[midPoint-git] [Evolveum/midpoint] 6326a7: Add support for more relations in authorizations
mederly
noreply at github.com
Tue Jul 9 08:38:54 UTC 2019
Branch: refs/heads/master
Home: https://github.com/Evolveum/midpoint
Commit: 6326a7cbb6014835680e6c01c599c28810cb0c88
https://github.com/Evolveum/midpoint/commit/6326a7cbb6014835680e6c01c599c28810cb0c88
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2019-07-09 (Tue, 09 Jul 2019)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/assignment/AssignmentEditorPanel.java
M infra/prism-api/src/main/java/com/evolveum/midpoint/prism/PrismContainer.java
M infra/prism-api/src/main/java/com/evolveum/midpoint/prism/PrismContainerValue.java
M infra/prism-impl/src/main/java/com/evolveum/midpoint/prism/impl/PrismContainerImpl.java
M infra/prism-impl/src/main/java/com/evolveum/midpoint/prism/impl/PrismContainerValueImpl.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/CaseTypeUtil.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SchemaDeputyUtil.java
M infra/schema/src/main/resources/xml/ns/public/common/common-case-management-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-certification-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-model-context-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-workflows-3.xsd
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/util/DeputyUtils.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractSecurityTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityAdvanced.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityPrincipal.java
A model/model-intest/src/test/resources/security/archetype-approval-case.xml
A model/model-intest/src/test/resources/security/case-1.xml
A model/model-intest/src/test/resources/security/case-2.xml
A model/model-intest/src/test/resources/security/case-3.xml
A model/model-intest/src/test/resources/security/case-4.xml
A model/model-intest/src/test/resources/security/role-cases-assignee-self.xml
A model/model-intest/src/test/resources/security/role-cases-object-self.xml
A model/model-intest/src/test/resources/security/role-cases-requestor-self.xml
A model/model-intest/src/test/resources/security/role-self-delegable.xml
A model/model-intest/src/test/resources/security/user-deputy-1.xml
A model/model-intest/src/test/resources/security/user-deputy-2.xml
M model/workflow-api/src/main/java/com/evolveum/midpoint/wf/util/QueryUtils.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/ObjectSecurityConstraintsImpl.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SecurityEnforcerImpl.java
Log Message:
-----------
Add support for more relations in authorizations
Besides owner, delegator and tenant we now support requester,
assignee, and relatedObject clauses in object specification:
first two for CaseType, the third one for CaseType and TaskType.
This is an implementation of MID-3121.
Note that the authorization evaluation added is checked only on
object (CaseType/TaskType) level. In particular,
searchContainers(CaseWorkItemType) is not affected by this work.
--
Also included some other minor changes, e.g. adding "id" attribute
to schema for some containers.
Commit: bfb8b9d28b11f7bcfbcb4fb9d2858a43daddfb9e
https://github.com/Evolveum/midpoint/commit/bfb8b9d28b11f7bcfbcb4fb9d2858a43daddfb9e
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2019-07-09 (Tue, 09 Jul 2019)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/page/PageBase.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/ModelServiceLocator.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/factory/AppendersWrapperFactoryImpl.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/factory/EnumPanelFactory.java
M gui/admin-gui/src/main/resources/initial-objects/000-system-configuration.xml
A gui/admin-gui/src/test/java/com/evolveum/midpoint/gui/TestIntegrationObjectWrapperFactory.java
M gui/admin-gui/src/test/java/com/evolveum/midpoint/web/AbstractGuiIntegrationTest.java
M gui/admin-gui/src/test/java/com/evolveum/midpoint/web/AbstractGuiUnitTest.java
M gui/admin-gui/src/test/java/com/evolveum/midpoint/web/AbstractInitializedGuiIntegrationTest.java
M gui/admin-gui/src/test/java/com/evolveum/midpoint/web/ObjectWrapperTest.java
R gui/admin-gui/src/test/java/com/evolveum/midpoint/web/TestIntegrationObjectWrapperFactory.java
M gui/admin-gui/src/test/java/com/evolveum/midpoint/web/WrapperTestUtil.java
M gui/admin-gui/src/test/resources/common/user-jack.xml
M gui/admin-gui/testng-integration.xml
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationServiceImpl.java
M provisioning/provisioning-api/src/main/java/com/evolveum/midpoint/provisioning/api/ResourceObjectShadowChangeDescription.java
M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ShadowCache.java
Log Message:
-----------
Merge remote-tracking branch 'origin/master'
Compare: https://github.com/Evolveum/midpoint/compare/0addc06a88fd...bfb8b9d28b11
More information about the midPoint-svn
mailing list