clustering options for "role" mode.
The container consists of statistical data about the role analysis session.
Session for role analysis, e.g. a role mining session.
The RoleAnalysisModel class stores role analysis data, count of roles and users that are used in the histogram chart.
Enumeration representing different sorting modes for role analysis.
The model for the role analysis attribute chart.
RoleAnalysisTabbedPanel<T extends org.apache.wicket.extensions.markup.html.tabs.ITab>
Utility class for resolving cell colors and status in the context of role analysis tables.
Utility class for role analysis table tools and operations.
The `RoleAnalysisUtils` class provides utility methods for various operations related to role analysis.
The `RoleAnalysisUtils` class contains utility methods used in the role analysis process.
Implements clustering of roles based process mode.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Configuration structure related to request access UI wizard and its third step - role catalog.
Role collection view defines structure that should be shown in request access UI wizard - in role catalog step.
A configuration for role management: role catalog, role assignments, etc.
General methods useful for role analysis and management, e.g. determination of "is induced by" relations between roles.
Specific activities related to role membership management, supporting e.g. the transition from application to business roles.
Definition of "role membership management" activity.
Created by Viliam Repan (lazyman).
Definition of object with respect to subject relation to a role.
A role in the extended Role-Based Access Control (RBAC) sense.
Fake root context.
Root context of the update context tree, see
SqaleUpdateContext
for more information.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Describes capability to execute operations with specified identity.
Takes care of optimized "run as" operations.
Factory for RunAsRunner instances.
Running lightweight asynchronous task.
A task that is directly used to execute the handler code.
"Statistics collection" aspect of a running task.
See the grammar in Javadoc for
QueryBuilder
.See the grammar in Javadoc for
QueryBuilder
.See the grammar in Javadoc for
QueryBuilder
.See the grammar in Javadoc for
QueryBuilder
.See the grammar in Javadoc for
QueryBuilder
.Using DELETE after ADD in fluent builder goes against the actual semantics that first
executes DELETE and then ADD - use the correct order to avoid deprecated methods.
See the grammar in Javadoc for
QueryBuilder
.See the grammar in Javadoc for
QueryBuilder
.Note: When dealing with PolyStrings, the real values should be of PolyString, not of PolyStringType type.
SAML2 authentication module support authentication via Identity provider with SAML2.
SAML2 key.
SAML2 authentication module, network configuration.
SAML2 provider.
SAML2 provider metadata.
SAML2 authentication module, service provider configuration.
Possible signing algorithm.
Sample showing a custom focus form that displays semi-static form.
Inspired by work of Cédric Champeau (http://melix.github.io/blog/2015/03/sandboxing.html)
ScanActivityRun<O extends ObjectType,WD extends WorkDefinition,MAH extends ModelActivityHandler<WD,MAH>>
Things that we want to remember for all task scanners, like scanning timestamps.
Work state for scanning activities (validity scanner, trigger scanner, shadow refresher).
Describes the state of the (local) scheduler.
Task schedule.
Why was this process started?
TODO
Note that the rule should be triggered.
Builds both prism and non-prism schemas.
Describes capability to discover resource schema.
The interface represents the schema context annotation, which provides semantic information about object.
The interface provides Getter and Setter methods of possible attributes for definition the schema context annotation in xsd.
Created by Dominik.
Created by Dominik.
Created by Dominik.
The interface provides methods of resolver that looks up the schema context based on definition from schema in specific case.
Registry for resolvers from MidPoints.
Type for prism schema definition.
Schema (prism or non-prism) with additional information.
Schema (prism or non-prism) with additional information.
Takes a midPoint Schema definition and produces a XSD schema (in a DOM form).
Error regarding schema.
TODO
Implements
EntityResolver
and ErrorHandler
that reports sax
errors to log.This is intended to help with refined resource definition parsing process.
Specification of handling details for resource
schema.
Operation that needs to be done to migrate old schema to new schema.
Annotation that describes schema changes that need to be migrated.
Just the value holder to ensure type safety.
Temporary home for a bunch of "build me" methods.
Class to be used by schema processor but also by SchemaDefinitionFactory subclasses.
Maintains system-wide schemas that is used as source for parsing during initialize and reload.
Registry and resolver of schema files and resources.
Maintains system-wide parsed schemas.
Derivation key is used for caching computed values, which depends on schema context state.
Class allow before freeze setting of SchemaRegistryStateImpl
and use it for resolving of definitions during initializing of schema.
Contains caches and provides definitions.
Builder for SchemaRegistryState.
Aggregation of various schema and prism managed components for convenience.
Constants for use in tests.
Transforms the schema and objects by applying security constraints,
object template schema refinements, etc.
Schema definition type.
Provided object does not conform to the internal schema.
Created by Viliam Repan (lazyman).
Configuration for scope search item.
Cache for compiled scripts and interpreters, aware of expression profiles.
Describes capability to execute scripts (short pieces of program) on the connector or resource.
Trace for script evaluation operation.
Object(s) on which the script should be executed.
TODO
FIXME review this description
The expressions should be created by ExpressionFactory.
The whole evaluation of a script:
ScriptExpressionEvaluatorType
compiled into ScriptExpression
and evaluated.Executes specified script written e.g. in Groovy, JavaScript, Python, etc.
Data structure that contains all the configuration details for script execution,
except for code itself.
Generic script expression.
Creates
ScriptExpression
instances.The type of the expression result, either "list" or "scalar".
Utility methods related to
ScriptingExpressionType
beans.Utility methods related to processing data objects.
Options related to evaluation of scripting expression.
Root of the expression type inheritance hierarchy.
Definition of a scripting variable.
Definition of scripting variables.
Specifies limitations (via
ScriptLanguageExpressionProfile.permissionProfile
) on execution of a script expression in given ScriptLanguageExpressionProfile.language
.Specifies restrictions for execution of script expressions.
Tool to run database scripts.
Information about script variable during evaluation.
Provides access to items (and their count) based on the search specification.
SearchBasedActivityRun<C extends Containerable,WD extends WorkDefinition,AH extends ActivityHandler<WD,AH>,WS extends AbstractActivityWorkStateType>
A run of a given search-iterative activity.
Provides execution logic and/or execution state related to a search-based activity run.
Configuration of the search box (the set of input fields that control definition of search query).
The mode of the search box.
The scope of the search box.
Evaluates "search" scripting expression.
Queries the model for objects of a given type, optionally fulfilling given condition.
Describes input parameters for the search filter.
Definition of search hierarchy scope.
TODO better class name
The list of the search properties to be configured for the search panel.
Search item
Create an expression based on search results.
A response from searchObjects operation.
A request for searchObjects operation.
Handler for searchObjects/searchObjectsIterative operations.
Producer worker for all search-based operations, such as export and verify.
Objects of this type are considered READ ONLY.
"Compiled" specification of items that are to be processed by
SearchBasedActivityRun
.Details panel for secrets provider
Panel for SecretProvider
Superclass for kind of secrets providers panel that contains table for multivalue container
Superclass for counter of secrets providers panel that contains table
Interface for component that can resolve secrets from external secrets managers (e.g. instead of decrypting them).
Base implementation of
SecretsProvider
interface.Manages secrets providers instances.
Secrets providers configuration container.
Abstract definition of a secrets provider.
Interface for component that can use initialized secret providers to resolve secrets (e.g. instead of decrypting them).
PasswordTextField that assumes its underlying model is secure enough to be serialized.
Manager of security context.
A
SecurityContextManager.ResultAwareProducer
that can throw any CommonException
.Producer of a value that is
Serializable
and operates under given OperationResult
.Needs to know about the SecurityContextManager implementation.
Answers questions about authorizations, for example whether a user is authorized to do something.
A sink for authorization/selector evaluation messages.
Merges two
SecurityPolicyType
objects.Looks up security policies.
== Exception reporting
If the security policy cannot be obtained, methods in this class throw a
SystemException
instead of specific
exceptions like ObjectNotFoundException
etc.Object that contains definitions of overall security policy.
Answer to the security question.
Definition of a single security question.
Structure that specifies policy for security questions.
Definition of "security questions form" module.
Exception indicating violation of security policies.
Popupable panel with listed items which can be searched and selected
The component can be used as More button popup or saved searches popup on search panel
Used as a clickable ajax link after which selection of the object is performed.
TODO
Select given item.
A clause of a
ValueSelector
.Keeps everything needed to evaluate whether a clause matches given value or how is clause translated to a filter.
Selector-qualified options for a get-like operation.
TODO
Translates a selector (
ObjectSelectorType
) to appropriate ObjectFilter
.Something of interest during tracing selectors and their clauses processing (matching and filter evaluation).
Just a marker.
Just a marker.
Structure that specifies policy for password management.
There are som ugly data and long strings.
Contextual information related to sending of a message.
Definition of a sequence object that produces unique values.
Created by Viliam Repan (lazyman).
Returns current value of a given sequence object.
Get a sequential value from a named sequence.
Any complex type definition (or analogous structure) that can be serialized into XSD.
Any container definition that can be serialized.
Any definition (type, item) that can be serialized.
Any item definition that can be serialized.
Any property definition that can be serialized.
Any reference definition that can be serialized.
Any schema that can be serialized into XSD.
Everything we want to maintain during the serialization process.
Collection of java.io serialization utilities.
This object type represents any kind of abstract or concrete services or devices such as servers, virtual machines,
printers, mobile devices, network nodes, application servers, applications or anything similar.
Represents an association between shadows: one subject and zero or more objects.
Definition of a
ShadowAssociation
, e.g., `ri:group`.TEMPORARY
The (currently) only implementation of
ShadowAssociationDefinition
.Definition of an association (for specific participant).
Represents iterable collection of association values either in an item delta, or in a shadow.
Complex type definition for a
ShadowAssociationsContainer
.Container holding
ShadowAssociation
objects.The enhanced definition of `associations` container (
ShadowAssociationsContainer
) in a ShadowType
object.Provides a nicer API for working with the shadow associations.
As
ShadowReferenceAttribute
but potentially raw, i.e. without definitions.Association values from the resource.
Covers working with the "new" shadow associations (introduced in 4.9).
The value of an association.
Definition of a high-level (logical) association type.
Definition of the "object" participant of the association type.
ShadowAssociationTypeParticipantDefinitionConfigItem<PT extends ShadowAssociationTypeParticipantDefinitionType>
Definition of a participant (subject or object) of an association type.
Definition of the "subject" participant of the association type.
Represents a specific shadow association value - i.e. something that is put into
ShadowReferenceAttribute
.The value of an association.
ShadowAttribute<V extends PrismValue,D extends ShadowAttributeDefinition<V,D,RV,SA>,RV,SA extends ShadowAttribute<V,D,RV,SA>>
Access to both
ShadowSimpleAttribute
and ShadowReferenceAttribute
.ShadowAttributeDefinition<V extends PrismValue,D extends ShadowAttributeDefinition<V,D,RV,SA>,RV,SA extends ShadowAttribute<V,D,RV,SA>>
Definition of a
ShadowAttribute
.
.ShadowAttributeDefinitionImpl<V extends PrismValue,D extends ShadowAttributeDefinition<V,D,RV,SA>,RV,SA extends ShadowAttribute<V,D,RV,SA>,ND extends NativeShadowAttributeDefinition>
Base implementation of
ShadowSimpleAttributeDefinitionImpl
and ShadowReferenceAttributeDefinitionImpl
.Complex type definition for a
ShadowAttributesContainer
.TODO
The enhanced definition of `attributes` container (
ShadowAttributesContainer
) in a ShadowType
object.Resource Object Definition (Object Class).
TODO review docs
Resource Object.
Attribute values from the resource.
Getter interface to "UCF" part of shadow attribute definitions.
Contains real data for UCF aspect of shadow attribute definition.
Mutable interface to properties in this class.
Shadow behavioral data.
Used for easy creation of shadow objects (with the correct definition).
Global settings for the "shadow caching" feature.
Definition of a shadow caching policy.
Scope of the shadow caching.
Result of checking a particular shadow.
Shadow constraint uniqueness setting.
How should be shadows classified?
The original idea behind this activity was to treat shadows on (asynchronous) Kafka resources that did not support
"read" operation (or did that in a very limited way).
Deletes all shadows that have not been updated for given time.
Describes what exactly is in the shadow, mainly regarding the origin of the data.
An
ObjectDelta
enriched by ResourceShadowCoordinates
(pointing to a resource object type).An
ObjectDelta
enriched by ResourceShadowCoordinates
(pointing to a resource object type).Current state of the correlation process.
Scope of the shadow credentials caching.
Emitted when a shadow is converted from live to dead and then eventually to deleted.
Listens for notifications about shadow death events i.e. when shadow is converted from live to dead and then
eventually to deleted.
Applies attributes and/or associations definitions to a shadow, delta, or query.
Created by Viliam Repan (lazyman).
Expression based on selecting a specific projection.
Shadow discriminator uniquely identifies a projection among other projections linked to the
same focus.
A preprocessor that fetched incoming object (presumably resolved using noFetch option)
in order to obtain full attributes.
TODO
An aspect of shadow integrity to be diagnosed and/or fixed.
Task handler for "Shadow integrity check" task.
Definition for shadow integrity check activity.
Temporary class, to be decided what to do with this.
Describes a dependency between shadow items.
TODO decide where to put these!
Declares the default values for lifecycle properties for shadow items definitions.
Scope of the shadow caching for a category of items other than simple attributes (e.g., associations).
Supertype for a CTD for `attributes` and `associations` shadow containers.
Supertype for
ShadowAttributesContainer
and ShadowAssociationsContainer
.The behavior of a shadow item that differs from the "pure data store" expectations.
Defines the kind of shadow.
The lifecycle state of a shadow and the corresponding resource object.
Either a
ShadowType
or ShadowAssociationValue
.Describes shadow liveness (or death) state.
On what occasion(s) is the marking done?
How is given shadow mark automatically applied to shadows.
Rules that drive automatic shadow marking.
TODO deduplicate with the similar interface in ReferenceResolver in model-api.
Rule for a single shadow mark.
Factory for
ShadowOwnerReferenceSearchExpressionEvaluator
objects.An expression evaluator that provides a reference to the owner of the shadow in question.
Purpose for existence (or non-existence) of a resource object referenced by the shadow.
Definition for a shadow reclassification activity.
"Synchronizes" resource object shadow: retrieves the resource objects and calls change notification dispatcher.
Represents a shadow reference attribute (like `ri:group` or `ri:access`).
Definition of an
ShadowReferenceAttribute
.Definition of a shadow association item, e.g., `ri:group`.
Represents iterable collection of attribute values either in an item delta, or in a shadow.
As ShadowAttributesType, but constrained to contain only reference attributes.
Update context for nested containers stored in the same table used by the parent context.
Represents a value of a
ShadowReferenceAttribute
.Reference has two sides (participants): subject and object.
Scanner that looks for pending operations in the shadows and updates the status.
Looks for pending operations in shadows and updates their status.
What kinds of objects can participate in given
ShadowReferenceAttribute
or ShadowAssociation
?TODO update this doc
Resource Object Attribute is a Property of Resource Object.
Full prism definition of a
ShadowSimpleAttribute
: has a native part and a refined part from `schemaHandling`.An attribute definition (obtained typically from the connector),
optionally refined by information from `schemaHandling` section of a resource definition.
Scope of the shadow caching for simple attributes.
TODO
TODO update this doc + consider renaming the class
Repository shadows contain normalized attribute values.
Summary report from shadow checking task run.
Created by Viliam Repan (lazyman).
TODO
Local copy of any object on the provisioning resource that is related to provisioning.
Methods that would belong to the
ShadowType
class but cannot go there because of JAXB.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
SimpleActivityHandler<O extends ObjectType,WD extends WorkDefinition,SAH extends SimpleActivityHandler<O,WD,SAH>>
Implementing class for simple model-level search-based activity handlers.
SimpleActivityHandler.ExecutionSupplier<O extends ObjectType,WD extends WorkDefinition,SAH extends SimpleActivityHandler<O,WD,SAH>>
TODO
TODO
TODO
Simple schema describing how work items for a case should be created.
Very simple expression utils.
TODO
Filter processor for a single path with straightforward type mapping and no conversions.
Deprecated.
Object resolver for simple cases.
Deprecated.
TODO
Created by Viliam Repan (lazyman).
TODO
Very simple report reader, to be used for tests or for displaying parts of reports created.
TODO
TODO
TODO
Defines a simple (non-structured) definition.
TODO document
TODO
This is just a simple representation of custom form validation error.
Created by Viliam Repan (lazyman).
TODO
Result of a sub-object correlation.
Typical processor "component-level" method that performs a well defined part of the computation.
Defines the simulated association class subject or object.
Delineates the boundary of eligible simulated association participants.
Definition of a simulated reference type.
Definition of a participant (subject or object) of a reference.
Specifies how to simulate the association class: what are the participants, what attributes to use for the association, etc.
Special subtype of
SQLQuery
supporting needs of SqaleRepositoryService.executeQueryDiagnostics(com.evolveum.midpoint.schema.RepositoryQueryDiagRequest, com.evolveum.midpoint.schema.result.OperationResult)
.Represents the data passed from the clockwork to the simulation manager via
Task
interface,
namely SimulationDataConsumer
facet.Accepts simulation data.
Merges
SimulationDefinitionType
objects.Definition of a specific simulation.
Specifies which event marks to consider for given simulation.
An aggregation function used to compute the (aggregated) metric value.
Specification of how metric values are aggregated.
Specification of how is the metric value computed for individual "processed objects".
Works with the metric computations at one place.
Explicit definition of a metric.
Parsed form of
SimulationMetricPartitionType
.Set of dimensions of a partition.
The scope of a partition, i.e. what dimensions are bound to what values and what are free.
Util for
SimulationMetricPartitionScopeType
.Partial or total aggregation of values for given metric.
Util for
SimulationMetricPartitionType
.Parsed form of
SimulationMetricReferenceType
, suitable e.g. as a map key.Reference to a metric - either by identifier (for explicitly defined ones) or by mark OID (for event mark based).
Util for
SimulationMetricReferenceType
.Definition of the use of simulation metrics for the particular type of simulation.
Values of a simulation metric, aggregated along with specific dimensions.
Util for
SimulationMetricValuesType
.A predicate over SimulationResultProcessedObjectType and/or ProcessedObject instances.
Specifies which (non-tag) metrics to consider for given simulation.
Created by Viliam Repan (lazyman).
A value of a metric observed on a particular object processed by the simulation.
Live representation of a simulation result.
Implementation note: must be thread-safe.
An object that was processed during a particular simulation run.
Created by Viliam Repan (lazyman).
Result of a simulation run.
Utilities for
SimulationResultType
.Created by Viliam Repan (lazyman).
Live representation of a simulation transaction.
Temporary
EXPERIMENTAL
Information about performance of a given (single) cache.
Report on the cache state.
SimulationData
representing a single delta (in a context).This class is final and must remain so, as it's not cloneable.
A message that is to be localized into specified language.
Experimental.
Information about single method performance.
Processor for items represented by a single column (query path).
Item filter processor related to one table column represented by the
SinglePathItemFilterProcessor.path
.Prepares (collects) inbound mappings for given single shadow.
FIXME TEMPORARY
Evaluation of inbound mappings for a single shadow only, e.g., for the purposes of correlation
or association value synchronization.
Everything necessary to carry out limited, single-shadow inbounds evaluation.
SingleTileWizardStepPanel<O extends ObjectType,ODM extends ObjectDetailsModels,V extends Containerable>
Should we skip the processing if the focus is going to be deleted?
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Smart set of assignment values that keep track whether the assignment is new, old or changed.
Visitable element that is smart enough to avoid being visited twice during one visitation.
Keeps the state of the visitation in order to avoid visiting one object multiple times.
A visitation of a structure of SmartVisitables.
Where and how to send SMS notifications (or any other SMS).
Configuration of a particular SMS gateway.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
SMS (mobile text message) nonce authentication module.
Where and how to send SMS messages (or any other SMS).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Expression evaluation source.
PrismValueDeltaSetTriple that also remembers the source from which it has originated.
Specification of a special item that cannot be described by a (fixed) item path.
Specification used to select special cases that are usually context-relative.
Utils for managing work definition for specific activities.
Used to obtain arbitrary Spring beans from withing scripts.
Audit service using SQL DB as a store, also allows for searching (see
SqaleAuditService.supportsRetrieval()
).AuditServiceFactory
for SqaleAuditService
, that is DB-based auditing.SqaleItemRelationResolver<Q extends FlexibleRelationalPathBase<R>,R,TQ extends FlexibleRelationalPathBase<TR>,TR>
Extension of
ItemRelationResolver
, this is a common contract for resolver
that helps with navigating over complex (non-single) item paths for both query
and application of delta modification.Declarative information how an item (from schema/prism world) is to be processed
when interpreting query or applying delta (delta application is addition to sqlbase superclass).
Mix of common mapping support methods that is needed on both
SqaleNestedMapping
and SqaleTableMapping
which are in separate branches of the hierarchy starting in
repo-sqlbase - which is out of reach and sqale-specific functionality can't go there.Sqale implementation for nested mapping with support for sqale specific types.
Description of internal read-by-OID operation in the context of existing JDBC session.
Set of operators supported by midPoint Native repository in addition to standard
PG template available in Querydsl.
SQL repository context adding support for QName cache.
New SQL repository related configuration.
Common part of the SQL-based repository configuration.
Repository implementation based on SQL, JDBC and Querydsl without any ORM.
Mapping superclass with common functions for
QObject
and non-objects (e.g. containers).Update context manages state information related to the currently executed modify operation.
Mapper/fetcher of many detail records for one master record.
Logger for Querydsl executed queries, set to DEBUG to log queries or to TRACE
to log parameter values as well (this causes additional formatting overhead).
Special comparing expression that does not conform to
ComparableExpressionBase
, but we need to order by it for some reason.Used to access performance monitors.
Maintains a collection of SQL performance monitors, typically one for the repository and one for SQL audit service.
Execution context of the SQL query.
Component just under the service that orchestrates query transformation and execution.
Extension of
SqlLogger
that includes buffer for queries which can be inspected later.Encapsulates Querydsl
Configuration
, our QueryModelMappingRegistry
and other parts of SQL repository config and implements methods that need these.Event describing the completion of a workflow process instance stage.
Tells the
CaseEngine
how it should open a stage.This is an activity that can be instantiated in standalone way (i.e. as a root).
Registers standard midPoint synchronization actions in
SynchronizationActionFactory
.Implements the standard category clustering operation for role analysis.
A constraint that triggers when an object or assignment is in a given state.
Utility class for manipulation of static values in expressions.
Created by Viliam Repan (lazyman).
Markup filter that uses Spring static content with content hash in URL
The panel is planned to be used on the Campaign view page
to display Campaign activities, Created reports, Approver status etc.
Describes how task statistics (including progress and structured progress) are to be collected.
An object that receives various statistics and state information, processes them and provides
them back to appropriate clients.
Logs reasonable information on item and bucket completion, with a level of detail driven by logging option set.
Indicates we should stop evaluating inbounds for given projection.
The processing should be stopped.
Type of storing exported widget data.
Creates content of string-based buckets (defined by
StringWorkSegmentationType
and its subtypes).TODO
String matching rule that ignores the case.
Work bucket content defined as interval of string values.
Describes the result of a single limitation check.
Limitations of a string value connected to given character class.
A
Normalizer
that operates on String
instances.Compiled string policy.
Limitation regarding a single character class: required minimum and allowed maximum occurrences
of characters from within this class in the generated or checked string value.
Work bucket content defined using string value prefix.
Utility methods for string substitution needs in midPoint.
Work bucket content defined using string value.
How to construct work bucket filters based on defined boundary values.
Segmentation strategy that divides the processing space (represented by a set of string
values) into a number of work buckets; either based on intervals, prefixes or exact value matching.
Interface for properties that have inner structur, such as PolyString.
Utility class intended to simplify implementation of clone / copy contract
for generated
PlainStructured
objects.Strategy for equals computation of
PlainStructured
objectsStrategy for hashCode computation of
PlainStructured
objects.Created by Viliam Repan (lazyman).
When evaluation subjected clauses, we have to know who the subject is.
Mainly when looking for assignees/candidates, what delegators (and their abstract roles) are we interested in?
Selects some objects from all the objects in midPoint.
Subreport with expression.
How should we handle the situations when a sub-report produces either either multiple values, or no values at all?
Parsed form of the subscription ID string.
Enumeration for the type of subscription.
The state of the subscription with regards to the current situation
(subscription ID presence, time, system features, and so on).
Representation of the subscription validity interval.
Enumeration for the validity status of the subscription.
Computes the
SubscriptionState
, caching components needed to compute it.Configuration of the logger: the facility that
collects log messages from subsystem code.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Originally, this was used for evaluation of `subtype` on objects.
Specifies the look and feel of the summary panel.
Reference to a super-correlator.
Declares a "super-resource".
Enumeration of supported SQL/databases (RDBMS).
Stop action.
An action that is executed during synchronization - like add focus, link, unlink, and so on.
Wraps both
SynchronizationActionType
and AbstractSynchronizationActionType
.Selects and executes a synchronization reaction.
Instantiates
SynchronizationAction
objects.Action(s) that have to be executed in specified synchronization situation.
Defines an action to take when a synchronization situation is encountered.
Context of the synchronization operation.
Synchronization context ready for the synchronization, i.e. it has type identification and synchronization policy present.
Represents a synchronization change event (obtained typically by live synchronization or asynchronous update)
that needs to be processed.
TODO
TODO
Prints synchronization information (new, i.e. transition-based).
TODO
Information needed to carry out synchronization-related activities (classification, correlation,
and execution of synchronization reactions).
Describes what the policy "decides" about a specific account.
TODO
Creates
SynchronizationPolicy
objects.Wraps both
LegacySynchronizationReactionType
and SynchronizationReactionType
.Default settings for synchronization reactions.
Defines reaction(s) to synchronization-related situations, plus other synchronization settings.
SynchronizationReactionTableWizardPanel<C extends AbstractSynchronizationReactionType,P extends Containerable>
Reaction to synchronization situation or situations.
TODO
TODO include SynchronizationOperationResult?
TODO
Synchronization service receives change notifications from provisioning.
Helper class that registers SynchronizationService as a provisioning change notification listener.
Complex description of a synchronization situation.
Describes how many times given synchronization situation transition has occurred.
TODO
How synchronization situation in shadows should be updated.
TODO
TODO
TODO
Tracks synchronization situation changes during a single item processing.
We recognize several flavors of synchronization tasks: import, reconciliation, live sync, and async update; later maybe others.
Defines a synchronization properties (configuration) for a
resource.
Plain "synchronize" action.
Drives the synchronization of simple association values having this shadow as an object.
Drives the synchronization of respective shadows (or related aspects).
Synchronizes a single resource object.
Plain "synchronize" (clockwork-based) action.
TODO
The degree how much are inbound operations enabled.
TODO
It is comparable on the sequence number.
Auxiliary methods for synchronization tasks: Live Sync, Async Update, Import, Reconciliation,
and - strange but true - Shadow Cleanup).
Specifies details how an audit event record property is created.
Details about creation and recording of audit events.
Specifies details regarding creation and recording of audit events.
Utility methods for audit-related system configuration options.
Adapter from SystemConfigurationChangeDispatcher to
Cache
.Central point of dispatching notifications about changes to the system configuration object.
Dispatches "system configuration changed" events to relevant objects.
Application event related to system configuration change.
Listener that needs to receive notifications related to system configuration object changes.
Global settings related to correlation.
Specifies profile for expression evaluations, execution, restrictions, etc.
Application event related to system configuration being (re)loaded by
SystemObjectCache
.This is an attempt to provide more typed access to config.xml file content.
Global configuration of simulations.
System configuration object.
All system (non-business) error condition should be derived
from this type.
The system features related to the subscription handling.
Collects the information to fill the
SystemFeatures
instance.Cache for system object such as SystemConfigurationType.
OID constants for system objects
TabbedPanel<T extends org.apache.wicket.extensions.markup.html.tabs.ITab>
TabCenterTabbedPanel<T extends org.apache.wicket.extensions.markup.html.tabs.ITab>
Tabbed Panel with different html file.
TableRelationResolver<Q extends FlexibleRelationalPathBase<R>,R,TS,TQ extends FlexibleRelationalPathBase<TR>,TR>
Resolver that knows how to traverse to the specified target query type.
How the tailoring is applied.
Evaluates resolved assignment target: its payload (authorizations, GUI config) and assignments/inducements.
Tells
FocalMappingSetEvaluation
how to find target object.Configuration structure related to request access UI wizard and its first step - person of interest.
Task instance - a logical unit of work.
Provides common functionality related to activities (something like
TaskManager
does for tasks).Describes the state of the activity or activities embedded in the task (and its subtasks - in the
case of a root task).
Searchable computed indexes, which tries to capture common parameters used to identify objects
(and resource objects), which are expected to be affected by execution of the task.
Mode of task auto-scaling.
Auto-scaling configuration for the task.
Executes arbitrary code that needs a
Task
and an OperationResult
.Whether a recurring task is bound tightly to one node (having allocated
a thread on this node for the whole time of task run) or it should
by dynamically placed on any suitable node when its execution time comes.
Popup panel for creating task for recognized resource object (work with object type, so with kind and intent).
Popup panel for creating task for unrecognized resource object (work with object class).
Utility methods useful for displaying task information.
TODO TODO TODO update this doc
Original description:
Adds "RUNNING" state to the TaskExecutionState (meaning the task is currently executing at a node).
Task error bean for native repository.
TODO: promised to be removed in 4.5, at least in this doc: https://docs.evolveum.com/midpoint/reference/admin-gui/admin-gui-config/
Created by honchar.
Exception that carries supplementary information on how it should be treated
(with the respect to operation result and task run result status).
Constraints on task execution, e.g. a execution group, allowed/disallowed nodes, etc.
Specification of the environment in which the task should execute.
TODO
Limitations for execution of tasks on a given node.
Describes the execution mode this task runs in.
Execution state provides information about the task overall high-level execution state.
Limitations for execution of a task group on a given node.
Contains all non-trivial task information (progress, workers, overall status, and so on) needed for the use
of GUI and reporting.
Attaches
TaskInformation
to SelectableBean
for `TaskType`.Support for recording iterative operations directly on tasks - where activities are not available.
Notifies external observers about task-related events.
Task Manager Interface.
Provides an information whether we can allow to run the system in clustered mode.
Updates "indexed" values in task objects; currently
TaskType.getAffectedObjects()
.Utility methods related to task operation statistics.
Task persistence status.
Whether the task activity is to be executed only once (single-run tasks)
or periodically (recurring tasks).
Used to resolve tasks (mainly subtasks) in various utility methods in this package.
Role of the task in the execution of the local root activity.
Represents a run of a task.
Single-purpose class to return task run results.
Scheduling state informs about the state of the task regarding its scheduling.
Interface of the Model subsystem that provides task-specific operations.
Collects synchronization statistics related to processing of an activity within a task.
Utilities related to task trees.
TaskType contains information about a task (either transient or persistent).
TODO
What to do after task is unpaused (i.e. stopped waiting)?
Utility methods related to the
Task
objects.Why is the task in the waiting state?
Prints work buckets management performance information.
Created by Viliam Repan (lazyman).
All pieces of configuration data that are relevant for correlation obtainable from an object template.
Evaluation of object template mappings.
Selects an object by comparing tenant information.
Describe terminate session event cluster-wide.
Describes capability to test connection to the resource once the connector is configured.
Created by honchar.
Statically-typed "test-resource" action.
Executes "test-resource" action.
Enumeration of standardized test connection operation names as they are presented in the
OperationResult
returned by `testResource` and related methods.A response from testResource operation.
A request for testResource operation.
Custom text area component which normalizes multi-line POST data submitted by browser.
Monitors operations for the current thread.
What is to be done when the thread allocated to this task stops
(e.g. via node shutdown or node crash).
Deprecated.
Don't use this component, it will be gradually removed from gui.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
TODO
EXPERIMENTAL
By default (when the base is not specified), positive time intervals are meant "after work item start".
Holds the result of time interval computation with respect to the current
date and time.
Water mark (bound).
Connector operation timeout values.
Filter processor for an attribute path (Prism item) of a timestamp type.
TODO
A constraint that triggers when validity of an object, assignment, or basically any time-sensitive
item (e.g. password) is about to end.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Simple button that toggles two states (on-off).
Simple button that toggles two states (on-off, alphasort-numericsort, etc).
Created by Viliam Repan (lazyman).
Created by Dominik.
Tomcat valve used to redirect root (/) URL to real application (/midpoint/).
This behavior is used for bootstrap tooltips.
Created by honchar
Created by honchar
Just am empty extension of SLF4J logger.
Specification of the data flow(s) to be visualized.
Generic data selection rule.
One object.
Object dictionary.
Wrapper for logging library.
Factory for trace instances.
Default or customized text form of an
AbstractTraceEvent
.Selects an operation trace.
Root type for tracing information that is embedded in OperationResult objects.
Utility methods related to tracing.
What columns to visualize?
How to visualize trace file.
How to visualize trace file.
How a traced operation is to be visualized.
TODO rework
Collects log entries e.g. for tracing purposes in midPoint.
Tracing configuration, including profiles to be selected from.
Description of the environment where the trace was captured.
Level of tracing.
Metadata e.g. time of creation, etc.
Output of the tracing.
Describes how the tracing is to be done.
Points at which tracing can be requested.
Describes how the tracing of specific type is to be done.
TODO is this used?
Mapping that manages transformation metadata.
Computes value metadata during expression evaluation or during consolidation.
TODO
Relativity mode of an expression.
Maintains selected statistical information related to processing items in a current activity run.
Cache that is transient but can be declared final in serializable objects.
Specifies how the inner constraints are to be evaluated with regard to operation start and end state.
Contract for a message transport instance, which is mostly SPI type contract.
Message transport service component which facilitates sending the messages via transports.
SPI support for
Transport
providing important dependencies.Used as a main component of the Org tree page.
Deals with creation of recompute triggers for selected objects.
Global state for optimizing trigger creators for the given midPoint node.
How much information about triggered policy rules should be stored?
TODO
TODO
Task handler for the trigger scanner.
Fires triggers on objects found by the search operation.
Executes trigger scan on repository objects.
Defines triggers for an object.
TODO move to a better place?
Specifies the use of trigram similarity for searching.
TODO: This should do more parsing in the future.
Exception used for tunneling checked exceptions through places where checked exceptipons are not allowed (e.g. callbacks).
Use this component when two-state widget is needed (e.g. boolean attributes - true/false)
Bear in mind that:
- first button represents FALSE
- second button represents TRUE
Definition of a type (as opposed to definition of an item).
Item Path rooted in specified type
Typed Query represents query with filter, which can be used for searching references, containers and objects (depending on item type).
Value and definition pair.
TypeFilterProcessor<Q extends QObject<R>,R extends MObject,TQ extends QObject<TR>,TR extends MObject>
Filter processor that resolves
TypeFilter
.Created by Dominik.
Filter processor for object type stored as PG enum, queried with QName value.
Description of the change in the external resource at the UCF level i.e. corresponding to Change object.
Java class for UnaryLogicalOperatorFilterType complex type.
Statically-typed "unassign" action.
Executor for "unassign" actions.
Type used to represent Java objects that are otherwise unknown to the system and cannot be
represented in "canonical" XML form.
Unlinks resource object from its owning focus.
Unlocks the focus object (if the time has come).
Object type passed to the operation is not supported by the
implementation.
The invoked operation is not supported.
Extension of
ItemSqlMapper
adding update capability (delta processing).Describes update capability.
Handles upgrade of single object, filters out items that are not applicable for upgrade based on options selected by user.
Keeps summary of validation items processed during upgrade, grouped by priority and status (processed/skipped).
todo cleanup options, use OutputOptions, SearchOptions etc.
Component hiding details of how QNames are stored in
QUri
.Created by Viliam Repan (lazyman).
Java class for UriFilterType complex type.
Filter processor for URI item paths - represented by string/QName in schema and by int ID in DB.
An interface used for definition page url in GUI.
Object clustering options for "user" mode.
Implements clustering of user based process mode.
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by honchar
Specifies the details of a new credential entered manually by a user.
Defines, whether a user interface element (form, widget) will be visible or it will be hidden.
Defines properties of a specific user interface feature (e.g. button, button set, widget, etc.)
TODO
Describe list of sessions.
Describe session - user, active sessions, nodes where the user is active
Be aware: EXPERIMENTAL
User object represents a physical user of the system.
Similar to
SimpleItemFilterProcessor
but String value can be just UUID prefixes
and must be smartly converted based on the actual operation.Matching rule for universally unique identifier (UUID).
Normalizer for UUID values.
Executes "validate" action.
TODO
TODO
TODO
Interface for object validation (mostly to be used in tests).
Element which allows predefined validity duration for requested rolesin request access UI wizard.
How to execute validation scan queries.
Authorization parameters for sub-object operations.
TODO: rename to ValueObjectChoicePanel, PrismValueObjectSelectorPanel or
something better
TODO unify with PrettyPrinter somehow
Filter processor that resolves item path and then constructs an SQL condition for it.
Object wraps zero, one or multiple values and makes their processing easier.
Computation of value metadata.
Provides empty value metadata.
The value metadata.
Normalizes a (string) value for the purpose of custom property indexing.
Objects of type ValueParser should be immutable.
Resolves "origin object" during value policy evaluation.
TODO
Processor for values that match value policies (mostly passwords).
Supplies value policy when needed (e.g. in generate expression evaluator).
Selects a value from multivalued item (property, container, reference).
Parsed form of
ObjectSelectorType
and its subtypes.Item-specific specifications, e.g., assignment subtype.
Pre-defined set definition, such as all or none.
Definition of value set.
Context for a transformation of a single value (or values tuple) during expression evaluation.
TODO
Trace for expression evaluation operation in AbstractValueTransformationExpressionEvaluator.
Trace for transformation of a tuple of values.
Java class for ValueType complex type.
Type of variables that appear in the script.
Definition of variable which is bound to the property.
Produces extra variables from values of existing sources.
Expression evaluator that is using Apache Velocity engine.
Created by Viliam Repan (lazyman).
Consumer writing exported audit events to the writer (stdout or file).
Similar to normal repository
ExportRepositoryAction
, but not extended from
AbstractRepositorySearchAction
because we need containers here and objects are quite
deeply embedded in the existing classes.TODO from design point of view handling of main writer and deltaWriter is just nasty.
// todo fix these options, extending Export options is messing up help messages (it's using export.* keys)
Created by honchar
VerticalFormPrismContainerValuePanel<C extends Containerable,CVW extends PrismContainerValueWrapper<C>>
Created by Viliam Repan (lazyman).
There are cases when you need to force midpoint thinks that user has assigned some
role.
Item specification to display in container
Used to specify "virtual" containers for displaying details page in GUI.
TODO: move to com.evolveum.midpoint.gui.api.util
Suppliers take precedence when evaluating visibility and enabled state before
VisibleEnableBehaviour.isVisible()
and VisibleEnableBehaviour.isEnabled()
methods.Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
TODO make this parametric (along with VisualizationItemValue)
Computes real wall clock time from a set of execution records ("from - to").
Water mark (bound).
Utility class containing miscellaneous methods used mostly in Wicket
components.
Created by Viliam Repan (lazyman).
Utility class that contains methods that interact with ModelService and other
midPoint components.
Collection of brutal and ugly hacks, to be removed when prism implementation will be reviewed in 3.5.
Configuration for workflow change processor.
Configuration for workflows - for those parts not stored in the system config file.
Configuration related to tasks in which model operations are executed.
Scope of execution task serialization.
Whether and how to serialize execution tasks (if "execute after all approvals" is set to false).
DEPRECATED
We need to decide what to do with this.
Specification of a process that is to be started.
TODO
Created by Viliam Repan (lazyman).
TODO: viliam
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Created by Viliam Repan (lazyman).
Parameters related to buckets allocation process.
Handles various aspects of work bucket content e.g. creating filters for work space segmentation.
Responsible for creation of configured work bucket content handlers.
State of the work bucket.
Description of a state and content of a work bucket.
Defines the work that is to be done within an activity.
Represents statically or dynamically defined activity work definition.
Statically defined (usually, midPoint-provided) beans.
Run-time defined, usually customer provided beans.
Creates
WorkDefinition
instances from their serialized (bean) form.These parameters will be probably modified in the future, so let's avoid reworking all the constructors,
and centralize the knowledge here.
Definition of the work that has to be done within an activity.
How to create and manage worker tasks.
How to create worker tasks per node.
Executes the workers reconciliation.
Result of the workers reconciliation process.
Actions to execute.
Primarily used to simplify passing parameters to
CaseEventCreationListener
.Event describing the work item completion.
Event describing the fact of delegation.
How the delegation should be realized.
A request to delegate work item - analogous to AbstractWorkItemOutputType.
Created by honchar
Created by honchar
Event describing the fact of escalation.
Description of an escalation level the processing is at.
An event bound to specific
CaseWorkItemType
.Type of event cause.
Process event related to a specific work item.
Uniquely identifies a work item.
TODO
EXPERIMENTAL
Primarily used to simplify passing parameters to CaseEventCreationListener.
Kind of operation.
What caused the operation.
Result (outcome) of a work item.
Overall output from a work item: outcome (approve/reject/...), comment, additional delta,
and probably other things in the future.
Selects some work items from all the items (perhaps of a given type, like approval work items).
Created by Viliam Repan (lazyman).
Actions that should be applied to a work item in given moments (relative to work item creation
or work item deadline).
Artificial implementation of a visualization used to hold a list of deltas.
A class used to hold string represented either as plain string or as XML markup.
Combined resolver used when parsing schemas.
Formatter for
XMLGregorianCalendar
objects.String matching rule that compares strings as XML snippets.
Normalizer for XML values.
This element contains the XSD-formatted definition of schema.
Simple implementation that converts XSD primitive types to Java (and vice
versa).
This is to be cleaned up later.
Temporary, experimental API.
Temporary, experimental piece of code.
Temporary interface to allow modifying XNode representation.
Maintains mapping of XSD types (qnames) and Java types (classes)
Defines how zone of control should be maintained.