[midPoint-git] [Evolveum/midpoint] 3c50c9: Add bulk-3#xxx authorizations
mederly
noreply at github.com
Thu Aug 24 16:28:54 CEST 2023
Branch: refs/heads/master
Home: https://github.com/Evolveum/midpoint
Commit: 3c50c95c2f351bed92165dc4b9bed8140fd06839
https://github.com/Evolveum/midpoint/commit/3c50c95c2f351bed92165dc4b9bed8140fd06839
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-08-24 (Thu, 24 Aug 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/abstractrole/component/MemberOperationsTaskCreator.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/init/PostInitialDataImport.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/configuration/PageBulkAction.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/ObjectHandler.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/ResultHandler.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ScriptingBeansUtil.java
M infra/schema/src/main/resources/xml/ns/public/model/scripting/scripting-3.xsd
M infra/schema/src/test/java/com/evolveum/midpoint/schema/parser/TestParseScriptingExpression.java
M infra/schema/src/test/java/com/evolveum/midpoint/schema/parser/TestParseScriptingExpressionXsiType.java
A model/model-api/src/main/java/com/evolveum/midpoint/model/api/BulkAction.java
A model/model-api/src/main/java/com/evolveum/midpoint/model/api/BulkActionExecutionOptions.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/BulkActionsService.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/evaluators/StateConstraintEvaluator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/SynchronousScriptExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/ActionExecutor.java
A model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/BulkActionExecutorRegistry.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/BulkActionsExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/ExecutionContext.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/IterativeScriptingActivityHandler.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/NonIterativeScriptingActivityHandler.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/PipelineData.java
R model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/ScriptingActionExecutorRegistry.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/AbstractExecuteExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/AbstractObjectBasedActionExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/AddExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ApplyDefinitionExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/AssignExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/AssignmentOperationsExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/BaseActionExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/DeleteExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/DiscoverConnectorsExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/EnableDisableExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/EvaluateExpressionExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ExecuteScriptExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/GenerateValueExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/LogExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ModifyExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/NotifyExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/PurgeSchemaExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/RecomputeExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ReencryptExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ResolveExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ResumeTaskExecutor.java
A model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/SearchExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/TestResourceExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/UnassignExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/actions/ValidateExecutor.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/expressions/FilterContentEvaluator.java
R model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/expressions/SearchEvaluator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/expressions/SelectEvaluator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/helpers/ExpressionHelper.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/scripting/helpers/OperationsHelper.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthorizationMigrator.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestExpressionProfiles.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/scripting/AbstractBasicScriptingTest.java
M model/model-intest/src/test/resources/scripting/assign-to-jack-dry-and-raw.xml
M model/model-intest/src/test/resources/scripting/delete-and-add-jack-legacy.xml
M model/model-intest/src/test/resources/scripting/disable-jack-legacy.xml
M model/model-intest/src/test/resources/scripting/modify-jack-back-legacy.xml
M model/model-intest/src/test/resources/scripting/modify-jack-back.xml
M model/model-intest/src/test/resources/scripting/scripting-users.xml
M model/model-intest/src/test/resources/scripting/search-for-users-accounts-nofetch.xml
M model/model-intest/src/test/resources/scripting/search-for-users-accounts.xml
M model/model-intest/src/test/resources/scripting/unassign-pirate-manager-and-owner-from-will.xml
M model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/controller/ImportController.java
M model/rest-impl/src/main/java/com/evolveum/midpoint/rest/impl/ModelRestController.java
M repo/security-api/src/main/java/com/evolveum/midpoint/security/api/AuthorizationConstants.java
M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/AuthorizationParameters.java
Log Message:
-----------
Add bulk-3#xxx authorizations
The model-3#executeBulkAction (a recent replacement of #executeScript)
was not bad, but even better is providing authorizations for individual
bulk actions: add, delete, enable, disable, ... This way, the admin
is able to fine-tune authorizations to cover exactly what a user
needs to have. Moreover, it is well-aligned to similar namespaces:
gui-3 and rest-3.
Other changes:
- Removed ScriptExecutionException. Bulk actions executor now throws
standard exceptions (SchemaException, ObjectNotFoundException, ...).
- The "search" instruction is now an action; although it cannot
be called dynamically because of a conflict between "type" property
in <action> and in <search>, it is really something that we want
to allow/deny in expression profiles and by authorizations.
- Improved the API by introducing BulkActionExecutionOptions.
- Created BulkAction enum that lists all known actions.
Commit: 0f8aad9981ea935f7d45a43de75f85dc61db1d18
https://github.com/Evolveum/midpoint/commit/0f8aad9981ea935f7d45a43de75f85dc61db1d18
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-08-24 (Thu, 24 Aug 2023)
Changed paths:
M infra/schema/src/main/resources/xml/ns/public/common/common-security-3.xsd
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/authentication/CorrelationModuleAuthenticationImpl.java
Log Message:
-----------
Merge remote-tracking branch 'origin/master'
Commit: ff4f4bc5a3571cc650802121b7b99a25fed060a3
https://github.com/Evolveum/midpoint/commit/ff4f4bc5a3571cc650802121b7b99a25fed060a3
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-08-24 (Thu, 24 Aug 2023)
Changed paths:
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/CorrelationModuleFactory.java
Log Message:
-----------
Fix compilation problem
Compare: https://github.com/Evolveum/midpoint/compare/0222811b50e9...ff4f4bc5a357
More information about the midPoint-svn
mailing list