package com.evolveum.midpoint.model.impl.lens.projector.credentials;
import java.util.List;
import com.evolveum.midpoint.prism.PrismContainerValue;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.security.api.SecurityUtil;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.PolicyViolationException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionAnswerType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsPolicyType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityQuestionsCredentialsType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
public class SecurityQuestionsPolicyEvaluator extends CredentialPolicyEvaluator<SecurityQuestionsCredentialsType, SecurityQuestionsCredentialsPolicyType>{
@Override
protected ItemPath getCredentialsContainerPath() {
return SchemaConstants.PATH_SECURITY_QUESTIONS;
}
@Override
protected String getCredentialHumanReadableName() {
return "security questions";
}
@Override
protected SecurityQuestionsCredentialsPolicyType determineEffectiveCredentialPolicy()
throws SchemaException {
return SecurityUtil.getEffectiveSecurityQuestionsCredentialsPolicy(getSecurityPolicy());
}
@Override
protected void validateCredentialContainerValues(
PrismContainerValue<SecurityQuestionsCredentialsType> cVal) throws PolicyViolationException,
SchemaException, ObjectNotFoundException, ExpressionEvaluationException {
SecurityQuestionsCredentialsType securityQuestions = cVal.asContainerable();
if (securityQuestions != null) {
List<SecurityQuestionAnswerType> questionAnswers = securityQuestions.getQuestionAnswer();
for (SecurityQuestionAnswerType questionAnswer : questionAnswers) {
ProtectedStringType answer = questionAnswer.getQuestionAnswer();
validateProtectedStringValue(answer);
}
}
}
}