comanage-dev - [comanage-dev] r117 - in trunk/app: . config/schema controllers libs models views/cmp_enrollment_configurations views/org_identities

Subject: COmanage Developers List

List archive

[comanage-dev] r117 - in trunk/app: . config/schema controllers libs models views/cmp_enrollment_configurations views/org_identities

From:
To:
Subject: [comanage-dev] r117 - in trunk/app: . config/schema controllers libs models views/cmp_enrollment_configurations views/org_identities
Date: Sun, 20 Nov 2011 16:27:45 -0500

Author: benno
Date: 2011-11-20 16:27:45 -0500 (Sun, 20 Nov 2011)
New Revision: 117

Modified:
trunk/app/app_controller.php
trunk/app/config/schema/schema.xml
trunk/app/controllers/cmp_enrollment_configurations_controller.php
trunk/app/controllers/co_groups_controller.php
trunk/app/controllers/cos_controller.php
trunk/app/controllers/cous_controller.php
trunk/app/controllers/org_identities_controller.php
trunk/app/controllers/standard_controller.php
trunk/app/libs/lang.php
trunk/app/models/cmp_enrollment_configuration.php
trunk/app/models/org_identity.php
trunk/app/views/cmp_enrollment_configurations/fields.inc
trunk/app/views/org_identities/fields.inc
trunk/app/views/org_identities/index.ctp
Log:
[CO-193] Add ability to link org identities to COs

Modified: trunk/app/app_controller.php
===================================================================
--- trunk/app/app_controller.php 2011-11-18 04:16:15 UTC (rev 116)
+++ trunk/app/app_controller.php 2011-11-20 21:27:45 UTC (rev 117)
@@ -180,10 +180,12 @@

if($coid > -1)
{
- // Miniature "find the Co pointer"
+ // Miniature "find the CO pointer"

if(isset($model->CoPerson))
$this->cur_co = $model->CoPerson->Co->findById($coid);
+ elseif(isset($model->CoOrgIdentityLink->CoPerson->Co))
+ $this->cur_co = $model->CoOrgIdentityLink->CoPerson->Co;
else
$this->cur_co =
$model->CoPersonRole->CoPerson->Co->findById($coid);
}
@@ -525,6 +527,8 @@
{
$redirect['action'] = 'edit';
$redirect[] = $orgiid;
+ if($co != null)
+ $redirect['co'] = $co;
$rc = 1;
}
}

Modified: trunk/app/config/schema/schema.xml
===================================================================
--- trunk/app/config/schema/schema.xml 2011-11-18 04:16:15 UTC (rev 116)
+++ trunk/app/config/schema/schema.xml 2011-11-20 21:27:45 UTC (rev 117)
@@ -97,6 +97,9 @@
<field name="organization_id" type="I">
<constraint>REFERENCES cm_organizations(id)</constraint>
</field>
+ <field name="co_id" type="I">
+ <constraint>REFERENCES cm_cos(id)</constraint>
+ </field>
<field name="created" type="T" />
<field name="modified" type="T" />
</table>
@@ -238,15 +241,6 @@
</field>
<field name="created" type="T" />
<field name="modified" type="T" />
-
- <index name="identifiers_i1">
- <col>identifier</col>
- <unique />
- </index>
- <index name="identifiers_i2">
- <col>identifier</col>
- <col>type</col>
- </index>
</table>

<table name="co_invites">
@@ -441,6 +435,7 @@
<field name="admin_require_authn" type="L" />
<field name="attrs_from_ldap" type="L" />
<field name="attrs_from_saml" type="L" />
+ <field name="pool_org_identities" type="L" />
<field name="status" type="C" size="2" />
<field name="created" type="T" />
<field name="modified" type="T" />

Modified: trunk/app/controllers/cmp_enrollment_configurations_controller.php
===================================================================
--- trunk/app/controllers/cmp_enrollment_configurations_controller.php
2011-11-18 04:16:15 UTC (rev 116)
+++ trunk/app/controllers/cmp_enrollment_configurations_controller.php
2011-11-20 21:27:45 UTC (rev 117)
@@ -25,6 +25,9 @@
// Class name, used by Cake
var $name = "CmpEnrollmentConfigurations";

+ // When using additional controllers, we must also specify our own
+ var $uses = array('CmpEnrollmentConfiguration', 'OrgIdentity');
+
// Cake Components used by this Controller
var $components = array('RequestHandler', // For REST
'Security',
@@ -59,6 +62,63 @@
$this->set('cmp_ef_attribute_order',
$this->CmpEnrollmentConfiguration->getStandardAttributeOrder());
}

+ function checkWriteFollowups($curdata = null)
+ {
+ // Perform any followups following a write operation. Note that if
this
+ // method fails, it must return a warning or REST response, but that
the
+ // overall transaction is still considered a success (add/edit is not
+ // rolled back).
+ // This method is intended to be overridden by model-specific
controllers.
+ //
+ // Parameters:
+ // - For edit operations, $curdata will hold current data
+ //
+ // Preconditions:
+ // (1) $this->data holds request data
+ //
+ // Postconditions:
+ // (1) Session flash message updated (HTML) or HTTP status returned
(REST) on error
+ //
+ // Returns:
+ // - true if followup checks succeed, false otherwise.
+
+ if($this->action == 'edit')
+ {
+ // Check to see if the pool org identities setting has been changed,
and
+ // if so perform the appropriate updates. At the moment, we only do
this
+ // on edit and not add since when we add the one and only CMP
enrollment
+ // config there are no existing org identities.
+
+ if(isset($curdata)
+ && ($curdata['CmpEnrollmentConfiguration']['pool_org_identities']
+ !=
$this->data['CmpEnrollmentConfiguration']['pool_org_identities']))
+ {
+
if($this->data['CmpEnrollmentConfiguration']['pool_org_identities'])
+ {
+ // Enable pooling
+
+ if(!$this->OrgIdentity->pool())
+ {
+ $this->Session->setFlash(_txt('er.orgp.pool'), '', array(),
'info');
+ return(false);
+ }
+ }
+ else
+ {
+ // Disable pooling
+
+ if(!$this->OrgIdentity->unpool())
+ {
+ $this->Session->setFlash(_txt('er.orgp.unpool'), '', array(),
'info');
+ return(false);
+ }
+ }
+ }
+ }
+
+ return(true);
+ }
+
function isAuthorized()
{
// Authorization for this Controller, called by Auth component

Modified: trunk/app/controllers/co_groups_controller.php
===================================================================
--- trunk/app/controllers/co_groups_controller.php 2011-11-18 04:16:15
UTC (rev 116)
+++ trunk/app/controllers/co_groups_controller.php 2011-11-20 21:27:45
UTC (rev 117)
@@ -97,7 +97,7 @@
return(true);
}

- function checkWriteFollowups()
+ function checkWriteFollowups($curdata = null)
{
// Perform any followups following a write operation. Note that if
this
// method fails, it must return a warning or REST response, but that
the
@@ -106,7 +106,7 @@
// This method is intended to be overridden by model-specific
controllers.
//
// Parameters:
- // None
+ // - For edit operations, $curdata will hold current data
//
// Preconditions:
// (1) $this->data holds request data
@@ -115,7 +115,7 @@
// (1) Session flash message updated (HTML) or HTTP status returned
(REST) on error
//
// Returns:
- // - true if dependency checks succeed, false otherwise.
+ // - true if followup checks succeed, false otherwise.

// Add the co person as owner/member of the new group, but only via
HTTP

Modified: trunk/app/controllers/cos_controller.php
===================================================================
--- trunk/app/controllers/cos_controller.php 2011-11-18 04:16:15 UTC (rev
116)
+++ trunk/app/controllers/cos_controller.php 2011-11-20 21:27:45 UTC (rev
117)
@@ -123,7 +123,7 @@
return(true);
}

- function checkWriteFollowups()
+ function checkWriteFollowups($curdata = null)
{
// Perform any followups following a write operation. Note that if
this
// method fails, it must return a warning or REST response, but that
the
@@ -132,7 +132,7 @@
// This method is intended to be overridden by model-specific
controllers.
//
// Parameters:
- // None
+ // - For edit operations, $curdata will hold current data
//
// Preconditions:
// (1) $this->data holds request data
@@ -141,7 +141,7 @@
// (1) Session flash message updated (HTML) or HTTP status returned
(REST) on error
//
// Returns:
- // - true if dependency checks succeed, false otherwise.
+ // - true if followup checks succeed, false otherwise.

// Create an admin Group for the new CO. As of now, we don't try to
populate
// it with the current user, since it may not be desirable for the
current

Modified: trunk/app/controllers/cous_controller.php
===================================================================
--- trunk/app/controllers/cous_controller.php 2011-11-18 04:16:15 UTC (rev
116)
+++ trunk/app/controllers/cous_controller.php 2011-11-20 21:27:45 UTC (rev
117)
@@ -166,7 +166,7 @@
return(true);
}

- function checkWriteFollowups()
+ function checkWriteFollowups($curdata = null)
{
// Perform any followups following a write operation. Note that if
this
// method fails, it must return a warning or REST response, but that
the
@@ -175,7 +175,7 @@
// This method is intended to be overridden by model-specific
controllers.
//
// Parameters:
- // None
+ // - For edit operations, $curdata will hold current data
//
// Preconditions:
// (1) $this->data holds request data
@@ -184,7 +184,7 @@
// (1) Session flash message updated (HTML) or HTTP status returned
(REST) on error
//
// Returns:
- // - true if dependency checks succeed, false otherwise.
+ // - true if followup checks succeed, false otherwise.

// Create an admin Group for the new COU. As of now, we don't try to
populate
// it with the current user, since it may not be desirable for the
current

Modified: trunk/app/controllers/org_identities_controller.php
===================================================================
--- trunk/app/controllers/org_identities_controller.php 2011-11-18 04:16:15
UTC (rev 116)
+++ trunk/app/controllers/org_identities_controller.php 2011-11-20 21:27:45
UTC (rev 117)
@@ -25,6 +25,9 @@
// Class name, used by Cake
var $name = "OrgIdentities";

+ // When using additional controllers, we must also specify our own
+ var $uses = array('OrgIdentity', 'CmpEnrollmentConfiguration');
+
// Cake Components used by this Controller
var $components = array('RequestHandler', // For REST
'Security',
@@ -63,6 +66,61 @@
$this->set('organizations',
$this->OrgIdentity->Organization->find('all'));
}

+ function beforeFilter()
+ {
+ // Callback before other controller methods are invoked or views are
rendered.
+ //
+ // Parameters:
+ // None
+ //
+ // Preconditions:
+ // None
+ //
+ // Postconditions:
+ // (1) Parent called
+ //
+ // Returns:
+ // Nothing
+
+ // This controller may or may not require a CO, depending on how
+ // the CMP Enrollment Configuration is set up. Check and adjust before
+ // beforeFilter is called.
+
+ $pool = $this->CmpEnrollmentConfiguration->orgIdentitiesPooled();
+
+ if(!$pool)
+ {
+ $this->requires_co = true;
+
+ // Associate the CO model
+ $this->OrgIdentity->bindModel(array('belongsTo' => array('Co')));
+ }
+
+ // The views will also need this
+ $this->set('pool_org_identities', $pool);
+
+ parent::beforeFilter();
+ }
+
+ function beforeRender()
+ {
+ // Callback after controller methods are invoked but before views are
rendered.
+ //
+ // Parameters:
+ // None
+ //
+ // Preconditions:
+ // (1) Request Handler component has set $this->params and/or
$this->data
+ //
+ // Postconditions:
+ // (1) If a CO must be specifed, a named parameter may be set.
+ //
+ // Returns:
+ // Nothing
+
+ $this->set('cmp_ef_attribute_order',
$this->CmpEnrollmentConfiguration->getStandardAttributeOrder());
+ }
+
function checkDeleteDependencies($curdata)
{
// Perform any dependency checks required prior to a delete operation.
@@ -298,7 +356,9 @@
//$this->Session->setFlash('"' . generateCn($this->data['Name']) . '"
Added', '', array(), 'success');

if($this->action == 'add')
- $this->redirect(array('action' => 'edit', $this->OrgIdentity->id));
+ $this->redirect(array('action' => 'edit',
+ $this->OrgIdentity->id,
+ 'co' =>
(isset($this->viewVars['cur_co']['Co']['id']) ?
$this->viewVars['cur_co']['Co']['id'] : false)));
else
parent::performRedirect();
}

Modified: trunk/app/controllers/standard_controller.php
===================================================================
--- trunk/app/controllers/standard_controller.php 2011-11-18 04:16:15
UTC (rev 116)
+++ trunk/app/controllers/standard_controller.php 2011-11-20 21:27:45
UTC (rev 117)
@@ -165,7 +165,7 @@
return(true);
}

- function checkWriteFollowups()
+ function checkWriteFollowups($curdata = null)
{
// Perform any followups following a write operation. Note that if
this
// method fails, it must return a warning or REST response, but that
the
@@ -174,7 +174,7 @@
// This method is intended to be overridden by model-specific
controllers.
//
// Parameters:
- // None
+ // - For edit operations, $curdata will hold current data
//
// Preconditions:
// (1) $this->data holds request data
@@ -183,7 +183,7 @@
// (1) Session flash message updated (HTML) or HTTP status returned
(REST) on error
//
// Returns:
- // - true if dependency checks succeed, false otherwise.
+ // - true if followup checks succeed, false otherwise.

return(true);
}
@@ -389,7 +389,7 @@

if($model->saveAll($this->data))
{
- if(!$this->checkWriteFollowups())
+ if(!$this->checkWriteFollowups($curdata))
{
if(!$this->restful)
$this->performRedirect();
@@ -402,7 +402,7 @@
else
{
// Redirect to index view
-
+
$this->Session->setFlash(_txt('rs.updated',
array(Sanitize::html($this->generateDisplayKey()))), '', array(), 'success');
$this->performRedirect();
}

Modified: trunk/app/libs/lang.php
===================================================================
--- trunk/app/libs/lang.php 2011-11-18 04:16:15 UTC (rev 116)
+++ trunk/app/libs/lang.php 2011-11-20 21:27:45 UTC (rev 117)
@@ -189,7 +189,9 @@
'er.notprov.id' => '%1$s ID Not Provided',
'er.reply.unk' => 'Unknown Reply',
'er.orgp.nomail' => '%1$s (Org Identity %2$s) has no known email
address.<br />Add an email address and then resend the invitation.',
+ 'er.orgp.pool' => 'Failed to pool organizational identities',
'er.orgp.unk-a' => 'Unknown Org Identity "%1$s"',
+ 'er.orgp.unpool' => 'Failed to unpool organizational identities',

// Fields
'fd.actions' => 'Actions',
@@ -237,6 +239,10 @@
'fd.ef.noep.desc' => 'Email address to notify upon execution of early
provisioning',
'fd.ef.nop' => 'Notify On Provisioning',
'fd.ef.nop.desc' => 'Email address to notify upon execution of
provisioning',
+ 'fd.ef.pool' => 'Pool Organizational Identities',
+ 'fd.ef.pool.desc' => 'If pooling is enabled, organizational identities
-- as well as any attributes released by IdPs -- will be made available to
all COs, regardless of which CO enrollment flows added them',
+ 'fd.ef.pool.on.warn' => 'Enabling pooling will delete any existing links
between organizational identities and the COs which created them (when you
click Save). This operation cannot be undone.',
+ 'fd.ef.pool.off.warn' => 'Disabling pooling will duplicate any
organizational identities used by more than one CO (when you click Save).
This operation cannot be undone.',
'fd.ef.px' => 'Provisioning Executable',
'fd.ef.px.desc' => 'Executable to call to initiate user provisioning',
'fd.ef.saml' => 'Enable SAML Attribute Extraction',

Modified: trunk/app/models/cmp_enrollment_configuration.php
===================================================================
--- trunk/app/models/cmp_enrollment_configuration.php 2011-11-18 04:16:15
UTC (rev 116)
+++ trunk/app/models/cmp_enrollment_configuration.php 2011-11-20 21:27:45
UTC (rev 117)
@@ -23,6 +23,9 @@
// Define class name for cake
var $name = "CmpEnrollmentConfiguration";

+ // Add behaviors
+ var $actsAs = array('Containable');
+
// Association rules from this model to other models
var $hasMany = array("CmpEnrollmentAttribute" => // A CMP Enrollment
Configuration has many CMP Enrollment Attributes
array('dependent' => true));
@@ -215,5 +218,34 @@
'assoc' => $address_assoc)
));
}
+
+ function orgIdentitiesPooled()
+ {
+ // Determine if organizational identities are pooled in the default
+ // (ie: active) CMP Enrollment Configuration for this platform.
+ //
+ // Parameters:
+ // None
+ //
+ // Preconditions:
+ // (1) Initial setup (performed by select()) has been completed
+ //
+ // Postconditions:
+ // None
+ //
+ // Returns:
+ // - True if org identities are pooled, false otherwise.
+
+ $r = $this->find('first',
+ array('conditions' =>
+ array('CmpEnrollmentConfiguration.name' => 'CMP
Enrollment Configuration',
+ 'CmpEnrollmentConfiguration.status' =>
StatusEnum::Active),
+ // We don't need to pull attributes, just the
configuration
+ 'contain' => false,
+ 'fields' =>
+
array('CmpEnrollmentConfiguration.pool_org_identities')));
+
+ return($r['CmpEnrollmentConfiguration']['pool_org_identities']);
+ }
}
?>
\ No newline at end of file

Modified: trunk/app/models/org_identity.php
===================================================================
--- trunk/app/models/org_identity.php 2011-11-18 04:16:15 UTC (rev 116)
+++ trunk/app/models/org_identity.php 2011-11-20 21:27:45 UTC (rev 117)
@@ -60,5 +60,182 @@
// 'ou'
// 'title'
);
+
+ function duplicate($orgId, $coId)
+ {
+ // Duplicate an Organizational Identity, including all of its related
+ // (has one/has many) models.
+ //
+ // Parameters:
+ // - orgId: Identifier of Org Identity to duplicate.
+ // - coId: CO to attach duplicate Org Identity to.
+ //
+ // Preconditions:
+ // None
+ //
+ // Postconditions:
+ // (1) Duplicate identity created.
+ //
+ // Returns:
+ // - New Org Identity ID if successful, -1 otherwise.
+
+ $ret = -1;
+
+ // We need deep recursion to pull the various related models. Track
the previous
+ // value so we can reset it after the find.
+ $oldRecursive = $this->recursive;
+ $this->recursive = 2;
+
+ $src = $this->findById($orgId);
+
+ $this->recursive = $oldRecursive;
+
+ // Construct a new OrgIdentity explicitly copying the pieces we want
(so as to
+ // avoid any random cruft that recursive=2 happens to pull with it).
+
+ $new = array();
+
+ foreach(array_keys($src['OrgIdentity']) as $k)
+ {
+ // Copy most fields
+
+ if($k != 'id' && $k != 'co_id' && $k != 'created' && $k !=
'modified')
+ $new['OrgIdentity'][$k] = $src['OrgIdentity'][$k];
+ }
+
+ // Set the CO ID
+ $new['OrgIdentity']['co_id'] = $coId;
+
+ // Copy most fields from most dependent models.
+
+ foreach(array_keys($this->hasOne) as $m)
+ {
+ if($this->hasOne[$m]['dependent'])
+ {
+ foreach(array_keys($src[$m]) as $k)
+ {
+ if($k != 'id' && $k != 'created' && $k != 'modified')
+ $new[$m][$k] = $src[$m][$k];
+ }
+ }
+ }
+
+ foreach(array_keys($this->hasMany) as $m)
+ {
+ if($this->hasMany[$m]['dependent'] && $m != 'CoPetition')
+ {
+ foreach(array_keys($src[$m]) as $k)
+ {
+ if($k != 'id' && $k != 'created' && $k != 'modified')
+ $new[$m][$k] = $src[$m][$k];
+ }
+ }
+ }
+
+ $this->create();
+ $this->saveAll($new);
+ $ret = $this->id;
+
+ return($ret);
+ }
+
+ function pool()
+ {
+ // Pool Organizational Identities. This will delete all links from Org
Identities
+ // to COs. No attempt is made to delete duplicate identities that may
result from
+ // this operation. This operation cannot be undone.
+ //
+ // Parameters:
+ // None
+ //
+ // Preconditions:
+ // (1) Organizational Identities are not pooled.
+ //
+ // Postconditions:
+ // (1) co_id values for Org Identities are deleted.
+ //
+ // Returns:
+ // - True if successful, false otherwise.
+
+ return($this->updateAll(array('OrgIdentity.co_id' => null)));
+ }
+
+ function unpool()
+ {
+ // Unpool Organizational Identities. This will link organizational
identities
+ // to the COs which use them. If an Org Identity is referenced by more
than
+ // one CO, it will be duplicated.
+ //
+ // Parameters:
+ // None
+ //
+ // Preconditions:
+ // (1) Organizational Identities are pooled.
+ //
+ // Postconditions:
+ // (1) co_id values for Org Identities are assigned. If necessary, org
+ // identities will be duplicated.
+ //
+ // Returns:
+ // - True if successful, false otherwise.
+
+ // Retrieve all CO/Org Identity Links.
+
+ $links = $this->CoOrgIdentityLink->find('all');
+
+ // For each retrieved record, find the CO ID for the CO Identity and
+ // attach it to the Org Identity.
+
+ foreach($links as $l)
+ {
+ $coId = $l['CoPerson']['co_id'];
+ $orgId = $l['CoOrgIdentityLink']['org_identity_id'];
+
+ // Get the latest version of the Org Identity, even though it's
available
+ // in $links
+
+ $o = $this->findById($orgId);
+
+ if(!isset($o['OrgIdentity']['co_id']) || !$o['OrgIdentity']['co_id'])
+ {
+ // co_id not yet set (ie: this org_identity is not yet linked to a
CO),
+ // so we can just update this record
+
+ $this->id = $orgId;
+ // Use co_id here and NOT OrgIdentity.co_id (per the docs)
+ $this->saveField('co_id', $coId);
+ }
+ else
+ {
+ // We've previously seen this org identity. First check to see if
we've
+ // attached it to the same CO. (This shouldn't really happen since
it
+ // implies the same person was added twice to the same CO.) If so,
there's
+ // nothing to do.
+
+ if($o['OrgIdentity']['co_id'] != $coId)
+ {
+ // Not the same CO. We need to duplicate the OrgIdentity
(including all
+ // of it's dependent attributes like identifiers) and relink to
the newly
+ // created identity.
+
+ $newOrgId = $this->duplicate($orgId, $coId);
+
+ if($newOrgId != -1)
+ {
+ // Update CoOrgIdentityLink
+
+ $this->CoOrgIdentityLink->id = $l['CoOrgIdentityLink']['id'];
+ $this->CoOrgIdentityLink->saveField('org_identity_id',
$newOrgId);
+ }
+ else
+ {
+ return(false);
+ }
+ }
+ }
+ }
+
+ return(true);
+ }
}
?>
\ No newline at end of file

Modified: trunk/app/views/cmp_enrollment_configurations/fields.inc
===================================================================
--- trunk/app/views/cmp_enrollment_configurations/fields.inc 2011-11-18
04:16:15 UTC (rev 116)
+++ trunk/app/views/cmp_enrollment_configurations/fields.inc 2011-11-20
21:27:45 UTC (rev 117)
@@ -31,6 +31,37 @@
?>
<script type="text/javascript">

+ // Keep track of the initial state of the pool setting so we know if we
need to pop up a warning
+ var pool_check_init_state = 0;
+
+ function confirm_pool_state_swap()
+ {
+ // Display a warning when swapping pool state to <on>.
+
+ // Set the title of the dialog
+ $("#dialog").dialog("option", "title", "<?php echo _txt('fd.ef.pool');
?>");
+
+ // Set the body of the dialog
+
if(document.getElementById('CmpEnrollmentConfigurationPoolOrgIdentities').checked)
{
+ $("#dialog-text").text("<?php echo _txt('fd.ef.pool.on.warn'); ?>");
+ } else {
+ $("#dialog-text").text("<?php echo _txt('fd.ef.pool.off.warn'); ?>");
+ }
+
+ // Set the dialog buttons
+ $("#dialog").dialog("option",
+ "buttons",
+ {
+ "<?php echo _txt('op.ok'); ?>": function() {
$(this).dialog("close"); }
+ });
+
+ // Open the dialog, but only if we're switching away from the original
state
+ if(pool_check_init_state !=
+
document.getElementById('CmpEnrollmentConfigurationPoolOrgIdentities').checked)
{
+ $('#dialog').dialog('open');
+ }
+ }
+
function fields_update_gadgets()
{
// Enable or disable gadgets according to current state
@@ -85,6 +116,8 @@
{
// Local (to this view) initializations

+ pool_check_init_state =
document.getElementById('CmpEnrollmentConfigurationPoolOrgIdentities').checked;
+
fields_update_gadgets();
}
</script>
@@ -179,6 +212,17 @@
:
Sanitize::html($cmp_enrollment_configurations[0]['CmpEnrollmentConfiguration']['attrs_from_saml']));
?>
</td>
</tr>
+ <tr class="line2">
+ <td>
+ <b><?php print _txt('fd.ef.pool'); ?></b><br />
+ <font class="desc"><?php print _txt('fd.ef.pool.desc'); ?></font>
+ </td>
+ <td>
+ <?php print ($e
+ ? $this->Form->input('pool_org_identities',
array('onClick' => 'confirm_pool_state_swap()'))
+ :
Sanitize::html($cmp_enrollment_configurations[0]['CmpEnrollmentConfiguration']['pool_org_identities']));
?>
+ </td>
+ </tr>
</tbody>
</table>
</div>

Modified: trunk/app/views/org_identities/fields.inc
===================================================================
--- trunk/app/views/org_identities/fields.inc 2011-11-18 04:16:15 UTC (rev
116)
+++ trunk/app/views/org_identities/fields.inc 2011-11-20 21:27:45 UTC (rev
117)
@@ -33,12 +33,24 @@
return(false);

if($e)
+ {
echo $html->link(_txt('op.back'),
- array('controller' => 'org_identities', 'action' =>
'index'),
+ array('controller' => 'org_identities',
+ 'action' => 'index',
+ 'co' => ($pool_org_identities ? false :
$cur_co['Co']['id'])),
array('class' => 'cancelbutton'));
+
+ // Populate CO ID if approporiate
+
+ if(!$pool_org_identities)
+ echo $this->Form->hidden('OrgIdentity.co_id',
+ array('default' => $cur_co['Co']['id'])).
"\n";
+ }
else
echo $this->Html->link(_txt('op.back'),
- array('controller' => 'org_identities', 'action'
=> 'index'),
+ array('controller' => 'org_identities',
+ 'action' => 'index',
+ 'co' => ($pool_org_identities ? false :
$cur_co['Co']['id'])),
array('class' => 'backbutton')) . '
';
?>
@@ -61,85 +73,100 @@
?>
<table id="<?php print $this->action; ?>_org_identity" class="ui-widget">
<tbody>
- <?php foreach ($cmp_ef_attribute_order as $f): ?>
- <?php
- // Find this attribute in the CMP enrollment flow configuration
- $a = find_ef_attribute($cmp_ef_attributes['CmpEnrollmentAttribute'],
$f['attr'], $f['type']);
-
- // Skip this one if not found or not permitted
- if(!$a || $a['required'] == RequiredEnum::NotPermitted)
- continue;
-
- // Convert table:column into usable bits
- if(preg_match('/:/', $f['attr']))
- {
- $attr = preg_split('/:/', $f['attr'], 2);
- $m = Inflector::classify($attr[0]); // names -> Name
-
- // Associated models must be referenced as Model.0.field for HABTM,
- // or Model.field for HasOne
- if(isset($f['assoc']) && $f['assoc'] != 'hasone')
- $d = '.0.';
- else
- $d = '.';
-
- $fattr = $m.$d.$attr[1];
-
- // Create hidden fields for associated models
-
- if(!isset($emitted[$m]))
- {
- print $this->Form->hidden($m.$d.'id');
- print $this->Form->hidden($m.$d.'type', array('default' =>
$f['type']));
-
- $emitted[$m] = true;
- }
- }
- else
- {
- // Set up matching array
- $attr[0] = 'org_identities';
- $attr[1] = $f['attr'];
- $m = Inflector::classify($attr[0]); // names -> Name
- $fattr = $attr[1];
- }
- ?>
- <tr class="line<?php print ($l % 2); $l++; ?>">
+ <tr class="line1">
<td>
<?php
- print $f['label'];
-
- if($a['required'] == RequiredEnum::Required)
- print '<font class="required">*</font>';
-
- if($e && isset($f['desc']))
- print " " . $f['desc'];
+ echo _txt('fd.name.h');
+
+ if($e)
+ echo " " . _txt('fd.name.h.desc');
?>
</td>
<td>
<?php
- if(isset($f['select']))
- {
- // Render a select element
-
- print ($e ? $this->Form->select($fattr,
- $f['select']['options'],
- (isset($org_identities[0][$m][
$attr[1] ])
- ? $org_identities[0][$m][
$attr[1] ]
- : $f['select']['default']),
- array('empty' => false))
- : Sanitize::html($org_identities[0][$m][ $attr[1] ]));
- }
- else
- {
- // Use default rendering
-
- print ($e ? $this->Form->input($fattr) :
Sanitize::html($org_identities[0][$m][ $attr[1] ]));
- }
+ echo $this->Form->hidden('Name.id');
+ echo $this->Form->hidden('Name.type', array('default' => 'O'));
+ echo ($e ? $this->Form->input('Name.honorific') :
Sanitize::html($org_identities[0]['Name']['honorific']));
?>
- </td>
- </tr>
- <?php endforeach; ?>
+ </td>
+ </tr>
+ <tr class="line2">
+ <td>
+ <?php echo _txt('fd.name.g'); ?><font class="required">*</font>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('Name.given') :
Sanitize::html($org_identities[0]['Name']['given'])); ?>
+ </td>
+ </tr>
+ <tr class="line1">
+ <td>
+ <?php echo _txt('fd.name.m'); ?>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('Name.middle') :
Sanitize::html($org_identities[0]['Name']['middle'])); ?>
+ </td>
+ <tr class="line2">
+ <td>
+ <?php echo _txt('fd.name.f'); ?>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('Name.family') :
Sanitize::html($org_identities[0]['Name']['family'])); ?>
+ </td>
+ </tr>
+ <tr class="line1">
+ <td>
+ <?php
+ echo _txt('fd.name.s');
+
+ if($e)
+ echo " " . _txt('fd.name.s.desc');
+ ?>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('Name.suffix') :
Sanitize::html($org_identities[0]['Name']['suffix'])); ?>
+ </td>
+ </tr>
+ <tr class="line2">
+ <td>
+ <?php echo _txt('fd.affiliation'); ?><font class="required">*</font>
+ </td>
+ <td>
+ <?php
+ global $cm_lang, $cm_texts;
+
+ echo ($e ? $this->Form->select('edu_person_affiliation',
+ $cm_texts[ $cm_lang ]['en.affil'],
+
(isset($org_identities[0]['OrgIdentity']['edu_person_affiliation'])
+ ?
$org_identities[0]['OrgIdentity']['edu_person_affiliation']
+ : "member"),
+ array('empty' => false))
+ :
Sanitize::html($org_identities[0]['OrgIdentity']['edu_person_affiliation']));
?>
+ </td>
+ </tr>
+ <tr class="line1">
+ <td>
+ <?php echo _txt('fd.title'); ?>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('title') :
Sanitize::html($org_identities[0]['OrgIdentity']['title'])); ?>
+ </td>
+ </tr>
+ <tr class="line2">
+ <td>
+ <?php echo _txt('fd.o'); ?>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('o') :
Sanitize::html($org_identities[0]['OrgIdentity']['o'])); ?>
+ </td>
+ </tr>
+ <tr class="line1">
+ <td>
+ <?php echo _txt('fd.ou'); ?>
+ </td>
+ <td>
+ <?php echo ($e ? $this->Form->input('ou') :
Sanitize::html($org_identities[0]['OrgIdentity']['ou'])); ?>
+ </td>
+ </tr>
<?php if($this->action != "add"): ?>
<tr class="line<?php print ($l % 2); $l++; ?>">
<td>
@@ -154,17 +181,26 @@
foreach($org_identities[0]['Identifier'] as $id)
{
// XXX we already checked for $permissions['edit'], but not
['delete']... should we?
- print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($id['identifier'])) . '\', \'' .
$html->url(array('controller' => 'identifiers', 'action' => 'delete',
$id['id'])) . '\')";>' . _txt('op.delete') . '</a>' . "\n";
+ print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($id['identifier'])) . '\', \'' .
$html->url(array('controller' => 'identifiers', 'action' => 'delete',
$id['id'], 'co' => ($pool_org_identities ? false : $cur_co['Co']['id']))) .
'\')";>' . _txt('op.delete') . '</a>' . "\n";
print $html->link(_txt('op.edit'),
- array('controller' => 'identifiers',
'action' => 'edit', $id['id']),
+ array('controller' => 'identifiers',
+ 'action' => 'edit',
+ $id['id'],
+ 'co' => ($pool_org_identities ?
false : $cur_co['Co']['id'])),
array('class' => 'editbutton')) . "\n";
- print $html->link($id['identifier'], array('controller' =>
'identifiers', 'action' => 'edit', $id['id']));
+ print $html->link($id['identifier'], array('controller' =>
'identifiers',
+ 'action' =>
'edit',
+ $id['id'],
+ 'co' =>
($pool_org_identities ? false : $cur_co['Co']['id'])));
print " (" . _txt('en.identifier', null, $id['type']) .
")<br />\n";
}
}

print $html->link(_txt('op.add'),
- array('controller' => 'identifiers', 'action'
=> 'add', 'orgidentityid' => $org_identities[0]['OrgIdentity']['id']),
+ array('controller' => 'identifiers',
+ 'action' => 'add',
+ 'orgidentityid' =>
$org_identities[0]['OrgIdentity']['id'],
+ 'co' => ($pool_org_identities ? false :
$cur_co['Co']['id'])),
array('class' => 'addbutton'));
}
else
@@ -189,17 +225,26 @@
foreach($org_identities[0]['EmailAddress'] as $ea)
{
// XXX we already checked for $permissions['edit'], but not
['delete']... should we?
- print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($ea['mail'])) . '\', \'' . $html->url(array('controller'
=> 'email_addresses', 'action' => 'delete', $ea['id'])) . '\')";>' .
_txt('op.delete') .'</a>' . "\n";
+ print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($ea['mail'])) . '\', \'' . $html->url(array('controller'
=> 'email_addresses', 'action' => 'delete', $ea['id'], 'co' =>
($pool_org_identities ? false : $cur_co['Co']['id']))) . '\')";>' .
_txt('op.delete') .'</a>' . "\n";
print $html->link(_txt('op.edit'),
- array('controller' => 'email_addresses',
'action' => 'edit', $ea['id']),
+ array('controller' => 'email_addresses',
+ 'action' => 'edit',
+ $ea['id'],
+ 'co' => ($pool_org_identities ?
false : $cur_co['Co']['id'])),
array('class' => 'editbutton')) . "\n";
- print $html->link($ea['mail'], array('controller' =>
'email_addresses', 'action' => 'edit', $ea['id']));
+ print $html->link($ea['mail'], array('controller' =>
'email_addresses',
+ 'action' => 'edit',
+ $ea['id'],
+ 'co' =>
($pool_org_identities ? false : $cur_co['Co']['id'])));
print " (" . _txt('en.contact', null, $ea['type']) . ")<br
/>\n";
}
}

print $html->link(_txt('op.add'),
- array('controller' => 'email_addresses',
'action' => 'add', 'orgidentityid' =>
$org_identities[0]['OrgIdentity']['id']),
+ array('controller' => 'email_addresses',
+ 'action' => 'add',
+ 'orgidentityid' =>
$org_identities[0]['OrgIdentity']['id'],
+ 'co' => ($pool_org_identities ? false :
$cur_co['Co']['id'])),
array('class' => 'addbutton'));
}
else
@@ -224,17 +269,26 @@
foreach($org_identities[0]['TelephoneNumber'] as $t)
{
// XXX we already checked for $permissions['edit'], but not
['delete']... should we?
- print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($t['number'])) . '\', \'' .
$html->url(array('controller' => 'telephone_numbers', 'action' => 'delete',
$t['id'])) . '\')";>' . _txt('op.delete') .'</a>' . "\n";
+ print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($t['number'])) . '\', \'' .
$html->url(array('controller' => 'telephone_numbers', 'action' => 'delete',
$t['id'], 'co' => ($pool_org_identities ? false : $cur_co['Co']['id']))) .
'\')";>' . _txt('op.delete') .'</a>' . "\n";
print $html->link(_txt('op.edit'),
- array('controller' => 'telephone_numbers',
'action' => 'edit', $t['id']),
+ array('controller' => 'telephone_numbers',
+ 'action' => 'edit',
+ $t['id'],
+ 'co' => ($pool_org_identities ?
false : $cur_co['Co']['id'])),
array('class' => 'editbutton')) . "\n";
- print $html->link($t['number'], array('controller' =>
'telephone_numbers', 'action' => 'edit', $t['id']));
+ print $html->link($t['number'], array('controller' =>
'telephone_numbers',
+ 'action' => 'edit',
+ $t['id'],
+ 'co' =>
($pool_org_identities ? false : $cur_co['Co']['id'])));
print " (" . _txt('en.contact', null, $t['type']) . ")<br
/>\n";
}
}

print $html->link(_txt('op.add'),
- array('controller' => 'telephone_numbers',
'action' => 'add', 'orgidentityid' =>
$org_identities[0]['OrgIdentity']['id']),
+ array('controller' => 'telephone_numbers',
+ 'action' => 'add',
+ 'orgidentityid' =>
$org_identities[0]['OrgIdentity']['id'],
+ 'co' => ($pool_org_identities ? false :
$cur_co['Co']['id'])),
array('class' => 'addbutton'));
}
else
@@ -259,17 +313,23 @@
foreach($org_identities[0]['Address'] as $addr)
{
// XXX we already checked for $permissions['edit'], but not
['delete']... should we?
- print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($addr['line1'])) . '\', \'' .
$html->url(array('controller' => 'addresses', 'action' => 'delete',
$addr['id'])) . '\')";>' . _txt('op.delete') .'</a>' . "\n";
+ print '<a class="deletebutton" title="' . _txt('op.delete')
.'" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html($addr['line1'])) . '\', \'' .
$html->url(array('controller' => 'addresses', 'action' => 'delete',
$addr['id'], 'co' => ($pool_org_identities ? false : $cur_co['Co']['id']))) .
'\')";>' . _txt('op.delete') .'</a>' . "\n";
print $html->link(_txt('op.edit'),
- array('controller' => 'addresses',
'action' => 'edit', $addr['id']),
+ array('controller' => 'addresses',
+ 'action' => 'edit',
+ $addr['id'],
+ 'co' => ($pool_org_identities ?
false : $cur_co['Co']['id'])),
array('class' => 'editbutton')) . "\n";
- print $html->link($addr['line1'], array('controller' =>
'addresses', 'action' => 'edit', $addr['id']));
+ print $html->link($addr['line1'], array('controller' =>
'addresses',
+ 'action' => 'edit',
+ $addr['id'],
+ 'co' =>
($pool_org_identities ? false : $cur_co['Co']['id'])));
print " (" . _txt('en.contact', null, $addr['type']) . ")<br
/>\n";
}
}

print $html->link(_txt('op.add'),
- array('controller' => 'addresses', 'action' =>
'add', 'orgidentityid' => $org_identities[0]['OrgIdentity']['id']),
+ array('controller' => 'addresses', 'action' =>
'add', 'orgidentityid' => $org_identities[0]['OrgIdentity']['id'], 'co' =>
($pool_org_identities ? false : $cur_co['Co']['id'])),
array('class' => 'addbutton'));
}
else
@@ -294,4 +354,85 @@
</td>
</tr>
</tbody>
-</table>
\ No newline at end of file
+</table>
+<?php if(0): ?>
+ <?php foreach ($cmp_ef_attribute_order as $f): ?>
+ <?php
+ // Find this attribute in the CMP enrollment flow configuration
+ $a = find_ef_attribute($cmp_ef_attributes['CmpEnrollmentAttribute'],
$f['attr'], $f['type']);
+
+ // Skip this one if not found or not permitted
+ if(!$a || $a['required'] == RequiredEnum::NotPermitted)
+ continue;
+
+ // Convert table:column into usable bits
+ if(preg_match('/:/', $f['attr']))
+ {
+ $attr = preg_split('/:/', $f['attr'], 2);
+ $m = Inflector::classify($attr[0]); // names -> Name
+
+ // Associated models must be referenced as Model.0.field for HABTM,
+ // or Model.field for HasOne
+ if(isset($f['assoc']) && $f['assoc'] != 'hasone')
+ $d = '.0.';
+ else
+ $d = '.';
+
+ $fattr = $m.$d.$attr[1];
+
+ // Create hidden fields for associated models
+
+ if(!isset($emitted[$m]))
+ {
+ print $this->Form->hidden($m.$d.'id');
+ print $this->Form->hidden($m.$d.'type', array('default' =>
$f['type']));
+
+ $emitted[$m] = true;
+ }
+ }
+ else
+ {
+ // Set up matching array
+ $attr[0] = 'org_identities';
+ $attr[1] = $f['attr'];
+ $m = Inflector::classify($attr[0]); // names -> Name
+ $fattr = $attr[1];
+ }
+ ?>
+ <tr class="line<?php print ($l % 2); $l++; ?>">
+ <td>
+ <?php
+ print $f['label'];
+
+ if($a['required'] == RequiredEnum::Required)
+ print '<font class="required">*</font>';
+
+ if($e && isset($f['desc']))
+ print " " . $f['desc'];
+ ?>
+ </td>
+ <td>
+ <?php
+ if(isset($f['select']))
+ {
+ // Render a select element
+
+ print ($e ? $this->Form->select($fattr,
+ $f['select']['options'],
+ (isset($org_identities[0][$m][
$attr[1] ])
+ ? $org_identities[0][$m][
$attr[1] ]
+ : $f['select']['default']),
+ array('empty' => false))
+ : Sanitize::html($org_identities[0][$m][ $attr[1] ]));
+ }
+ else
+ {
+ // Use default rendering
+
+ print ($e ? $this->Form->input($fattr) :
Sanitize::html($org_identities[0][$m][ $attr[1] ]));
+ }
+ ?>
+ </td>
+ </tr>
+ <?php endforeach; ?>
+<?PHP endif; ?>
\ No newline at end of file

Modified: trunk/app/views/org_identities/index.ctp
===================================================================
--- trunk/app/views/org_identities/index.ctp 2011-11-18 04:16:15 UTC (rev
116)
+++ trunk/app/views/org_identities/index.ctp 2011-11-20 21:27:45 UTC (rev
117)
@@ -24,7 +24,9 @@
<?php
if($permissions['add'])
print $this->Html->link(_txt('op.add.new',
array(_txt('ct.org_identities.1'))),
- array('controller' => 'org_identities', 'action'
=> 'add'),
+ array('controller' => 'org_identities',
+ 'action' => 'add',
+ 'co' => ($pool_org_identities ? false :
$this->params['named']['co'])),
array('class' => 'addbutton')) . '
<br />
<br />
@@ -49,7 +51,10 @@
<?php foreach ($org_identities as $p): ?>
<tr class="line<?php print ($i % 2)+1; ?>">
<td><?php echo $html->link(generateCn($p['Name']),
- array('controller' => 'org_identities',
'action' => ($permissions['edit'] ? 'edit' : ($permissions['view'] ? 'view' :
'')), $p['OrgIdentity']['id'])); ?></td>
+ array('controller' => 'org_identities',
+ 'action' => ($permissions['edit'] ?
'edit' : ($permissions['view'] ? 'view' : '')),
+ $p['OrgIdentity']['id'],
+ 'co' => ($pool_org_identities ? false
: $this->params['named']['co']))); ?></td>
<td><?php echo Sanitize::html($p['OrgIdentity']['o']); ?></td>
<td><?php echo Sanitize::html($p['OrgIdentity']['ou']); ?></td>
<td><?php echo Sanitize::html($p['OrgIdentity']['title']); ?></td>
@@ -60,11 +65,14 @@
<?php
if($permissions['edit'])
echo $html->link(_txt('op.edit'),
- array('controller' => 'org_identities',
'action' => 'edit', $p['OrgIdentity']['id']),
+ array('controller' => 'org_identities',
+ 'action' => 'edit',
+ $p['OrgIdentity']['id'],
+ 'co' => ($pool_org_identities ? false :
$this->params['named']['co'])),
array('class' => 'editbutton')) . "\n";

if($permissions['delete'])
- echo '<button class="deletebutton" title="' . _txt('op.delete')
. '" onclick="javascript:js_confirm_delete(\'' .
Sanitize::html(generateCn($p['Name'])) . '\', \'' .
$html->url(array('controller' => 'org_identities', 'action' => 'delete',
$p['OrgIdentity']['id'])) . '\')";>' . _txt('op.delete') . '</button>';
+ echo '<button class="deletebutton" title="' . _txt('op.delete')
. '" onclick="javascript:js_confirm_delete(\'' .
Sanitize::html(generateCn($p['Name'])) . '\', \'' .
$html->url(array('controller' => 'org_identities', 'action' => 'delete',
$p['OrgIdentity']['id'], 'co' => ($pool_org_identities ? false :
$this->params['named']['co']))) . '\')";>' . _txt('op.delete') . '</button>';
?>
<?php ; ?>
</td>

[comanage-dev] r117 - in trunk/app: . config/schema controllers libs models views/cmp_enrollment_configurations views/org_identities, benno, 11/20/2011

List archive

[comanage-dev] r117 - in trunk/app: . config/schema controllers libs models views/cmp_enrollment_configurations views/org_identities