[midPoint-git] [Evolveum/midpoint] 6cfba2: better support for expression filters when using r...
Viliam Repan
noreply at github.com
Tue Jun 13 17:34:28 CEST 2023
Branch: refs/heads/feature/upgrade-process
Home: https://github.com/Evolveum/midpoint
Commit: 6cfba2458abde3feafdfffbc1a4b198d529681d0
https://github.com/Evolveum/midpoint/commit/6cfba2458abde3feafdfffbc1a4b198d529681d0
Author: Katarina Valalikova <k.valalikova at evolveum.com>
Date: 2023-06-09 (Fri, 09 Jun 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/PropertySearchItemWrapper.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/ReferenceSearchItemWrapper.java
Log Message:
-----------
better support for expression filters when using reference parameters. (related to MID-8893)
Commit: 08657c345b7665c03f6d5afccd1562fedb6a298d
https://github.com/Evolveum/midpoint/commit/08657c345b7665c03f6d5afccd1562fedb6a298d
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-10 (Sat, 10 Jun 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/cases/CaseWorkItemActionsPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/cases/MyCaseWorkItemsPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/cases/PageCaseWorkItemsAllocatedToMe.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/WorkItemDetailsPanel.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseFilteringContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseMatchingContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/SubjectedEvaluationContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/AssigneeClause.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/CandidateAssigneeClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/DelegatorClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/RelatedObjectClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/RequesterClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/ValueSelector.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/CertCampaignTypeUtil.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectTypeUtil.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/WorkItemId.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/cases/CaseTypeUtil.java
M infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-model-context-3.xsd
M model/cases-api/src/main/java/com/evolveum/midpoint/cases/api/CaseManager.java
M model/cases-api/src/main/java/com/evolveum/midpoint/cases/api/util/QueryUtils.java
M model/cases-impl/src/main/java/com/evolveum/midpoint/cases/impl/CaseManagerImpl.java
M model/cases-impl/src/main/java/com/evolveum/midpoint/cases/impl/helpers/AuthorizationHelper.java
M model/certification-api/pom.xml
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertUpdateHelper.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/authentication/GuiProfiledPrincipal.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/AssignmentPath.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/assignments/AssignmentPathImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthorizationMigrator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/GuiProfileCompiler.java
M model/model-impl/src/test/java/com/evolveum/midpoint/model/impl/security/TestGuiProfiledPrincipalManager.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/AbstractConfiguredModelIntegrationTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/AbstractEmptyModelIntegrationTest.java
A model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractEmptySecurityTest.java
A model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractInitializedSecurityTest.java
R model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractSecurityTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityAdvanced.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
A model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityGovernance.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityItemValues.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityMedium.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityMultitenant.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityPrincipal.java
A model/model-intest/src/test/resources/security/governance/case-request-1-role-1.xml
A model/model-intest/src/test/resources/security/governance/case-request-1-role-2.xml
A model/model-intest/src/test/resources/security/governance/case-request-1.xml
A model/model-intest/src/test/resources/security/governance/case-request-2-role-3.xml
A model/model-intest/src/test/resources/security/governance/case-request-2.xml
A model/model-intest/src/test/resources/security/governance/org-wheel.xml
A model/model-intest/src/test/resources/security/governance/role-1.xml
A model/model-intest/src/test/resources/security/governance/role-2.xml
A model/model-intest/src/test/resources/security/governance/role-3.xml
A model/model-intest/src/test/resources/security/governance/role-approver-common-parts.xml
A model/model-intest/src/test/resources/security/governance/role-approver-standard-legacy.xml
A model/model-intest/src/test/resources/security/governance/role-approver-standard-new.xml
A model/model-intest/src/test/resources/security/governance/role-approver-standard-with-candidates.xml
A model/model-intest/src/test/resources/security/governance/user-1.xml
A model/model-intest/src/test/resources/security/governance/user-approver1.xml
A model/model-intest/src/test/resources/security/governance/user-approver2.xml
A model/model-intest/src/test/resources/security/governance/user-approver3.xml
A model/model-intest/src/test/resources/security/governance/user-wheel-member1.xml
M model/model-intest/testng-integration-full.xml
M model/model-intest/testng-integration-security.xml
M model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java
R model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processes/common/SpringApplicationContextHolder.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processes/common/StageComputeHelper.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processes/itemApproval/ApprovalSchemaHelper.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/cases/CaseStageOpening.java
M model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/assignments/AbstractTestAssignmentApproval.java
M model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/objects/AbstractTestObjectLifecycleApproval.java
M model/workflow-impl/src/test/resources/assignments/user-jack-deputy.xml
M model/workflow-impl/src/test/resources/assignments/user-lead1-deputy1.xml
M model/workflow-impl/src/test/resources/assignments/user-lead1-deputy2.xml
M model/workflow-impl/src/test/resources/common/041-role-approver.xml
M model/workflow-impl/src/test/resources/common/user-jack.xml
M model/workflow-impl/src/test/resources/miscellaneous/user-scrooge.xml
M model/workflow-impl/src/test/resources/objects-advanced/user-employee-owner.xml
M model/workflow-impl/src/test/resources/objects/user-pirate-owner.xml
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/ObjectSelectorMatcher.java
M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java
M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/TestObject.java
M repo/security-api/pom.xml
R repo/security-api/src/main/java/com/evolveum/midpoint/security/api/DelegatorWithOtherPrivilegesLimitations.java
M repo/security-api/src/main/java/com/evolveum/midpoint/security/api/MidPointPrincipal.java
A repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OtherPrivilegesLimitations.java
M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/ValueAuthorizationParameters.java
M repo/security-enforcer-impl/pom.xml
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/AuthorizationEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/AuthorizationFilterEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerOperation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SelectorEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SelectorFilterEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/PrismValueCoverageInformation.java
Log Message:
-----------
Migrate case mgmt authorizations to new style (#1)
Added support for #completeWorkItem and #delegateWorkItem in case mgmt
module. The legacy #delegateOwnWorkItems authorization is interpreted
as #delegateWorkItem with appropriate selector.
In particular:
- Added new "candidateAssignee" clause to enable providing #read autz
to candidate assignees (and their deputies).
- Reworked treatment of "other privileges limitations" in
MidPointPrincipal. Fixed handling of those limitations during
the evaluation of selector clauses.
- Explicitly marking "assignee" clause as supporting only "self"
object selector during searching. (This was in fact so from the
beginning, but only now it's documented and checked.)
Work in progress. #completeAllWorkItems and #delegateAllWorkItems remain
to be migrated. Some tests may fail.
Commit: eb5272556322caa5dca2c54934958f3939b5adda
https://github.com/Evolveum/midpoint/commit/eb5272556322caa5dca2c54934958f3939b5adda
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-10 (Sat, 10 Jun 2023)
Changed paths:
M testing/story/src/test/resources/strings/roles/role-end-user.xml
M testing/story/src/test/resources/strings/users/lechuck.xml
Log Message:
-----------
Adapt TestStrings to new case mgmt autz
The new #completeWorkItem authorization introduced in
08657c345b7665c03f6d5afccd1562fedb6a298d had to be added to users
in this test.
Commit: d36b9396f3494ee201679f6e96e23b46751b9af1
https://github.com/Evolveum/midpoint/commit/d36b9396f3494ee201679f6e96e23b46751b9af1
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-10 (Sat, 10 Jun 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/PropertySearchItemWrapper.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/ReferenceSearchItemWrapper.java
Log Message:
-----------
Merge branch 'master' into feature/autz-improvements
# Conflicts:
# model/certification-api/pom.xml
Commit: 10be1c00f069ff68fa6a10a19e615dd8624f1d20
https://github.com/Evolveum/midpoint/commit/10be1c00f069ff68fa6a10a19e615dd8624f1d20
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-10 (Sat, 10 Jun 2023)
Changed paths:
M repo/repo-sqale/src/test/java/com/evolveum/midpoint/repo/sqale/func/SqaleRepoModifyObjectTest.java
Log Message:
-----------
Fix failing SqaleRepoModifyObjectTest
Commit: 8c2466245dffe6a0916ea49df888c0fede4c8a3f
https://github.com/Evolveum/midpoint/commit/8c2466245dffe6a0916ea49df888c0fede4c8a3f
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-10 (Sat, 10 Jun 2023)
Changed paths:
A infra/schema/src/main/java/com/evolveum/midpoint/schema/util/AccessCertificationCaseId.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/util/AccessCertificationWorkItemId.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/WorkItemId.java
M model/cases-api/src/main/java/com/evolveum/midpoint/cases/api/util/QueryUtils.java
R model/certification-api/src/main/java/com/evolveum/midpoint/certification/api/AccessCertificationCaseId.java
R model/certification-api/src/main/java/com/evolveum/midpoint/certification/api/AccessCertificationWorkItemId.java
M model/certification-api/src/main/java/com/evolveum/midpoint/certification/api/CertificationManager.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertCaseOperationsHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertOpenerHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertQueryHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertReviewersHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertTimedActionTriggerHandler.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/CertificationManagerImpl.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/handlers/DirectAssignmentCertificationHandler.java
M model/certification-impl/src/test/java/com/evolveum/midpoint/certification/test/AbstractCertificationTest.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthorizationMigrator.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityAdvanced.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityGovernance.java
A model/model-intest/src/test/resources/security/governance/campaign-assignments-1.xml
M model/model-intest/src/test/resources/security/governance/role-approver-standard-legacy.xml
A model/model-intest/src/test/resources/security/governance/role-reviewer-common-parts.xml
A model/model-intest/src/test/resources/security/governance/role-reviewer-standard-legacy.xml
A model/model-intest/src/test/resources/security/governance/role-reviewer-standard-new.xml
A model/model-intest/src/test/resources/security/governance/role-super-approver-legacy.xml
R model/model-intest/src/test/resources/security/governance/user-approver1.xml
R model/model-intest/src/test/resources/security/governance/user-approver2.xml
R model/model-intest/src/test/resources/security/governance/user-approver3.xml
A model/model-intest/src/test/resources/security/governance/user-deputy1-1.xml
A model/model-intest/src/test/resources/security/governance/user-deputy1-2-1.xml
A model/model-intest/src/test/resources/security/governance/user-deputy1-2.xml
A model/model-intest/src/test/resources/security/governance/user-manager1.xml
A model/model-intest/src/test/resources/security/governance/user-manager2.xml
A model/model-intest/src/test/resources/security/governance/user-manager3.xml
A model/model-intest/src/test/resources/security/governance/user-manager4.xml
M model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java
A repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/util/AccessCertificationSupportMixin.java
A repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/util/CaseSupportMixin.java
Log Message:
-----------
Migrate legacy case/cert authorizations (#2)
This commit completes the work on migration of legacy work item level
authorizations (evaluated by custom code in cases and certification
modules) to new ones, evaluated by the security enforcer.
Commit: 2e3df132e76cb9ddf865c0fa775bda9c68d23190
https://github.com/Evolveum/midpoint/commit/2e3df132e76cb9ddf865c0fa775bda9c68d23190
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageFocusIdentification.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SecurityPolicyUtil.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/AbstractCredentialModuleFactory.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/ModuleWebSecurityConfigurationImpl.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
Log Message:
-----------
Revert "schema cleanup: AbstractAuthenticationModuleType.name element usage is removed"
This reverts commit c36ef0f089eeac23708b142ccb3b676d7c6558cd.
Commit: cecb2db4fdbda70b22076b9d44aedfb90ddf9be1
https://github.com/Evolveum/midpoint/commit/cecb2db4fdbda70b22076b9d44aedfb90ddf9be1
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/AbstractPageLogin.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageLogin.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/util/SecurityUtils.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SecurityPolicyUtil.java
M model/authentication-api/src/main/java/com/evolveum/midpoint/authentication/api/config/MidpointAuthentication.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
M model/authentication-impl/src/test/java/com/evolveum/midpoint/authentication/TestAuthSequenceUtil.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
M testing/rest/src/test/resources/authentication/repo/security-policy-default.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-disabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-enabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-issuer-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-unsuccessful.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-user-info-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-wrong-attribute-name.xml
M testing/rest/src/test/resources/repo/security-policy-no-history.xml
M testing/rest/src/test/resources/repo/security-policy.xml
Log Message:
-----------
Revert "schema cleanup: AuthenticationSequenceType.name attribute usage is removed"
This reverts commit 8a888a0ade7864c30ab8d6d43dcddb505a61492c.
Commit: 6ed3bc42c1695880ed741406e15dca7221819859
https://github.com/Evolveum/midpoint/commit/6ed3bc42c1695880ed741406e15dca7221819859
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M testing/rest/src/test/resources/authentication/repo/security-policy-default.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-disabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-enabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-issuer-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-unsuccessful.xml
M testing/rest/src/test/resources/repo/security-policy-no-history.xml
M testing/rest/src/test/resources/repo/security-policy.xml
Log Message:
-----------
AuthenticationSequenceType.name -> identifier in diff xml
Commit: c5d8c610ba34dfef72c2da73447b436ded5712cb
https://github.com/Evolveum/midpoint/commit/c5d8c610ba34dfef72c2da73447b436ded5712cb
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SecurityPolicyUtil.java
M model/authentication-api/src/main/java/com/evolveum/midpoint/authentication/api/config/MidpointAuthentication.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
M testing/rest/src/test/resources/authentication/repo/security-policy-default.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-disabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-enabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-issuer-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key-keystore.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-unsuccessful.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-user-info-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-wrong-attribute-name.xml
M testing/rest/src/test/resources/repo/security-policy-no-history.xml
M testing/rest/src/test/resources/repo/security-policy.xml
Log Message:
-----------
Revert "AuthenticationSequenceModuleType.name usage is removed"
This reverts commit 375d6f9324aacb3598ddd5f05dad6b7d2cf1be94.
Commit: 8531a781fc9033af5ce21ec4f903f2ce4a868a27
https://github.com/Evolveum/midpoint/commit/8531a781fc9033af5ce21ec4f903f2ce4a868a27
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M infra/schema/src/main/resources/xml/ns/public/common/common-security-3.xsd
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
Log Message:
-----------
Revert "schema cleanup: removed some earlier analyzed elements"
This reverts commit 27cc3ca3a547060f36c72cf832e4a58614c5daeb.
Commit: 11796f7280ff5707f443bc962682a435892ff1e8
https://github.com/Evolveum/midpoint/commit/11796f7280ff5707f443bc962682a435892ff1e8
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M testing/rest/src/test/resources/authentication/repo/security-policy-default.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-disabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-enabled.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-issuer-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key-keystore.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key-wrong-alg.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-public-key.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-unsuccessful.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-user-info-uri.xml
M testing/rest/src/test/resources/authentication/repo/security-policy-wrong-attribute-name.xml
M testing/rest/src/test/resources/repo/security-policy-no-history.xml
M testing/rest/src/test/resources/repo/security-policy.xml
Log Message:
-----------
one more name -> identifier change in diff xml
Commit: e690a64221efa8a851cddc5d39712c96bb85120a
https://github.com/Evolveum/midpoint/commit/e690a64221efa8a851cddc5d39712c96bb85120a
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectTypeUtil.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/SchemaTransformer.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityGovernance.java
M repo/repo-sqale/src/test/java/com/evolveum/midpoint/repo/sqale/func/SqaleRepoSearchTest.java
Log Message:
-----------
Improve searchContainers autz checks; disable test
This commit makes the message issued by a post-processing check in
SchemaTransformer#applySchemasAndSecurityToContainerValues clearer.
It also provides a (disabled) repo-level test for MID-8894 and disables
other affected ones.
Commit: db9da87e8ee4401d803493b4307b3c0233ee4620
https://github.com/Evolveum/midpoint/commit/db9da87e8ee4401d803493b4307b3c0233ee4620
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/AbstractPageLogin.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageFocusIdentification.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageLogin.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/util/SecurityUtils.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SecurityPolicyUtil.java
M infra/schema/src/main/resources/xml/ns/public/common/common-security-3.xsd
M model/authentication-api/src/main/java/com/evolveum/midpoint/authentication/api/config/MidpointAuthentication.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/AbstractCredentialModuleFactory.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/ModuleWebSecurityConfigurationImpl.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
M model/authentication-impl/src/test/java/com/evolveum/midpoint/authentication/TestAuthSequenceUtil.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri-wrong-alg.xml
Log Message:
-----------
Merge remote-tracking branch 'origin/master'
Commit: c9587bdb17a413fbd02c58531a1d2278757037fc
https://github.com/Evolveum/midpoint/commit/c9587bdb17a413fbd02c58531a1d2278757037fc
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M gui/admin-gui/src/frontend/scss/icon-style.scss
Log Message:
-----------
MID-8817 Missing account icon in Projections
Commit: 228b6a6eadc3fd9484674b9d100611628bf58ebd
https://github.com/Evolveum/midpoint/commit/228b6a6eadc3fd9484674b9d100611628bf58ebd
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/correlation/CorrelationServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationContext.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/action/CreateCorrelationCaseAction.java
M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java
M testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestFirstSteps.java
M testing/story/src/test/resources/first-steps/resource-opendj-220.xml
Log Message:
-----------
Skip creation/update of corr cases when simulating
Correlation cases should be created or updated only when running
in full execution mode.
This resolves MID-8848.
Commit: eac6bfb6e238a91cbf55ee33c5e5d7f6808c422e
https://github.com/Evolveum/midpoint/commit/eac6bfb6e238a91cbf55ee33c5e5d7f6808c422e
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/ValueSelector.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/LinkedObjectsFunctions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkSourceFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkTargetFinder.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/LinkedSelectorToFilterTranslator.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorToFilterTranslator.java
Log Message:
-----------
Deduplicate code in SelectorToFilterTranslator
There was a duplication of selector-to-filter translating code between
linked objects and security enforcer since 4.2. Now, with the advent of
ValueSelector, it became easy to fix. This commit does that.
Commit: c69e96ae538f21648bf826e1b0796c981268cc11
https://github.com/Evolveum/midpoint/commit/c69e96ae538f21648bf826e1b0796c981268cc11
Author: Kateryna Honchar <gonchar.kate at gmail.com>
Date: 2023-06-12 (Mon, 12 Jun 2023)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/ValueSelector.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectTypeUtil.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/SchemaTransformer.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/correlation/CorrelationServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/LinkedObjectsFunctions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkSourceFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkTargetFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationContext.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/action/CreateCorrelationCaseAction.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityGovernance.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/LinkedSelectorToFilterTranslator.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorToFilterTranslator.java
M repo/repo-sqale/src/test/java/com/evolveum/midpoint/repo/sqale/func/SqaleRepoSearchTest.java
M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java
M testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestFirstSteps.java
M testing/story/src/test/resources/first-steps/resource-opendj-220.xml
Log Message:
-----------
Merge branch 'master' of https://github.com/Evolveum/midpoint
Commit: 5bb9c10a54681218acc94b829a139f6065cb2c5c
https://github.com/Evolveum/midpoint/commit/5bb9c10a54681218acc94b829a139f6065cb2c5c
Author: Viliam Repan <vilo.repan at evolveum.com>
Date: 2023-06-13 (Tue, 13 Jun 2023)
Changed paths:
M gui/admin-gui/src/frontend/scss/icon-style.scss
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/PropertySearchItemWrapper.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/wrapper/ReferenceSearchItemWrapper.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/AbstractPageLogin.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAuthenticationBase.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageFocusIdentification.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageLogin.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/cases/CaseWorkItemActionsPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/cases/MyCaseWorkItemsPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/cases/PageCaseWorkItemsAllocatedToMe.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/admin/workflow/WorkItemDetailsPanel.java
M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/util/SecurityUtils.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseFilteringContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseMatchingContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/SubjectedEvaluationContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/AssigneeClause.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/CandidateAssigneeClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/DelegatorClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/RelatedObjectClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/RequesterClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/ValueSelector.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/util/AccessCertificationCaseId.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/util/AccessCertificationWorkItemId.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/CertCampaignTypeUtil.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectTypeUtil.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/SecurityPolicyUtil.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/WorkItemId.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/cases/CaseTypeUtil.java
M infra/schema/src/main/resources/xml/ns/public/common/common-core-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-model-context-3.xsd
M infra/schema/src/main/resources/xml/ns/public/common/common-security-3.xsd
M model/authentication-api/src/main/java/com/evolveum/midpoint/authentication/api/config/MidpointAuthentication.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/AbstractCredentialModuleFactory.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/ModuleWebSecurityConfigurationImpl.java
M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/AuthSequenceUtil.java
M model/authentication-impl/src/test/java/com/evolveum/midpoint/authentication/TestAuthSequenceUtil.java
M model/cases-api/src/main/java/com/evolveum/midpoint/cases/api/CaseManager.java
M model/cases-api/src/main/java/com/evolveum/midpoint/cases/api/util/QueryUtils.java
M model/cases-impl/src/main/java/com/evolveum/midpoint/cases/impl/CaseManagerImpl.java
M model/cases-impl/src/main/java/com/evolveum/midpoint/cases/impl/helpers/AuthorizationHelper.java
M model/certification-api/pom.xml
R model/certification-api/src/main/java/com/evolveum/midpoint/certification/api/AccessCertificationCaseId.java
R model/certification-api/src/main/java/com/evolveum/midpoint/certification/api/AccessCertificationWorkItemId.java
M model/certification-api/src/main/java/com/evolveum/midpoint/certification/api/CertificationManager.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertCaseOperationsHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertOpenerHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertQueryHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertReviewersHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertTimedActionTriggerHandler.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/AccCertUpdateHelper.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/CertificationManagerImpl.java
M model/certification-impl/src/main/java/com/evolveum/midpoint/certification/impl/handlers/DirectAssignmentCertificationHandler.java
M model/certification-impl/src/test/java/com/evolveum/midpoint/certification/test/AbstractCertificationTest.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelAuthorizationAction.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/authentication/GuiProfiledPrincipal.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/AssignmentPath.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/SchemaTransformer.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/correlation/CorrelationServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/LinkedObjectsFunctions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/MidpointFunctionsImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/assignments/AssignmentPathImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkSourceFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkTargetFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/AuthorizationMigrator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/GuiProfileCompiler.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/SynchronizationContext.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/sync/action/CreateCorrelationCaseAction.java
M model/model-impl/src/test/java/com/evolveum/midpoint/model/impl/security/TestGuiProfiledPrincipalManager.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/AbstractConfiguredModelIntegrationTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/AbstractEmptyModelIntegrationTest.java
A model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractEmptySecurityTest.java
A model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractInitializedSecurityTest.java
R model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/AbstractSecurityTest.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityAdvanced.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
A model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityGovernance.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityItemValues.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityMedium.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityMultitenant.java
M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityPrincipal.java
A model/model-intest/src/test/resources/security/governance/campaign-assignments-1.xml
A model/model-intest/src/test/resources/security/governance/case-request-1-role-1.xml
A model/model-intest/src/test/resources/security/governance/case-request-1-role-2.xml
A model/model-intest/src/test/resources/security/governance/case-request-1.xml
A model/model-intest/src/test/resources/security/governance/case-request-2-role-3.xml
A model/model-intest/src/test/resources/security/governance/case-request-2.xml
A model/model-intest/src/test/resources/security/governance/org-wheel.xml
A model/model-intest/src/test/resources/security/governance/role-1.xml
A model/model-intest/src/test/resources/security/governance/role-2.xml
A model/model-intest/src/test/resources/security/governance/role-3.xml
A model/model-intest/src/test/resources/security/governance/role-approver-common-parts.xml
A model/model-intest/src/test/resources/security/governance/role-approver-standard-legacy.xml
A model/model-intest/src/test/resources/security/governance/role-approver-standard-new.xml
A model/model-intest/src/test/resources/security/governance/role-approver-standard-with-candidates.xml
A model/model-intest/src/test/resources/security/governance/role-reviewer-common-parts.xml
A model/model-intest/src/test/resources/security/governance/role-reviewer-standard-legacy.xml
A model/model-intest/src/test/resources/security/governance/role-reviewer-standard-new.xml
A model/model-intest/src/test/resources/security/governance/role-super-approver-legacy.xml
A model/model-intest/src/test/resources/security/governance/user-1.xml
A model/model-intest/src/test/resources/security/governance/user-deputy1-1.xml
A model/model-intest/src/test/resources/security/governance/user-deputy1-2-1.xml
A model/model-intest/src/test/resources/security/governance/user-deputy1-2.xml
A model/model-intest/src/test/resources/security/governance/user-manager1.xml
A model/model-intest/src/test/resources/security/governance/user-manager2.xml
A model/model-intest/src/test/resources/security/governance/user-manager3.xml
A model/model-intest/src/test/resources/security/governance/user-manager4.xml
A model/model-intest/src/test/resources/security/governance/user-wheel-member1.xml
M model/model-intest/testng-integration-full.xml
M model/model-intest/testng-integration-security.xml
M model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java
R model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processes/common/SpringApplicationContextHolder.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processes/common/StageComputeHelper.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processes/itemApproval/ApprovalSchemaHelper.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/cases/CaseStageOpening.java
M model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/assignments/AbstractTestAssignmentApproval.java
M model/workflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/objects/AbstractTestObjectLifecycleApproval.java
M model/workflow-impl/src/test/resources/assignments/user-jack-deputy.xml
M model/workflow-impl/src/test/resources/assignments/user-lead1-deputy1.xml
M model/workflow-impl/src/test/resources/assignments/user-lead1-deputy2.xml
M model/workflow-impl/src/test/resources/common/041-role-approver.xml
M model/workflow-impl/src/test/resources/common/user-jack.xml
M model/workflow-impl/src/test/resources/miscellaneous/user-scrooge.xml
M model/workflow-impl/src/test/resources/objects-advanced/user-employee-owner.xml
M model/workflow-impl/src/test/resources/objects/user-pirate-owner.xml
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/ObjectSelectorMatcher.java
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java
A repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/util/AccessCertificationSupportMixin.java
A repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/util/CaseSupportMixin.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/LinkedSelectorToFilterTranslator.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorToFilterTranslator.java
M repo/repo-sqale/src/test/java/com/evolveum/midpoint/repo/sqale/func/SqaleRepoModifyObjectTest.java
M repo/repo-sqale/src/test/java/com/evolveum/midpoint/repo/sqale/func/SqaleRepoSearchTest.java
M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java
M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/TestObject.java
M repo/security-api/pom.xml
R repo/security-api/src/main/java/com/evolveum/midpoint/security/api/DelegatorWithOtherPrivilegesLimitations.java
M repo/security-api/src/main/java/com/evolveum/midpoint/security/api/MidPointPrincipal.java
A repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OtherPrivilegesLimitations.java
M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/ValueAuthorizationParameters.java
M repo/security-enforcer-impl/pom.xml
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/AuthorizationEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/AuthorizationFilterEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/EnforcerOperation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SelectorEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SelectorFilterEvaluation.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/prism/PrismValueCoverageInformation.java
M testing/rest/src/test/resources/authentication/repo/security-policy-jws-uri-wrong-alg.xml
M testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestFirstSteps.java
M testing/story/src/test/resources/first-steps/resource-opendj-220.xml
M testing/story/src/test/resources/strings/roles/role-end-user.xml
M testing/story/src/test/resources/strings/users/lechuck.xml
Log Message:
-----------
Merge remote-tracking branch 'origin/master' into feature/upgrade-process
Commit: 1efdb52650eca2c5488101b07be7f7e3d5dd1c94
https://github.com/Evolveum/midpoint/commit/1efdb52650eca2c5488101b07be7f7e3d5dd1c94
Author: Pavol Mederly <mederly at evolveum.com>
Date: 2023-06-13 (Tue, 13 Jun 2023)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/error/ConfigErrorReporter.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseFilteringContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseMatchingContext.java
R infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/MatchingTracer.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/SelectorProcessingTracer.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/OrgRelationClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/SelectorClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/SubtypeClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/TypeClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/ValueSelector.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/ModelElementContext.java
M model/model-common/src/main/java/com/evolveum/midpoint/model/common/GlobalRuleWithId.java
M model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/FunctionExpressionEvaluator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ObjectMerger.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/correlation/CorrelatorContextCreator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/LinkedObjectsFunctions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AutoAssignMappingCollector.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/PolicyRulesCollector.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkTargetFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/ObjectSet.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/ModelImplUtils.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/policy/ObjectPolicyAspectPart.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/policy/PolicyRuleBasedAspect.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/policy/ProcessSpecifications.java
M provisioning/ucf-impl-connid/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/connid/ConnIdUtil.java
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/ObjectSelectorMatcher.java
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java
A repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorMatcher.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorToFilterTranslator.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SelectorEvaluation.java
Log Message:
-----------
Improve authorization/selector code
This commit provides various code improvements:
- improved configuration error reporting for authorizations;
- added some javadocs;
- migrated RepositoryService#selectorMatches to new SelectorMatcher;
- and a couple of other ones.
Commit: 8d8e56d90f57e0b1dd3b27e1d17d7bb884183ee7
https://github.com/Evolveum/midpoint/commit/8d8e56d90f57e0b1dd3b27e1d17d7bb884183ee7
Author: Viliam Repan <vilo.repan at evolveum.com>
Date: 2023-06-13 (Tue, 13 Jun 2023)
Changed paths:
M tools/ninja/pom.xml
M tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/Action.java
M tools/ninja/src/main/java/com/evolveum/midpoint/ninja/action/DataSourceAction.java
M tools/ninja/src/main/java/com/evolveum/midpoint/ninja/impl/NinjaContext.java
M tools/ninja/src/main/java/com/evolveum/midpoint/ninja/opts/ConnectionOptions.java
M tools/ninja/src/test/java/com/evolveum/midpoint/ninja/NinjaContextTest.java
A tools/ninja/src/test/java/com/evolveum/midpoint/ninja/upgrade/UpgradeTest.java
A tools/ninja/src/test/resources/ctx-ninja-test.xml
Log Message:
-----------
MID-8842 upgrade, DB initialization test via ninja
Commit: 251580b7070d74c85356d6e3f236cb035dd2ba9a
https://github.com/Evolveum/midpoint/commit/251580b7070d74c85356d6e3f236cb035dd2ba9a
Author: Viliam Repan <vilo.repan at evolveum.com>
Date: 2023-06-13 (Tue, 13 Jun 2023)
Changed paths:
M infra/schema/src/main/java/com/evolveum/midpoint/schema/error/ConfigErrorReporter.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseFilteringContext.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/ClauseMatchingContext.java
R infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/MatchingTracer.java
A infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/eval/SelectorProcessingTracer.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/OrgRelationClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/SelectorClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/SubtypeClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/TypeClause.java
M infra/schema/src/main/java/com/evolveum/midpoint/schema/selector/spec/ValueSelector.java
M model/model-api/src/main/java/com/evolveum/midpoint/model/api/context/ModelElementContext.java
M model/model-common/src/main/java/com/evolveum/midpoint/model/common/GlobalRuleWithId.java
M model/model-common/src/main/java/com/evolveum/midpoint/model/common/expression/evaluator/FunctionExpressionEvaluator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ObjectMerger.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/correlation/CorrelatorContextCreator.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/expr/LinkedObjectsFunctions.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/focus/AutoAssignMappingCollector.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/PolicyRulesCollector.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/LinkTargetFinder.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/policy/scriptExecutor/ObjectSet.java
M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/util/ModelImplUtils.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/policy/ObjectPolicyAspectPart.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/policy/PolicyRuleBasedAspect.java
M model/workflow-impl/src/main/java/com/evolveum/midpoint/wf/impl/processors/primary/policy/ProcessSpecifications.java
M provisioning/ucf-impl-connid/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/connid/ConnIdUtil.java
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/ObjectSelectorMatcher.java
M repo/repo-api/src/main/java/com/evolveum/midpoint/repo/api/RepositoryService.java
A repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorMatcher.java
M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/query/SelectorToFilterTranslator.java
M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/SelectorEvaluation.java
Log Message:
-----------
Merge remote-tracking branch 'origin/master' into feature/upgrade-process
Compare: https://github.com/Evolveum/midpoint/compare/26b5260c8a71...251580b7070d
More information about the midPoint-svn
mailing list