comanage-dev - [comanage-dev] r487 - in registry/trunk/app: Controller Lib Model Model/Behavior Plugin/LdapProvisioner/Model
Subject: COmanage Developers List
List archive
[comanage-dev] r487 - in registry/trunk/app: Controller Lib Model Model/Behavior Plugin/LdapProvisioner/Model
Chronological Thread
- From:
- To:
- Subject: [comanage-dev] r487 - in registry/trunk/app: Controller Lib Model Model/Behavior Plugin/LdapProvisioner/Model
- Date: Sun, 7 Apr 2013 22:13:31 -0400
- Authentication-results: sfpop-ironport05.merit.edu; dkim=neutral (message not signed) header.i=none
Author: benno
Date: 2013-04-07 22:13:31 -0400 (Sun, 07 Apr 2013)
New Revision: 487
Modified:
registry/trunk/app/Controller/CoProvisioningTargetsController.php
registry/trunk/app/Lib/lang.php
registry/trunk/app/Model/Address.php
registry/trunk/app/Model/Behavior/ProvisionerBehavior.php
registry/trunk/app/Model/CoGroupMember.php
registry/trunk/app/Model/CoPersonRole.php
registry/trunk/app/Model/EmailAddress.php
registry/trunk/app/Model/Identifier.php
registry/trunk/app/Model/Name.php
registry/trunk/app/Model/TelephoneNumber.php
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
Log:
Provision on model event (CO-547)
Modified: registry/trunk/app/Controller/CoProvisioningTargetsController.php
===================================================================
--- registry/trunk/app/Controller/CoProvisioningTargetsController.php
2013-04-07 20:42:05 UTC (rev 486)
+++ registry/trunk/app/Controller/CoProvisioningTargetsController.php
2013-04-08 02:13:31 UTC (rev 487)
@@ -217,79 +217,45 @@
function provision($id) {
if($this->restful) {
if(!empty($this->request->params['named']['copersonid'])) {
- // Find the associated Provisioning Target record
+ // Make sure copersonid is in the same CO as $id
$args = array();
+ $args['joins'][0]['table'] = 'co_people';
+ $args['joins'][0]['alias'] = 'CoPerson';
+ $args['joins'][0]['type'] = 'INNER';
+ $args['joins'][0]['conditions'][0] =
'CoProvisioningTarget.co_id=CoPerson.co_id';
$args['conditions']['CoProvisioningTarget.id'] = $id;
- // Since beforeFilter bound all the plugins, this find will pull the
related
- // models as well. However, to reduce the number of database queries
should a
- // large number of plugins be installed, we'll use containable
behavior and
- // make a second call for the plugin we want.
+ $args['conditions']['CoPerson.id'] =
$this->request->params['named']['copersonid'];
$args['contain'] = false;
- $copt = $this->CoProvisioningTarget->find('first', $args);
+ if($this->CoProvisioningTarget->find('count', $args) < 1) {
+ $this->restResultHeader(404, "CoPerson Not Found");
+ return;
+ }
- if(!empty($copt['CoProvisioningTarget']['plugin'])) {
- $pluginName = $copt['CoProvisioningTarget']['plugin'];
- $modelName = 'Co'. $pluginName . 'Target';
- $pluginModelName = $pluginName . "." . $modelName;
-
- // We need to manually attach the model, although if we weren't
using containable
- // the above find would have done this automatically for us (under
$this->CoProvisioningTarget).
- $this->loadModel($pluginModelName);
-
- $args = array();
- $args['conditions'][$modelName.'.co_provisioning_target_id'] = $id;
- $args['contain'] = false;
-
- $pluginTarget = $this->$modelName->find('first', $args);
-
- if(!empty($pluginTarget)) {
- $args = array();
- $args['conditions']['CoPerson.id'] =
$this->request->params['named']['copersonid'];
- // Only pull related models relevant for provisioning
- $args['contain'] = array(
- 'Co',
- 'CoGroupMember',
- 'CoOrgIdentityLink',
- 'CoPersonRole',
- 'CoPersonRole.Address',
- 'CoPersonRole.Cou',
- 'CoPersonRole.TelephoneNumber',
- 'EmailAddress',
- 'Identifier',
- 'Name'
- );
-
- $coPersonData =
$this->CoProvisioningTarget->Co->CoPerson->find('first', $args);
-
- if(!empty($coPersonData)) {
- try {
- $this->$modelName->provision($pluginTarget,
-
ProvisioningActionEnum::CoPersonReprovisionRequested,
- $coPersonData);
-
-
$this->CoProvisioningTarget->Co->CoPerson->HistoryRecord->record(
- $coPersonData['CoPerson']['id'],
- null,
- null,
- $this->Session->read('Auth.User.co_person_id'),
- ActionEnum::CoPersonManuallyProvisioned,
- _txt('rs.prov-a',
array($copt['CoProvisioningTarget']['description']))
- );
- }
- catch(RuntimeException $e) {
- $this->restResultHeader(500, $e->getMessage());
- }
- } else {
+ // Attach ProvisionerBehavior and manually invoke provisioning
+
+
$this->CoProvisioningTarget->Co->CoPerson->Behaviors->load('Provisioner');
+
+ try {
+ $this->CoProvisioningTarget->Co->CoPerson->manualProvision($id,
$this->request->params['named']['copersonid']);
+ }
+ catch(InvalidArgumentException $e) {
+ switch($e->getMessage()) {
+ case _txt('er.cop.unk'):
$this->restResultHeader(404, "CoPerson Not Found");
- }
- } else {
- $this->restResultHeader(404, "CoProvisioningTarget Not Found");
+ break;
+ case _txt('er.copt.unk'):
+ $this->restResultHeader(404, "CoProvisioningTarget Not Found");
+ break;
+ default:
+ $this->restResultHeader(500, $e->getMessage());
+ break;
}
- } else {
- $this->restResultHeader(404, "CoProvisioningTarget Not Found");
}
+ catch(RuntimeException $e) {
+ $this->restResultHeader(500, $e->getMessage());
+ }
} else {
$this->restResultHeader(404, "CoPerson Not Found");
}
Modified: registry/trunk/app/Lib/lang.php
===================================================================
--- registry/trunk/app/Lib/lang.php 2013-04-07 20:42:05 UTC (rev 486)
+++ registry/trunk/app/Lib/lang.php 2013-04-08 02:13:31 UTC (rev 487)
@@ -290,6 +290,7 @@
'er.cop.nf' => 'CO Person Role %1$s Not Found',
'er.copr.exists' => '%1$s has one or more CO Person Roles and cannot be
removed.',
'er.copr.none' => 'CO Person Role Not Provided',
+ 'er.copt.unk' => 'Unknown CO Provisioning Target',
'er.cou.copr' => 'There are still one or more CO person role records in
the COU %1$s, and so it cannot be deleted.',
'er.cou.child' => 'COUs with children can not be deleted',
'er.cou.cycle' => 'Parent is a descendant. Cycles are not permitted.',
@@ -337,6 +338,7 @@
'er.plugin.prov.none' => 'There are no suitable plugins available. No
provisioning targets can be added.',
// er.prov is a javascript string and so cannot take a parameter
'er.prov' => 'Provisioning failed: ',
+ 'er.prov.plugin' => 'Provisioning failed for %1$s: %2$s',
'er.pt.status' => 'Change of petition status from %1$s to %2$s is not
permitted',
'er.pt.resend.status' => 'Cannot resend an invitation not in Pending
Confirmation status',
'er.reply.unk' => 'Unknown Reply',
Modified: registry/trunk/app/Model/Address.php
===================================================================
--- registry/trunk/app/Model/Address.php 2013-04-07 20:42:05 UTC (rev
486)
+++ registry/trunk/app/Model/Address.php 2013-04-08 02:13:31 UTC (rev
487)
@@ -2,7 +2,7 @@
/**
* COmanage Registry Address Model
*
- * Copyright (C) 2010-12 University Corporation for Advanced Internet
Development, Inc.
+ * Copyright (C) 2010-13 University Corporation for Advanced Internet
Development, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -14,7 +14,7 @@
* KIND, either express or implied. See the License for the specific
language governing
* permissions and limitations under the License.
*
- * @copyright Copyright (C) 2010-12 University Corporation for Advanced
Internet Development, Inc.
+ * @copyright Copyright (C) 2010-13 University Corporation for Advanced
Internet Development, Inc.
* @link http://www.internet2.edu/comanage COmanage Project
* @package registry
* @since COmanage Registry v0.1
@@ -29,6 +29,9 @@
// Current schema version for API
public $version = "1.0";
+ // Add behaviors
+ public $actsAs = array('Provisioner');
+
// Association rules from this model to other models
public $belongsTo = array(
// An address may be attached to a CO person role
Modified: registry/trunk/app/Model/Behavior/ProvisionerBehavior.php
===================================================================
--- registry/trunk/app/Model/Behavior/ProvisionerBehavior.php 2013-04-07
20:42:05 UTC (rev 486)
+++ registry/trunk/app/Model/Behavior/ProvisionerBehavior.php 2013-04-08
02:13:31 UTC (rev 487)
@@ -22,16 +22,57 @@
* @version $Id$
*/
+// Behaviors don't have access to sessions by default
+App::uses('CakeSession', 'Model/Datasource');
+
class ProvisionerBehavior extends ModelBehavior {
/**
* Handle provisioning following delete of Model.
*
* @since COmanage Registry v0.8
- * @param Model $Model Model instance.
+ * @param Model $model Model instance.
* @return boolean true on success, false on failure
*/
- public function afterDelete(Model $model) {
+ public function beforeDelete(Model $model, $cascade = true) {
+ if(!$cascade) {
+ // If we're not cascading a delete, there really isn't anything for us
to do
+
+ return true;
+ }
+
+ // Note that in most cases this is just an edit. ie: deleting a
telephone number is
+ // CoPersonUpdated not CoPersonDeleted. In those cases, we can just call
afterSave.
+
+ if($model->name != 'CoPerson') {
+ return $this->afterSave($model, false);
+ }
+
+ // However, deleting a CoPerson needs to be handled specially.
+
+ if(!empty($model->data['CoPerson']['id'])) {
+ // Invoke all provisioning plugins
+
+ try {
+ $this->invokePlugins($model,
+ $model->data['CoPerson']['id'],
+ $model->data,
+ ProvisioningActionEnum::CoPersonDeleted);
+ }
+ // What we really want to do here is catch the result (success or
exception)
+ // and set the appropriate session flash message, but we don't have
access to
+ // the current session, and anyway that doesn't cover RESTful
interactions.
+ // So instead we syslog (which is better than nothing).
+ catch(InvalidArgumentException $e) {
+ syslog(LOG_ERR, $e->getMessage());
+ //throw new InvalidArgumentException($e->getMessage());
+ }
+ catch(RuntimeException $e) {
+ syslog(LOG_ERR, $e->getMessage());
+ //throw new RuntimeException($e->getMessage());
+ }
+ }
+
return true;
}
@@ -39,14 +80,334 @@
* Handle provisioning following save of Model.
*
* @since COmanage Registry v0.8
- * @param Model $Model Model instance.
+ * @param Model $model Model instance
* @param boolean $created indicates whether the node just saved was
created or updated
* @return boolean true on success, false on failure
+ * @throws InvalidArgumentException
+ * @throws RuntimeException
+ * @todo Don't throw exceptions, since that breaks the REST API
*/
public function afterSave(Model $model, $created) {
-// debug($Model);
+ // For our initial implementation, one of the following must be true for
$model:
+ // - The model is CoPerson
+ // - The model belongs to CoPerson, and co_person_id is set
+ // - The model belongs to CoPersonRole, and co_person_role_id is set
+ //
+ // First, find the co_person_id (directly or indirectly) and pull the
record
+ $coPerson = null;
+ $coPersonId = -1;
+ $coPersonData = null;
+
+ if($model->name == 'CoPerson'
+ && !empty($model->data['CoPerson']['id'])) {
+ $coPerson = $model;
+ $coPersonId = $model->data['CoPerson']['id'];
+ } elseif(!empty($model->data[ $model->name ]['co_person_id'])) {
+ $coPerson = $model->CoPerson;
+ $coPersonId = $model->data[ $model->name ]['co_person_id'];
+ } elseif(!empty($model->data[ $model->name ]['co_person_role_id'])) {
+ $coPerson = $model->CoPersonRole->CoPerson;
+ $coPersonId = $model->CoPersonRole->field('co_person_id',
+ array('id' => $model->data[
$model->name ]['co_person_role_id']));
+ } else {
+ // For the moment, we'll just return true here since we may be
processing
+ // a multi-model transaction (eg: unlinking a dependency before
deleting a
+ // parent model) or we may be saving OrgIdentity data.
+
+ return true;
+ }
+
+ try {
+ $coPersonData = $this->marshallCoPersonData($coPerson, $coPersonId);
+ }
+ catch(InvalidArgumentException $e) {
+ throw new InvalidArgumentException($e->getMessage());
+ }
+
+ // Determine the provisioning action
+
+ // For now, we don't support CoPersonEnteredGracePeriod, CoPersonExpired,
+ // or CoPersonUnexpired.
+
+ $action = ProvisioningActionEnum::CoPersonUpdated;
+
+ // It's only an add operation if the model is CoPerson
+ if($created && $model->name == 'CoPerson') {
+ $action = ProvisioningActionEnum::CoPersonAdded;
+ }
+
+ // Invoke all provisioning plugins
+
+ try {
+ $this->invokePlugins($coPerson,
+ $coPersonId,
+ $coPersonData,
+ $action);
+ }
+ // What we really want to do here is catch the result (success or
exception)
+ // and set the appropriate session flash message, but we don't have
access to
+ // the current session, and anyway that doesn't cover RESTful
interactions.
+ // So instead we syslog (which is better than nothing).
+ catch(InvalidArgumentException $e) {
+ syslog(LOG_ERR, $e->getMessage());
+ //throw new InvalidArgumentException($e->getMessage());
+ }
+ catch(RuntimeException $e) {
+ syslog(LOG_ERR, $e->getMessage());
+ //throw new RuntimeException($e->getMessage());
+ }
+
return true;
}
+
+ /**
+ * Invoke a provisioning plugin.
+ *
+ * @since COmanage Registry v0.8
+ * @param Array $coProvisioningTarget Array of CoProvisioningTarget data,
as returned by find()
+ * @param integer $coPersonId CO Person to (re)provision
+ * @param Array $coPersonData Data to pass to plugin, as returned by
marshallCoPersonData()
+ * @param ProvisioningActionEnum $action Action triggering provisioning
+ * @return boolean true on success, false on failure
+ * @throws InvalidArgumentException
+ * @throws RuntimeException
+ */
+
+ private function invokePlugin($coProvisioningTarget, $coPersonId,
$coPersonData, $action) {
+ if(!empty($coProvisioningTarget['plugin'])) {
+ $pluginName = $coProvisioningTarget['plugin'];
+ $modelName = 'Co'. $pluginName . 'Target';
+ $pluginModelName = $pluginName . "." . $modelName;
+
+ // We probably need to manually attach the model, since the find()s in
the invoking
+ // functions aren't using containable. (Otherwise the find would
automatically bind
+ // these models under $this->CoProvisioningTarget).
+ $pluginModel = ClassRegistry::init($pluginModelName);
+
+ $args = array();
+ $args['conditions'][$modelName.'.co_provisioning_target_id'] =
$coProvisioningTarget['id'];
+ $args['contain'] = false;
+
+ $pluginTarget = $pluginModel->find('first', $args);
+
+ if(!empty($pluginTarget)) {
+ try {
+ $pluginModel->provision($pluginTarget,
+ $action,
+ $coPersonData);
+
+ // It's a bit of a walk to get to HistoryRecord
+
$pluginModel->CoProvisioningTarget->Co->CoPerson->HistoryRecord->record(
+ $coPersonData['CoPerson']['id'],
+ null,
+ null,
+ CakeSession::read('Auth.User.co_person_id'),
+ ($action == ProvisioningActionEnum::CoPersonReprovisionRequested
+ ? ActionEnum::CoPersonManuallyProvisioned
+ : ActionEnum::CoPersonProvisioned),
+ _txt('rs.prov-a', array($coProvisioningTarget['description']))
+ );
+ }
+ catch(InvalidArgumentException $e) {
+ throw new InvalidArgumentException($e->getMessage());
+ }
+ catch(RuntimeException $e) {
+ throw new RuntimeException($e->getMessage());
+ }
+ } else {
+ throw new InvalidArgumentException(_txt('er.copt.unk'));
+ }
+ } else {
+ throw new InvalidArgumentException(_txt('er.copt.unk'));
+ }
+
+ return true;
+ }
+
+ /**
+ * Invoke all provisioning plugins.
+ *
+ * @since COmanage Registry v0.8
+ * @param Model $coPersonModel CoPerson Model
+ * @param integer $coPersonId CO Person to (re)provision
+ * @param Array $coPersonData Data to pass to plugin, as returned by
marshallCoPersonData()
+ * @param ProvisioningActionEnum $action Action triggering provisioning
+ * @return boolean true on success
+ * @throws RuntimeException
+ */
+
+ private function invokePlugins($coPersonModel, $coPersonId, $coPersonData,
$action) {
+ $err = "";
+
+ // Pull the Provisioning Targets for this CO. We use the CO ID from
$coPersonData.
+ // (Even if we wanted to pull it from the database via $coPersonId, we
can't
+ // guarantee it'll be there -- eg after a delete of CO Person the link
will be gone.)
+
+ $args = array();
+ $args['conditions']['CoProvisioningTarget.status'] =
ProvisionerStatusEnum::AutomaticMode;
+ $args['conditions']['CoProvisioningTarget.co_id'] =
$coPersonData['CoPerson']['co_id'];
+ $args['contain'] = false;
+
+ $targets = $coPersonModel->Co->CoProvisioningTarget->find('all', $args);
+
+ if(!empty($targets)) {
+ foreach($targets as $target) {
+ // Fire off each provisioning target
+
+ try {
+ $this->invokePlugin($target['CoProvisioningTarget'],
+ $coPersonId,
+ $coPersonData,
+ $action);
+ }
+ catch(InvalidArgumentException $e) {
+ $err .= _txt('er.prov.plugin',
array($target['CoProvisioningTarget']['description'], $e->getMessage())) .
";";
+ }
+ catch(RuntimeException $e) {
+ $err .= _txt('er.prov.plugin',
array($target['CoProvisioningTarget']['description'], $e->getMessage())) .
";";
+ }
+ }
+ }
+
+ if($err != "") {
+ throw new RuntimeException(rtrim($err, ";"));
+ }
+
+ return true;
+ }
+
+ /**
+ * Handle a manual provisioning request.
+ *
+ * @since COmanage Registry v0.8
+ * @param Model $model Model instance
+ * @param integer $coProvisioningTargetId CO Provisioning Target to
execute
+ * @param integer $coPersonId CO Person to (re)provision
+ * @return boolean true on success, false on failure
+ * @throws InvalidArgumentException
+ * @throws RuntimeException
+ */
+
+ public function manualProvision(Model $model, $coProvisioningTargetId,
$coPersonId) {
+ // Find the associated Provisioning Target record
+
+ $args = array();
+ $args['conditions']['CoProvisioningTarget.id'] = $coProvisioningTargetId;
+ // beforeFilter may have bound all the plugins (depending on how we were
called),
+ // so this find will pull the related models as well. However, to reduce
the number
+ // of database queries should a large number of plugins be installed,
we'll use
+ // containable behavior and make a second call for the plugin we want.
+ $args['contain'] = false;
+
+ // Currently, CoPerson is the only model that calls manualProvision, so
we know
+ // how to find CoProvisioningTarget
+ $copt = $model->Co->CoProvisioningTarget->find('first', $args);
+
+ if(!empty($copt)) {
+ try {
+ // Again, we're only called by CoPerson at the moment (so $model =
CoPerson)
+ $coPersonData = $this->marshallCoPersonData($model, $coPersonId);
+
+ $this->invokePlugin($copt['CoProvisioningTarget'],
+ $coPersonId,
+ $coPersonData,
+
ProvisioningActionEnum::CoPersonReprovisionRequested);
+ }
+ catch(InvalidArgumentException $e) {
+ throw new InvalidArgumentException($e->getMessage());
+ }
+ catch(RuntimeException $e) {
+ throw new RuntimeException($e->getMessage());
+ }
+ } else {
+ throw new InvalidArgumentException(_txt('er.copt.unk'));
+ }
+
+ return true;
+ }
+
+ /**
+ * Assemble CO Person Data to pass to provisioning plugin(s).
+ *
+ * @since COmanage Registry v0.8
+ * @param Model $coPersonModel CO Person Model instance
+ * @param integer $coPersonId CO Person to (re)provision
+ * @return Array Array of CO Person Data, as returned by find
+ * @throws InvalidArgumentException
+ */
+
+ private function marshallCoPersonData($coPersonModel, $coPersonId) {
+ $args = array();
+ $args['conditions']['CoPerson.id'] = $coPersonId;
+ // Only pull related models relevant for provisioning
+ $args['contain'] = array(
+ 'Co',
+ 'CoGroupMember',
+ 'CoGroupMember.CoGroup',
+ 'CoOrgIdentityLink',
+ 'CoPersonRole',
+ 'CoPersonRole.Address',
+ 'CoPersonRole.Cou',
+ 'CoPersonRole.TelephoneNumber',
+ 'EmailAddress',
+ 'Identifier',
+ 'Name'
+ );
+
+ $coPersonData = $coPersonModel->find('first', $args);
+
+ if(empty($coPersonData)) {
+ throw new InvalidArgumentException(_txt('er.cop.unk'));
+ }
+
+ // At the moment, if a CO Person is not active we remove their Role
Records
+ // (even if those are active) and group memberships, but leave the rest
of the
+ // data in tact.
+
+ // Remove any role records that are not active
+
+ for($i = (count($coPersonData['CoPersonRole']) - 1);$i >= 0;$i--) {
+ // Count backwards so we don't trip over indices when we unset invalid
roles.
+ // The role record must have a valid status (for now: Active), be
within validity window,
+ // and be attached to a valid CO Person.
+
+ if($coPersonData['CoPerson']['status'] != StatusEnum::Active
+ ||
+ $coPersonData['CoPersonRole'][$i]['status'] != StatusEnum::Active
+ ||
+ (!empty($coPersonData['CoPersonRole'][$i]['valid_from'])
+ && strtotime($coPersonData['CoPersonRole'][$i]['valid_from']) >=
time())
+ ||
+ (!empty($coPersonData['CoPersonRole'][$i]['valid_through'])
+ && strtotime($coPersonData['CoPersonRole'][$i]['valid_through']) <
time())) {
+ unset($coPersonData['CoPersonRole'][$i]);
+ }
+ }
+
+ // Remove any inactive identifiers
+
+ for($i = (count($coPersonData['Identifier']) - 1);$i >= 0;$i--) {
+ // Count backwards so we don't trip over indices when we unset invalid
identifiers.
+
+ if($coPersonData['Identifier'][$i]['status'] != StatusEnum::Active) {
+ unset($coPersonData['Identifier'][$i]);
+ }
+ }
+
+ // Remove any inactive groups (ie: memberships attached to inactive
groups)
+
+ for($i = (count($coPersonData['CoGroupMember']) - 1);$i >= 0;$i--) {
+ // Count backwards so we don't trip over indices when we unset invalid
memberships.
+
+ if($coPersonData['CoPerson']['status'] != StatusEnum::Active
+ ||
+ $coPersonData['CoGroupMember'][$i]['CoGroup']['status'] !=
StatusEnum::Active) {
+ unset($coPersonData['CoGroupMember'][$i]);
+ }
+ }
+
+ return $coPersonData;
+ }
}
\ No newline at end of file
Modified: registry/trunk/app/Model/CoGroupMember.php
===================================================================
--- registry/trunk/app/Model/CoGroupMember.php 2013-04-07 20:42:05 UTC (rev
486)
+++ registry/trunk/app/Model/CoGroupMember.php 2013-04-08 02:13:31 UTC (rev
487)
@@ -2,7 +2,7 @@
/**
* COmanage Registry CO Group Member Model
*
- * Copyright (C) 2011-12 University Corporation for Advanced Internet
Development, Inc.
+ * Copyright (C) 2011-13 University Corporation for Advanced Internet
Development, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -14,7 +14,7 @@
* KIND, either express or implied. See the License for the specific
language governing
* permissions and limitations under the License.
*
- * @copyright Copyright (C) 2011-12 University Corporation for Advanced
Internet Development, Inc.
+ * @copyright Copyright (C) 2011-13 University Corporation for Advanced
Internet Development, Inc.
* @link http://www.internet2.edu/comanage COmanage Project
* @package registry
* @since COmanage Registry v0.1
@@ -42,7 +42,7 @@
// Default ordering for find operations
public $order = array("co_person_id");
- public $actsAs = array('Containable');
+ public $actsAs = array('Containable', 'Provisioner');
// If true the data source for the model uses a relational database
// backend and if false then the data source is something else, perhaps
Modified: registry/trunk/app/Model/CoPersonRole.php
===================================================================
--- registry/trunk/app/Model/CoPersonRole.php 2013-04-07 20:42:05 UTC (rev
486)
+++ registry/trunk/app/Model/CoPersonRole.php 2013-04-08 02:13:31 UTC (rev
487)
@@ -30,7 +30,7 @@
public $version = "1.0";
// Add behaviors
- public $actsAs = array('Containable');
+ public $actsAs = array('Containable', 'Provisioner');
// Association rules from this model to other models
public $belongsTo = array(
Modified: registry/trunk/app/Model/EmailAddress.php
===================================================================
--- registry/trunk/app/Model/EmailAddress.php 2013-04-07 20:42:05 UTC (rev
486)
+++ registry/trunk/app/Model/EmailAddress.php 2013-04-08 02:13:31 UTC (rev
487)
@@ -30,7 +30,7 @@
public $version = "1.0";
// Add behaviors
- public $actsAs = array('Containable');
+ public $actsAs = array('Containable', 'Provisioner');
// Association rules from this model to other models
public $belongsTo = array(
Modified: registry/trunk/app/Model/Identifier.php
===================================================================
--- registry/trunk/app/Model/Identifier.php 2013-04-07 20:42:05 UTC (rev
486)
+++ registry/trunk/app/Model/Identifier.php 2013-04-08 02:13:31 UTC (rev
487)
@@ -43,7 +43,7 @@
// Default ordering for find operations
public $order = array("identifier");
- public $actsAs = array('Containable');
+ public $actsAs = array('Containable', 'Provisioner');
// Validation rules for table elements
public $validate = array(
Modified: registry/trunk/app/Model/Name.php
===================================================================
--- registry/trunk/app/Model/Name.php 2013-04-07 20:42:05 UTC (rev 486)
+++ registry/trunk/app/Model/Name.php 2013-04-08 02:13:31 UTC (rev 487)
@@ -29,6 +29,9 @@
// Current schema version for API
public $version = "1.0";
+ // Add behaviors
+ public $actsAs = array('Provisioner');
+
// Association rules from this model to other models
public $belongsTo = array(
// A name is attached to a CO Person
Modified: registry/trunk/app/Model/TelephoneNumber.php
===================================================================
--- registry/trunk/app/Model/TelephoneNumber.php 2013-04-07 20:42:05
UTC (rev 486)
+++ registry/trunk/app/Model/TelephoneNumber.php 2013-04-08 02:13:31
UTC (rev 487)
@@ -2,7 +2,7 @@
/**
* COmanage Registry Telephone Number Model
*
- * Copyright (C) 2010-12 University Corporation for Advanced Internet
Development, Inc.
+ * Copyright (C) 2010-13 University Corporation for Advanced Internet
Development, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -14,7 +14,7 @@
* KIND, either express or implied. See the License for the specific
language governing
* permissions and limitations under the License.
*
- * @copyright Copyright (C) 2010-12 University Corporation for Advanced
Internet Development, Inc.
+ * @copyright Copyright (C) 2010-13 University Corporation for Advanced
Internet Development, Inc.
* @link http://www.internet2.edu/comanage COmanage Project
* @package registry
* @since COmanage Registry v0.1
@@ -29,6 +29,9 @@
// Current schema version for API
public $version = "1.0";
+ // Add behaviors
+ public $actsAs = array('Provisioner');
+
// Association rules from this model to other models
public $belongsTo = array(
// A telephone number may be attached to a CO Person Role
Modified:
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
===================================================================
---
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
2013-04-07 20:42:05 UTC (rev 486)
+++
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
2013-04-08 02:13:31 UTC (rev 487)
@@ -195,11 +195,27 @@
// XXX CO-548 - Implement the other ProvisioningActions
switch($op) {
+ case ProvisioningActionEnum::CoPersonAdded:
+ $assigndn = true;
+ $delete = false; // Arguably, this should be true to clear out any
prior debris
+ $add = true;
+ break;
+ case ProvisioningActionEnum::CoPersonDeleted:
+ $assigndn = false;
+ $delete = true;
+ $add = false;
+ break;
case ProvisioningActionEnum::CoPersonReprovisionRequested:
$assigndn = true;
$delete = true;
$add = true;
break;
+ case ProvisioningActionEnum::CoPersonUpdated:
+ $assigndn = true; // An update may cause an existing person to be
written to LDAP for the first time
+ // XXX This should really become a $modify
+ $delete = true;
+ $add = true;
+ break;
default:
throw new RuntimeException("Not Implemented");
break;
@@ -260,8 +276,10 @@
if(!empty($coPersonData['CoPersonRole'][0]['Address'][0]['postal_code'])) {
$attributes['postalcode'] =
$coPersonData['CoPersonRole'][0]['Address'][0]['postal_code'];
}
-
if(!empty($coPersonData['CoPersonRole'][0]['TelephoneNumber'][0]['number'])) {
- $attributes['telephonenumber'] =
$coPersonData['CoPersonRole'][0]['TelephoneNumber'][0]['number'];
+ if(!empty($coPersonData['CoPersonRole'][0]['TelephoneNumber'])) {
+ foreach($coPersonData['CoPersonRole'][0]['TelephoneNumber'] as $t) {
+ $attributes['telephonenumber'][] = $t['number'];
+ }
}
if(!empty($coPersonData['EmailAddress'][0]['mail'])) {
$attributes['mail'] = $coPersonData['EmailAddress'][0]['mail'];
- [comanage-dev] r487 - in registry/trunk/app: Controller Lib Model Model/Behavior Plugin/LdapProvisioner/Model, svnlog, 04/07/2013
Archive powered by MHonArc 2.6.16.