Merge pull request #83 from BaranekD/getFacilitiesByEntityId

vyskocilpavel · web-flow · commit 4322a185f7ab · 2019-11-28T11:51:04.000+01:00
Using getFacilityByEntityId in all possible places
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,13 +2,18 @@
 All notable changes to this project will be documented in this file.
  
 ## [Unreleased]
+#### Added
+- Added method getFacilityByEntityId
+
 #### Changed
 - Slightly modified text displayed on WAYF
 - Updated phpcs ruleset to PSR-12
 - is_null() changed to === null
 - Using identity comparison instead of equality comparison
 - Removed checks in ifs that var is (not) null before empty(var) function (empty checks that itself)
 - Double quotes changed to single quotes
+- getFacilitiesByEntityId marked as deprecated (getFacilityByEntityId should be used instead)
+- Using of getFacilityByEntityId instead of getFacilitiesByEntityId
 
 #### Fixed
 - Fixed wrong dictionary name in post.php
diff --git a/lib/Adapter.php b/lib/Adapter.php
@@ -119,11 +119,18 @@ abstract public function getVoAttributes($vo, $attrNames);
     abstract public function getFacilityAttribute($facility, $attrName);
 
     /**
+     * @deprecated getFacilityByEntityId($spEntityId) should be used instead
      * @param string $spEntityId
      * @return Facility entities[]
      */
     abstract public function getFacilitiesByEntityId($spEntityId);
 
+    /**
+     * @param string $spEntityId
+     * @return Facility facility
+     */
+    abstract public function getFacilityByEntityId($spEntityId);
+
     /**
      * @param string $spEntityId entity id of the sp
      * @param int $userId
diff --git a/lib/AdapterLdap.php b/lib/AdapterLdap.php
@@ -7,6 +7,7 @@
 use SimpleSAML\Module\perun\model\Group;
 use SimpleSAML\Module\perun\model\Vo;
 use SimpleSAML\Module\perun\model\Member;
+use SimpleSAML\Module\perun\model\Facility;
 use SimpleSAML\Error\Exception;
 use SimpleSAML\Logger;
 
@@ -28,6 +29,9 @@ class AdapterLdap extends Adapter
     const LDAP_USER = 'ldap.username';
     const LDAP_PASSWORD = 'ldap.password';
     const LDAP_BASE = 'ldap.base';
+    const PERUN_FACILITY_ID = 'perunFacilityId';
+    const CN = 'cn';
+    const DESCRIPTION = 'description';
 
     private $ldapBase;
 
@@ -118,13 +122,14 @@ public function getMemberGroups($user, $vo)
 
     public function getSpGroups($spEntityId)
     {
-        $facility = $this->connector->searchForEntity(
-            $this->ldapBase,
-            '(&(objectClass=perunFacility)(entityID=' . $spEntityId . '))',
-            ['perunFacilityId']
-        );
+        $facility = $this->getFacilityByEntityId($spEntityId);
+
+        if ($facility === null) {
+            return [];
+        }
+
+        $id = $facility->getId();
 
-        $id = $facility['perunFacilityId'][0];
         $resources = $this->connector->searchForEntities(
             $this->ldapBase,
             '(&(objectClass=perunResource)(perunFacilityDn=perunFacilityId=' . $id . ',' . $this->ldapBase . '))',
@@ -226,6 +231,31 @@ public function getFacilitiesByEntityId($spEntityId)
         // TODO: Implement getEntityByEntityId() method.
     }
 
+    public function getFacilityByEntityId($spEntityId)
+    {
+        $ldapResult = $this->connector->searchForEntity(
+            $this->ldapBase,
+            '(&(objectClass=perunFacility)(entityID=' . $spEntityId . '))',
+            [self::PERUN_FACILITY_ID, self::CN, self::DESCRIPTION]
+        );
+
+        if (empty($ldapResult)) {
+            Logger::warning(
+                'perun:AdapterLdap: No facility with entityID \'' . $spEntityId . '\' found.'
+            );
+            return null;
+        }
+
+        $facility = new Facility(
+            $ldapResult[self::PERUN_FACILITY_ID][0],
+            $ldapResult[self::CN][0],
+            $ldapResult[self::DESCRIPTION][0],
+            $spEntityId
+        );
+
+        return $facility;
+    }
+
     public function getEntitylessAttribute($attrName)
     {
         throw new BadMethodCallException('NotImplementedException');
@@ -278,13 +308,14 @@ public function setUserExtSourceAttributes($userExtSourceId, $attributes)
 
     public function getUsersGroupsOnFacility($spEntityId, $userId)
     {
-        $facility = $this->connector->searchForEntity(
-            $this->ldapBase,
-            '(&(objectClass=perunFacility)(entityID=' . $spEntityId . '))',
-            ['perunFacilityId']
-        );
+        $facility = $this->getFacilityByEntityId($spEntityId);
+
+        if ($facility === null) {
+            return [];
+        }
+
+        $id = $facility->getId();
 
-        $id = $facility['perunFacilityId'][0];
         $resources = $this->connector->searchForEntities(
             $this->ldapBase,
             '(&(objectClass=perunResource)(perunFacilityDn=perunFacilityId=' . $id . ',' . $this->ldapBase . '))',
diff --git a/lib/AdapterRpc.php b/lib/AdapterRpc.php
@@ -10,6 +10,7 @@
 use SimpleSAML\Module\perun\model\Resource;
 use SimpleSAML\Module\perun\model\Member;
 use SimpleSAML\Error\Exception;
+use SimpleSAML\Logger;
 use SimpleSAML\Module\perun\Exception as PerunException;
 
 /**
@@ -135,16 +136,11 @@ public function getMemberGroups($user, $vo)
 
     public function getSpGroups($spEntityId)
     {
-        $perunAttr = $this->connector->get('facilitiesManager', 'getFacilitiesByAttribute', [
-            'attributeName' => 'urn:perun:facility:attribute-def:def:entityID',
-            'attributeValue' => $spEntityId,
-        ])[0];
-        $facility = new Facility(
-            $perunAttr['id'],
-            $perunAttr['name'],
-            $perunAttr['description'],
-            $spEntityId
-        );
+        $facility = $this->getFacilityByEntityId($spEntityId);
+
+        if ($facility === null) {
+            return [];
+        }
 
         $perunAttrs = $this->connector->get('facilitiesManager', 'getAssignedResources', [
             'facility' => $facility->getId(),
@@ -304,37 +300,35 @@ public function getFacilityAttribute($facility, $attrName)
 
     public function getUsersGroupsOnFacility($spEntityId, $userId)
     {
-        $facilities = $this->connector->get('facilitiesManager', 'getFacilitiesByAttribute', [
-            'attributeName' => 'urn:perun:facility:attribute-def:def:entityID',
-            'attributeValue' => $spEntityId,
-        ]);
-
+        $facility = $this->getFacilityByEntityId($spEntityId);
         $groups = [];
 
-        foreach ($facilities as $facility) {
-            $usersGroupsOnFacility = $this->connector->get(
-                'usersManager',
-                'getRichGroupsWhereUserIsActive',
-                [
-                    'facility' => $facility['id'],
-                    'user' => $userId,
-                    'attrNames' => ['urn:perun:group:attribute-def:virt:voShortName']
-                ]
-            );
+        if ($facility === null) {
+            return $groups;
+        }
 
-            foreach ($usersGroupsOnFacility as $usersGroupOnFacility) {
-                if (isset($usersGroupOnFacility['attributes'][0]['friendlyName']) &&
-                    $usersGroupOnFacility['attributes'][0]['friendlyName'] === 'voShortName') {
-                    $uniqueName = $usersGroupOnFacility['attributes'][0]['value'] . ":" . $usersGroupOnFacility['name'];
+        $usersGroupsOnFacility = $this->connector->get(
+            'usersManager',
+            'getRichGroupsWhereUserIsActive',
+            [
+                'facility' => $facility->getId(),
+                'user' => $userId,
+                'attrNames' => ['urn:perun:group:attribute-def:virt:voShortName']
+            ]
+        );
 
-                    array_push($groups, new Group(
-                        $usersGroupOnFacility['id'],
-                        $usersGroupOnFacility['voId'],
-                        $usersGroupOnFacility['name'],
-                        $uniqueName,
-                        $usersGroupOnFacility['description']
-                    ));
-                }
+        foreach ($usersGroupsOnFacility as $usersGroupOnFacility) {
+            if (isset($usersGroupOnFacility['attributes'][0]['friendlyName']) &&
+                $usersGroupOnFacility['attributes'][0]['friendlyName'] === 'voShortName') {
+                $uniqueName = $usersGroupOnFacility['attributes'][0]['value'] . ":" . $usersGroupOnFacility['name'];
+
+                array_push($groups, new Group(
+                    $usersGroupOnFacility['id'],
+                    $usersGroupOnFacility['voId'],
+                    $usersGroupOnFacility['name'],
+                    $uniqueName,
+                    $usersGroupOnFacility['description']
+                ));
             }
         }
         $groups = $this->removeDuplicateEntities($groups);
@@ -363,6 +357,37 @@ public function getFacilitiesByEntityId($spEntityId)
         return $facilities;
     }
 
+    public function getFacilityByEntityId($spEntityId)
+    {
+        $perunAttr = $this->connector->get('facilitiesManager', 'getFacilitiesByAttribute', [
+            'attributeName' => 'urn:perun:facility:attribute-def:def:entityID',
+            'attributeValue' => $spEntityId,
+        ]);
+
+        if (empty($perunAttr)) {
+            Logger::warning(
+                'perun:AdapterRpc: No facility with entityID \'' . $spEntityId . '\' found.'
+            );
+            return null;
+        }
+
+        if (count($perunAttr) > 1) {
+            Logger::warning(
+                'perun:AdapterRpc: There is more than one facility with entityID \'' . $spEntityId . '.'
+            );
+            return null;
+        }
+
+        $facility = new Facility(
+            $perunAttr[0]['id'],
+            $perunAttr[0]['name'],
+            $perunAttr[0]['description'],
+            $spEntityId
+        );
+
+        return $facility;
+    }
+
     /**
      * Returns member by User and Vo
      * @param User $user
diff --git a/lib/Auth/Process/ForceAup.php b/lib/Auth/Process/ForceAup.php
@@ -118,28 +118,31 @@ public function process(&$request)
         }
 
         try {
-            $facilities = $this->adapter->getFacilitiesByEntityId($request['SPMetadata']['entityid']);
+            $facility = $this->adapter->getFacilityByEntityId($request['SPMetadata']['entityid']);
+
+            if ($facility === null) {
+                return;
+            }
 
             $requiredAups = [];
             $voShortNames = [];
-            foreach ($facilities as $facility) {
-                $facilityAups = $this->adapter->getFacilityAttribute($facility, $this->perunFacilityReqAupsAttr);
 
-                if ($facilityAups !== null) {
-                    foreach ($facilityAups as $facilityAup) {
-                        array_push($requiredAups, $facilityAup);
-                    }
+            $facilityAups = $this->adapter->getFacilityAttribute($facility, $this->perunFacilityReqAupsAttr);
+
+            if ($facilityAups !== null) {
+                foreach ($facilityAups as $facilityAup) {
+                    array_push($requiredAups, $facilityAup);
                 }
+            }
 
-                $facilityVoShortNames = $this->adapter->getFacilityAttribute(
-                    $facility,
-                    $this->perunFacilityVoShortNames
-                );
+            $facilityVoShortNames = $this->adapter->getFacilityAttribute(
+                $facility,
+                $this->perunFacilityVoShortNames
+            );
 
-                if ($facilityVoShortNames !== null) {
-                    foreach ($facilityVoShortNames as $facilityVoShortName) {
-                        array_push($voShortNames, $facilityVoShortName);
-                    }
+            if ($facilityVoShortNames !== null) {
+                foreach ($facilityVoShortNames as $facilityVoShortName) {
+                    array_push($voShortNames, $facilityVoShortName);
                 }
             }
 
diff --git a/lib/Auth/Process/PerunIdentity.php b/lib/Auth/Process/PerunIdentity.php
@@ -430,48 +430,46 @@ public static function unauthorized($request)
     protected function getSPAttributes($spEntityID)
     {
         try {
-            $facilities = $this->rpcAdapter->getFacilitiesByEntityId($spEntityID);
-            if (empty($facilities)) {
-                Logger::warning(
-                    'perun:PerunIdentity: No facility with entityID \'' . $spEntityID . '\' found.'
-                );
+            $facility = $this->rpcAdapter->getFacilityByEntityId($spEntityID);
+
+            if ($facility === null) {
                 return;
             }
 
             $checkGroupMembership = $this->rpcAdapter->getFacilityAttribute(
-                $facilities[0],
+                $facility,
                 $this->facilityCheckGroupMembershipAttr
             );
             if ($checkGroupMembership !== null) {
                 $this->checkGroupMembership = $checkGroupMembership;
             }
 
             $facilityVoShortNames = $this->rpcAdapter->getFacilityAttribute(
-                $facilities[0],
+                $facility,
                 $this->facilityVoShortNamesAttr
             );
             if (!empty($facilityVoShortNames)) {
                 $this->facilityVoShortNames = $facilityVoShortNames;
             }
 
             $dynamicRegistration = $this->rpcAdapter->getFacilityAttribute(
-                $facilities[0],
+                $facility,
                 $this->facilityDynamicRegistrationAttr
             );
             if ($dynamicRegistration !== null) {
                 $this->dynamicRegistration = $dynamicRegistration;
             }
 
             $this->registerUrl = $this->rpcAdapter->getFacilityAttribute(
-                $facilities[0],
+                $facility,
                 $this->facilityRegisterUrlAttr
             );
             if ($this->registerUrl === null) {
                 $this->registerUrl = $this->defaultRegisterUrl;
             }
 
             $allowRegistartionToGroups = $this->rpcAdapter->getFacilityAttribute(
-                $facilities[0],
+                $facility,
                 $this->facilityAllowRegistrationToGroupsAttr
             );
             if ($allowRegistartionToGroups !== null) {
