Merge pull request #22 from pajavyskocil/ForceAup

New version of ForceAup module

Author: tauceti2

ForceAup-configuration.md

@@ -0,0 +1,59 @@
+Configuration of ForceAup 
+-
+1.Create these attributes in Perun:
+- urn:perun:entityless:attribute-def:def:orgAups
+    - Type: LinkedHashMap
+    - Unique: no
+    - Read: 
+    - Write:
+   
+   
+- urn:perun:user:attribute-def:def:aups
+    - Type: LinkedHashMap
+    - Unique: no
+    - Read: SELF, FACILITY, VO
+    - Write: 
+
+ 
+- urn:perun:vo:attribute-def:def:aup
+    - Type: LargeString
+    - Unique: no
+    - Read: VO
+    - Write: VO
+    
+    
+- urn:perun:facility:attribute-def:def:reqAups
+    - Type: ArrayList
+    - Unique: no
+    - Read: FACILITY
+    - Write: FACILITY
+    
+    
+- urn:perun:facility:attribute-def:virt:voShortNames
+    - Type: ArrayList
+    - Unique: no
+    - Read: FACILITY
+    - Write: FACILITY 
+    
+2.Configure SimpleSAMLphp to use ForceAup:
+
+- Add this configuration into metadata file saml20-idp-hosted.php
+    
+    ```
+    40 => array(
+        'class' => 'perun:ProxyFilter',
+        'filterSPs' => $perunEntityIds,
+        'config' => array(
+            'class' => 'perun:ForceAup',
+            'uidAttr' => 'uid',
+            'interface' => 'rpc',
+            'perunAupsAttr' => 'urn:perun:entityless:attribute-def:def:orgAups',
+            'perunUserAupAttr' => 'urn:perun:user:attribute-def:def:aups',
+            'perunVoAupAttr' => 'urn:perun:vo:attribute-def:def:aup',
+            'perunFacilityReqAupsAttr' => 'urn:perun:facility:attribute-def:def:reqAups',
+            'facilityVoShortNames' => 'urn:perun:facility:attribute-def:virt:voShortNames'
+        ),
+    ),   
+    ``` 
+
+3.Fill the attributes and set list of required Aups (attr reqAups) and voShortNames (optional) for each facility

dictionaries/perun.definition.json

@@ -20,11 +20,23 @@
 	"cs": "nebo"
   },
   "force-aup-tpl_aup": {
-	"en": "Acceptable Usage Policy",
-	"cs": "Podmíny užití"
+	"en": "Acceptable usage policy",
+	"cs": "Podmínky užití"
+  },
+  "force-aup-tpl_aup_organization": {
+    "en": "Acceptable usage policy for organization ",
+    "cs": "Podmínky užití služeb v organizaci "
+  },
+  "force-aup-tpl_aup_redirect": {
+    "en": "See the acceptable usage policy in version ",
+    "cs": "Podmínky užití ve verzi "
+  },
+  "force-aup-tpl_aup_accept": {
+    "en": "You must agree to the following acceptable usage policies: ",
+    "cs": "Musíte souhlasit s následujícími podmínkami užití: "
   },
   "force-aup-tpl_agree": {
-	"en": "I agree with the Acceptable Usage Policy",
+	"en": "I agree with the acceptable usage policy",
 	"cs": "Souhlasím s podmínkami užití"
   },
   "warning-test-sp-tpl_text": {
@@ -34,5 +46,13 @@
   "continue": {
 	"en": "Continue",
 	"cs": "Pokračovat"
+  },
+  "here": {
+    "en": "here.",
+    "cs": "zde."
+  },
+  "organization": {
+    "en": "Organization / Virtual Organization ",
+    "cs": "Organizace / Virtuální organizace "
   }
 }

lib/Adapter.php

@@ -69,13 +69,41 @@ public abstract function getSpGroups($spEntityId, $vo);
 	 */
 	public abstract function getUserAttributes($user, $attrNames);
 
+	/**
+	 * @param string $attrName
+	 * @return array of all entityless attributes with attrName (for all namespaces of same attribute).
+	 */
+	public abstract function getEntitylessAttribute($attrName);
+
+	/**
+	 * @param sspmod_perun_model_Vo $vo
+	 * @param array $attrNames
+	 * @return array associative of attributes. Keys are attribute names
+	 * and values are attr values (can be null, string, array, associative array)* @return
+	 */
+	public abstract function getVoAttributes($vo, $attrNames);
+
+	/**
+	 * @param sspmod_perun_model_Facility $facility
+	 * @param string $attrName
+	 * @return array with attribute value
+	 */
+	public abstract function getFacilityAttribute($facility, $attrName);
+
+	/**
+	 * @param string $spEntityId
+	 * @return sspmod_perun_model_Facility entities[]
+	 */
+	public abstract function getFacilitiesByEntityId($spEntityId);
+
 	/**
 	 * @param string $spEntityId entity id of the sp
 	 * @param int $userId
 	 * @return sspmod_perun_model_Group[] from vo which are assigned to all facilities with spEntityId for this userId
 	 */
 	public abstract function getUsersGroupsOnFacility($spEntityId, $userId);
 
+
 	/**
 	 * @param sspmod_perun_model_HasId[] $entities
 	 * @return sspmod_perun_model_HasId[] without duplicates

lib/AdapterLdap.php

@@ -139,6 +139,29 @@ public function getUserAttributes($user, $attrNames)
 		return $attributes;
 	}
 
+	public function getFacilitiesByEntityId($spEntityId)
+	{
+		// TODO: Implement getEntityByEntityId() method.
+	}
+
+	public function getEntitylessAttribute($attrName)
+	{
+		throw new BadMethodCallException("NotImplementedException");
+		// TODO: Implement getEntitylessAttribute() method.
+	}
+
+	public function getVoAttributes($vo, $attrNames)
+	{
+		throw new BadMethodCallException("NotImplementedException");
+		// TODO: Implement getVoAttribute() method.
+	}
+
+	public function getFacilityAttribute($facility, $attrName)
+	{
+		throw new BadMethodCallException("NotImplementedException");
+		// TODO: Implement getFacilityAttribute() method.
+	}
+
 
 	public function getUsersGroupsOnFacility($spEntityId, $userId)
 	{
@@ -172,4 +195,5 @@ public function getUsersGroupsOnFacility($spEntityId, $userId)
 		return $resultGroups;
 	}
 
+
 }

lib/AdapterRpc.php

@@ -153,6 +153,49 @@ public function getUserAttributes($user, $attrNames)
 		return $attributes;
 	}
 
+	public function getEntitylessAttribute($attrName)
+	{
+		$perunAttrs = sspmod_perun_RpcConnector::get('attributesManager', 'getEntitylessAttributes', array(
+			'attrName' => $attrName,
+		));
+
+		$attributes = array();
+		foreach ($perunAttrs as $perunAttr) {
+			$attributes[key($perunAttr['value'])] = $perunAttr['value'][key($perunAttr['value'])];
+		}
+
+		return $attributes;
+
+	}
+
+	public function getVoAttributes($vo, $attrNames)
+	{
+		$perunAttrs = sspmod_perun_RpcConnector::get('attributesManager', 'getAttributes', array(
+			'vo' => $vo->getId(),
+			'attrNames' => $attrNames,
+		));
+
+		$attributes = array();
+		foreach ($perunAttrs as $perunAttr) {
+
+			$perunAttrName = $perunAttr['namespace'] . ":" . $perunAttr['friendlyName'];
+
+			$attributes[$perunAttrName] = $perunAttr['value'];
+		}
+
+		return $attributes;
+	}
+
+	public function getFacilityAttribute($facility, $attrName)
+	{
+		$perunAttr = sspmod_perun_RpcConnector::get('attributesManager', 'getAttribute', array(
+			'facility' => $facility->getId(),
+			'attributeName' => $attrName,
+		));
+
+		return $perunAttr['value'];
+	}
+
 
 	public  function getUsersGroupsOnFacility($spEntityId, $userId)
 	{
@@ -197,4 +240,17 @@ public  function getUsersGroupsOnFacility($spEntityId, $userId)
 		return $allGroups;
 	}
 
+	public function getFacilitiesByEntityId($spEntityId)
+	{
+		$perunAttrs = sspmod_perun_RpcConnector::get('facilitiesManager', 'getFacilitiesByAttribute', array(
+			'attributeName' => 'urn:perun:facility:attribute-def:def:entityID',
+			'attributeValue' => $spEntityId,
+		));
+		$facilities = array();
+		foreach ($perunAttrs as $perunAttr) {
+			array_push($facilities, new sspmod_perun_model_Facility($perunAttr['id'], $perunAttr['name'], $spEntityId));
+		}
+		return $facilities;
+	}
+
 }