Change getting data from LDAP

Added method isUserOnFacility.
Edit getSpGroups method. Now is get voId by resource, not by metadata.

Author: vyskocilpavel

lib/Adapter.php

@@ -69,6 +69,12 @@ public abstract function getSpGroups($spEntityId, $vo);
 	 */
 	public abstract function getUserAttributes($user, $attrNames);
 
+	/**
+	 * @param string $spEntityId entity id of the sp
+	 * @param int $userId
+	 * @return sspmod_perun_model_Group[] from vo which are assigned to all facilities with spEntityId for this userId
+	 */
+	public abstract function isUserOnFacility($spEntityId, $userId);
 
 	/**
 	 * @param sspmod_perun_model_HasId[] $entities

lib/AdapterLdap.php

@@ -71,14 +71,13 @@ public function getSpGroups($spEntityId, $vo)
 	{
 		$resources = sspmod_perun_LdapConnector::searchForEntities("dc=perun,dc=cesnet,dc=cz",
 			"(&(objectClass=perunResource)(entityID=$spEntityId))",
-			array("perunResourceId", "assignedGroupId")
+			array("perunResourceId", "assignedGroupId", "perunVoId")
 		);
-		$voId = $vo->getId();
 
 		$groups = array();
 		foreach ($resources as $resource) {
 			foreach ($resource['assignedGroupId'] as $groupId) {
-				$group = sspmod_perun_LdapConnector::searchForEntity("perunGroupId=$groupId,perunVoId=$voId,dc=perun,dc=cesnet,dc=cz",
+				$group = sspmod_perun_LdapConnector::searchForEntity("perunGroupId=$groupId,perunVoId=" . $resource['perunVoId'][0] . ",dc=perun,dc=cesnet,dc=cz",
 					"(objectClass=perunGroup)",
 					array("perunGroupId", "cn", "perunUniqueGroupName", "perunVoId", "description")
 				);
@@ -132,4 +131,37 @@ public function getUserAttributes($user, $attrNames)
 		return $attributes;
 	}
 
+
+	public function isUserOnFacility($spEntityId, $userId)
+	{
+		$resources = sspmod_perun_LdapConnector::searchForEntities("dc=perun,dc=cesnet,dc=cz",
+			"(&(objectClass=perunResource)(entityID=$spEntityId))",
+			array("perunResourceId")
+		);
+		SimpleSAML_Logger::debug("Resources - ".var_export($resources, true));
+
+		if (is_null($resources)) {
+			throw new SimpleSAML_Error_Exception("Service with spEntityId: ". $spEntityId ." hasn't assigned any resource.");
+		}
+		$resourcesString = "(|";
+		foreach ($resources as $resource){
+			$resourcesString .= "(assignedToResourceId=".$resource['perunResourceId'][0].")";
+		}
+		$resourcesString .= ")";
+
+		$resultGroups = array();
+		$groups = sspmod_perun_LdapConnector::searchForEntities("dc=perun,dc=cesnet,dc=cz",
+			"(&(uniqueMember=perunUserId=".$userId.",ou=People,dc=perun,dc=cesnet,dc=cz)".$resourcesString.")",
+			array("perunGroupId", "cn", "perunUniqueGroupName", "perunVoId", "description")
+		);
+
+		foreach ($groups as $group) {
+			array_push($resultGroups, new sspmod_perun_model_Group($group['perunGroupId'][0], $group['perunUniqueGroupName'][0], $group['description'][0]));
+
+		}
+		$resultGroups = $this->removeDuplicateEntities($resultGroups);
+		SimpleSAML_Logger::debug("Groups - ".var_export($resultGroups, true));
+		return $resultGroups;
+	}
+
 }

lib/AdapterRpc.php

@@ -152,4 +152,9 @@ public function getUserAttributes($user, $attrNames)
 	}
 
 
+	public  function isUserOnFacility($spEntityId, $userId)
+	{
+		throw new BadMethodCallException("NotImplementedException");
+	}
+
 }

lib/Auth/Process/PerunIdentity.php

@@ -19,6 +19,7 @@
  *
  * @author Ondrej Velisek <[email protected]>
  * @author Michal Prochazka <[email protected]>
+ * @author Pavel Vyskocil <[email protected]>
  */
 class sspmod_perun_Auth_Process_PerunIdentity extends SimpleSAML_Auth_ProcessingFilter
 {
@@ -143,13 +144,7 @@ public function process(&$request)
 			$this->register($request, $this->registerUrl, $this->callbackParamName, $vo, $spGroups, $this->interface);
 		}
 
-
-		$memberGroups = $this->adapter->getMemberGroups($user, $vo);
-
-		SimpleSAML_Logger::debug('member groups: '.var_export($memberGroups, true));
-		SimpleSAML_Logger::debug('sp groups: '.var_export($spGroups, true));
-
-		$groups = $this->intersectById($spGroups, $memberGroups);
+		$groups = $this->adapter->isUserOnFacility($spEntityId,$user->getId());
 
 		if (empty($groups)) {
 			SimpleSAML_Logger::warning('Perun user with identity/ies: '. implode(',', $uids) .' is not member of any assigned group for resource (' . $spEntityId . ')');
@@ -253,40 +248,6 @@ protected function registerChooseGroup($registerUrl, $callbackParamName, $callba
 
 	}
 
-
-
-
-	/**
-	 * @param sspmod_perun_model_HasId[] $spGroups
-	 * @param sspmod_perun_model_HasId[] $memberGroups
-	 * @return sspmod_perun_model_HasId[]
-	 */
-	private function intersectById($spGroups, $memberGroups)
-	{
-		$intersection = array();
-		foreach ($spGroups as $spGroup) {
-			if ($this->containsId($memberGroups, $spGroup->getId())) {
-				array_push($intersection, $spGroup);
-			}
-		}
-		return $intersection;
-	}
-
-	/**
-	 * @param sspmod_perun_model_HasId[] $entities
-	 * @param int $value
-	 * @return bool
-	 */
-	private function containsId($entities, $value)
-	{
-		foreach ($entities as $entity) {
-			if ($entity->getId() === $value) {
-				return true;
-			}
-		}
-		return false;
-	}
-
 	/**
 	 * Returns true, if entities contains VO members group
 	 *