comanage-dev - [comanage-dev] r534 - in registry/trunk/app: Model/Behavior Plugin/LdapProvisioner/Config/Schema Plugin/LdapProvisioner/Lib Plugin/LdapProvisioner/Model
Subject: COmanage Developers List
List archive
[comanage-dev] r534 - in registry/trunk/app: Model/Behavior Plugin/LdapProvisioner/Config/Schema Plugin/LdapProvisioner/Lib Plugin/LdapProvisioner/Model
Chronological Thread
- From:
- To:
- Subject: [comanage-dev] r534 - in registry/trunk/app: Model/Behavior Plugin/LdapProvisioner/Config/Schema Plugin/LdapProvisioner/Lib Plugin/LdapProvisioner/Model
- Date: Tue, 11 Jun 2013 22:20:01 -0400
- Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none
Author: benno
Date: 2013-06-11 22:20:01 -0400 (Tue, 11 Jun 2013)
New Revision: 534
Modified:
registry/trunk/app/Model/Behavior/ProvisionerBehavior.php
registry/trunk/app/Plugin/LdapProvisioner/Config/Schema/schema.xml
registry/trunk/app/Plugin/LdapProvisioner/Lib/lang.php
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerAttribute.php
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
Log:
Allow export of org identity identifiers (CO-618)
Modified: registry/trunk/app/Model/Behavior/ProvisionerBehavior.php
===================================================================
--- registry/trunk/app/Model/Behavior/ProvisionerBehavior.php 2013-06-12
02:18:59 UTC (rev 533)
+++ registry/trunk/app/Model/Behavior/ProvisionerBehavior.php 2013-06-12
02:20:01 UTC (rev 534)
@@ -369,6 +369,9 @@
//'CoGroupMember',
//'CoGroupMember.CoGroup',
'CoOrgIdentityLink',
+ // We normally don't pull org identity data, but we'll make an
exception
+ // for Identifier to be able to expose eppn
+ 'CoOrgIdentityLink.OrgIdentity.Identifier',
'CoPersonRole',
'CoPersonRole.Address',
'CoPersonRole.Cou',
@@ -379,7 +382,7 @@
);
$coPersonData = $coPersonModel->find('first', $args);
-
+
// Directly query for all group memberships instead of using
// relations in order to support Grouper use cases.
$coGroupMemberModel = new CoGroupMember();
Modified: registry/trunk/app/Plugin/LdapProvisioner/Config/Schema/schema.xml
===================================================================
--- registry/trunk/app/Plugin/LdapProvisioner/Config/Schema/schema.xml
2013-06-12 02:18:59 UTC (rev 533)
+++ registry/trunk/app/Plugin/LdapProvisioner/Config/Schema/schema.xml
2013-06-12 02:20:01 UTC (rev 534)
@@ -80,6 +80,7 @@
<field name="attribute" type="C" size="80" />
<field name="type" type="C" size="32" />
<field name="export" type="L" />
+ <field name="use_org_value" type="L" />
<field name="created" type="T" />
<field name="modified" type="T" />
Modified: registry/trunk/app/Plugin/LdapProvisioner/Lib/lang.php
===================================================================
--- registry/trunk/app/Plugin/LdapProvisioner/Lib/lang.php 2013-06-12
02:18:59 UTC (rev 533)
+++ registry/trunk/app/Plugin/LdapProvisioner/Lib/lang.php 2013-06-12
02:20:01 UTC (rev 534)
@@ -47,6 +47,7 @@
'pl.ldapprovisioner.basedn.desc' => 'Base DN to provision entries
under',
'pl.ldapprovisioner.binddn' => 'Bind DN',
'pl.ldapprovisioner.binddn.desc' => 'DN to authenticate as to manage
entries',
+ 'pl.ldapprovisioner.fd.useorgval' => 'Use value from Organizational
Identity',
'pl.ldapprovisioner.info' => 'The LDAP server must be available
and the specified credentials must be valid before this configuration can be
saved.',
'pl.ldapprovisioner.password' => 'Password',
'pl.ldapprovisioner.password.desc' => 'Password to use for
authentication',
Modified:
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerAttribute.php
===================================================================
---
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerAttribute.php
2013-06-12 02:18:59 UTC (rev 533)
+++
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerAttribute.php
2013-06-12 02:20:01 UTC (rev 534)
@@ -57,6 +57,9 @@
),
'export' => array(
'rule' => 'boolean'
+ ),
+ 'use_org_value' => array(
+ 'rule' => 'boolean'
)
);
}
Modified:
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
===================================================================
---
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
2013-06-12 02:18:59 UTC (rev 533)
+++
registry/trunk/app/Plugin/LdapProvisioner/Model/CoLdapProvisionerTarget.php
2013-06-12 02:20:01 UTC (rev 534)
@@ -249,11 +249,30 @@
'uid' => 'identifier'
);
+ $modelList = null;
+
+ if(isset($configuredAttributes[$attr]['use_org_value'])
+ && $configuredAttributes[$attr]['use_org_value']) {
+ // Use organizational identity value for this attribute
+
+ // It's unclear what to do here if there is more than one
CoOrgIdentityLink...
+ // which identity do we choose? For now, the first one.
+
+
if(isset($coPersonData['CoOrgIdentityLink'][0]['OrgIdentity'][ $mods[$attr]
])) {
+ $modelList =&
$coPersonData['CoOrgIdentityLink'][0]['OrgIdentity'][ $mods[$attr] ];
+ }
+ } elseif(isset($coPersonData[ $mods[$attr] ])) {
+ // Use CO Person value for this attribute
+ $modelList =& $coPersonData[ $mods[$attr] ];
+ }
+ // Next: if useorgvalue reference
$coPersonData['CoOrgIdentityLink']['OrgIdentity'][ $mods[$attr] ] instead
+ // perhaps using =& to avoid copying arrays
+
// Walk through each model instance
$found = false;
- if(isset($coPersonData[ $mods[$attr] ])) {
- foreach($coPersonData[ $mods[$attr] ] as $m) {
+ if(isset($modelList)) {
+ foreach($modelList as $m) {
// If a type is set, make sure it matches
if(empty($targetType) || ($targetType == $m['type'])) {
// And finally that the attribute itself is set
@@ -787,6 +806,7 @@
'eduPersonPrincipalName' => array(
'required' => false,
'multiple' => false,
+ 'alloworgvalue' => true,
'extendedtype' => 'identifier_types',
'defaulttype' => IdentifierEnum::ePPN
)
- [comanage-dev] r534 - in registry/trunk/app: Model/Behavior Plugin/LdapProvisioner/Config/Schema Plugin/LdapProvisioner/Lib Plugin/LdapProvisioner/Model, svnlog, 06/11/2013
Archive powered by MHonArc 2.6.16.