[midPoint-git] [Evolveum/midpoint] 5b1ad8: Generalize security enforcer code

mederly noreply at github.com
Fri May 19 17:10:50 CEST 2023 

  Branch: refs/heads/feature/autz-improvements
  Home:   https://github.com/Evolveum/midpoint
  Commit: 5b1ad842f45ddc651ee873f716a81265d8a76e56
      https://github.com/Evolveum/midpoint/commit/5b1ad842f45ddc651ee873f716a81265d8a76e56
  Author: Pavol Mederly <mederly at evolveum.com>
  Date:   2023-05-19 (Fri, 19 May 2023)

  Changed paths:
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/authorization/evaluator/MidPointGuiAuthorizationEvaluator.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/SchemaTransformer.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
    M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/ObjectOperationConstraints.java
    M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/SecurityEnforcer.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/AuthorizationEvaluation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/AuthorizationFilterEvaluation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerDecisionOperation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerFilterOperation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerOperation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/ObjectSelectorEvaluation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/ObjectSelectorFilterEvaluation.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/OtherEnforcerOperation.java
    A repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/PhaseSelector.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SecurityEnforcerImpl.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/TracingUtil.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/clauses/Assignee.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/clauses/ClauseFilterEvaluationContext.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/clauses/Filter.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/clauses/Owner.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/clauses/RelatedObject.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/clauses/Requester.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/PrismValueCoverageInformation.java
    A repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/SelectorChainSegment.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/SinglePhasePrismEntityOpConstraintsImpl.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/TwoPhasesPrismEntityOpConstraintsImpl.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/UpdatablePrismEntityOpConstraints.java

  Log Message:
  -----------
  Generalize security enforcer code

Some operations were generalized from PrismObject to any prism value.
This is a preparation before sub-object get/search operations are
implemented.

Behavior change: The processing of "type" + "relational" (object,
owner, assignee, requester) clauses was fixed: the relational clause
evaluation now considers the refined type, not the original search type.

More information about the midPoint-svn mailing list