Merge pull request #2578 from zlamalp/eduteams

zlamalp · web-flow · commit bc66c03697b8 · 2020-02-21T12:50:20.000+01:00
Added support for user virt attributes eIDASPersonIdentifiers and europeanStudentIDs
diff --git a/perun-base/src/main/java/cz/metacentrum/perun/core/api/CoreConfig.java b/perun-base/src/main/java/cz/metacentrum/perun/core/api/CoreConfig.java
@@ -502,6 +502,14 @@ private void createAttributeDefinitions(String extSourceType, List<String> attrN
 					attr.setDescription("Assurance about user as defined at: https://wiki.refeds.org/display/ASS/REFEDS+Assurance+Framework+ver+1.0");
 					attr.setType(BeansUtils.largeStringClassName);
 					break;
+				case "europeanStudentID":
+					attr.setDisplayName("European Student ID");
+					attr.setDescription("European Student ID");
+					break;
+				case "eIDASPersonIdentifier":
+					attr.setDisplayName("eIDAS Person Identifier");
+					attr.setDescription("eIDAS Person Identifier");
+					break;
 				case "dn":
 					attr.setDisplayName("certificate DN");
 					attr.setDescription("Distinguished Name from X509 digital certificate");
diff --git a/perun-base/src/main/resources/perun-base.xml b/perun-base/src/main/resources/perun-base.xml
@@ -116,7 +116,7 @@
 				<prop key="perun.DBInitializatorEnabled">false</prop>
 				<prop key="perun.userExtSources.persistent">PERUN,[\w\d]*</prop>
 				<prop key="perun.proxyIdPs"/>
-				<prop key="perun.attributesForUpdate.idp">mail,cn,sn,givenName,o,ou,eppn,affiliation,displayName,uid,epuid,schacHomeOrganization,voPersonExternalAffiliation,alternativeLoginName,isCesnetEligibleLastSeen,IdPOrganizationName,sourceIdPName,entitlement,assurance,eduPersonOrcid,organizationURL</prop>
+				<prop key="perun.attributesForUpdate.idp">mail,cn,sn,givenName,o,ou,eppn,affiliation,displayName,uid,epuid,schacHomeOrganization,voPersonExternalAffiliation,alternativeLoginName,isCesnetEligibleLastSeen,IdPOrganizationName,sourceIdPName,entitlement,assurance,eduPersonOrcid,organizationURL,eIDASPersonIdentifier,europeanStudentID</prop>
 				<prop key="perun.attributesForUpdate.x509">mail,cn,o,dn,cadn,certificate</prop>
 				<prop key="perun.instanceId">AOJ26J3D9DCK3OA7</prop>
 				<prop key="perun.instanceName">LOCAL</prop>
diff --git a/perun-core/src/main/java/cz/metacentrum/perun/core/impl/modules/attributes/urn_perun_user_attribute_def_virt_eIDASPersonIdentifiers.java b/perun-core/src/main/java/cz/metacentrum/perun/core/impl/modules/attributes/urn_perun_user_attribute_def_virt_eIDASPersonIdentifiers.java
@@ -0,0 +1,35 @@
+package cz.metacentrum.perun.core.impl.modules.attributes;
+
+import cz.metacentrum.perun.core.implApi.modules.attributes.SkipValueCheckDuringDependencyCheck;
+import cz.metacentrum.perun.core.implApi.modules.attributes.UserVirtualAttributeCollectedFromUserExtSource;
+
+/**
+ * All eIDASPersonIdentifiers collected from UserExtSources attributes eIDASPersonIdentifier.
+ *
+ * @author Pavel Zlamal <zlamal@cesnet.cz>
+ */
+@SuppressWarnings("unused")
+@SkipValueCheckDuringDependencyCheck
+public class urn_perun_user_attribute_def_virt_eIDASPersonIdentifiers extends UserVirtualAttributeCollectedFromUserExtSource {
+
+	@Override
+	public String getSourceAttributeFriendlyName() {
+		return "eIDASPersonIdentifier";
+	}
+
+	@Override
+	public String getDestinationAttributeFriendlyName() {
+		return "eIDASPersonIdentifiers";
+	}
+
+	@Override
+	public String getDestinationAttributeDisplayName() {
+		return "eIDASPersonIdentifiers";
+	}
+
+	@Override
+	public String getDestinationAttributeDescription() {
+		return "All eIDAS Person Identifiers of a user.";
+	}
+
+}
diff --git a/perun-core/src/main/java/cz/metacentrum/perun/core/impl/modules/attributes/urn_perun_user_attribute_def_virt_europeanStudentIDs.java b/perun-core/src/main/java/cz/metacentrum/perun/core/impl/modules/attributes/urn_perun_user_attribute_def_virt_europeanStudentIDs.java
@@ -0,0 +1,35 @@
+package cz.metacentrum.perun.core.impl.modules.attributes;
+
+import cz.metacentrum.perun.core.implApi.modules.attributes.SkipValueCheckDuringDependencyCheck;
+import cz.metacentrum.perun.core.implApi.modules.attributes.UserVirtualAttributeCollectedFromUserExtSource;
+
+/**
+ * All europeanStudentIDs collected from UserExtSources attributes europeanStudentID.
+ *
+ * @author Pavel Zlamal <zlamal@cesnet.cz>
+ */
+@SuppressWarnings("unused")
+@SkipValueCheckDuringDependencyCheck
+public class urn_perun_user_attribute_def_virt_europeanStudentIDs extends UserVirtualAttributeCollectedFromUserExtSource {
+
+	@Override
+	public String getSourceAttributeFriendlyName() {
+		return "europeanStudentID";
+	}
+
+	@Override
+	public String getDestinationAttributeFriendlyName() {
+		return "europeanStudentIDs";
+	}
+
+	@Override
+	public String getDestinationAttributeDisplayName() {
+		return "europeanStudentIDs";
+	}
+
+	@Override
+	public String getDestinationAttributeDescription() {
+		return "All european student IDs of a user.";
+	}
+
+}
diff --git a/perun-ldapc/src/main/resources/perun-ldapc.xml b/perun-ldapc/src/main/resources/perun-ldapc.xml
@@ -806,6 +806,26 @@ http://www.springframework.org/schema/aop http://www.springframework.org/schema/
 						</bean>
 					</property>
 				</bean>
+				<bean class="cz.metacentrum.perun.ldapc.model.impl.PerunAttributeDesc">
+					<property name="name" value="europeanStudentID"/>
+					<property name="required" value="false"/>
+					<property name="multipleValuesExtractor">
+						<bean class="cz.metacentrum.perun.ldapc.model.impl.MultipleAttributeValueExtractor">
+							<property name="namespace" value="urn:perun:user:attribute-def:virt"/>
+							<property name="name" value="europeanStudentIDs"/>
+						</bean>
+					</property>
+				</bean>
+				<bean class="cz.metacentrum.perun.ldapc.model.impl.PerunAttributeDesc">
+					<property name="name" value="eIDASPersonIdentifier"/>
+					<property name="required" value="false"/>
+					<property name="multipleValuesExtractor">
+						<bean class="cz.metacentrum.perun.ldapc.model.impl.MultipleAttributeValueExtractor">
+							<property name="namespace" value="urn:perun:user:attribute-def:virt"/>
+							<property name="name" value="eIDASPersonIdentifiers"/>
+						</bean>
+					</property>
+				</bean>
 			</list>
 		</property>
 		<property name="attributeDescriptionsExt" ref="perunUserAttributesExt"/>
diff --git a/perun-utils/ldapc-scripts/schemas/perun-schema.ldif b/perun-utils/ldapc-scripts/schemas/perun-schema.ldif
@@ -44,9 +44,11 @@ olcAttributeTypes: {39}( 1.3.6.1.4.1.8057.2.80.45 NAME 'adminOfVo' DESC 'The id
 olcAttributeTypes: {40}( 1.3.6.1.4.1.8057.2.80.46 NAME 'adminOfGroup' DESC 'The id of Group this user or group is administrator of' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
 olcAttributeTypes: {41}( 1.3.6.1.4.1.8057.2.80.47 NAME 'adminOfFacility' DESC 'The id of Facility this user or group is administrator of' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
 olcAttributeTypes: {42}( 1.3.6.1.4.1.8057.2.80.48 NAME 'eduPersonEntitlement' DESC 'A URI (either URN or URL) that indicates a set of rights to specific resources' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+olcAttributeTypes: {43}( 1.3.6.1.4.1.8057.2.80.49 NAME 'europeanStudentID' DESC 'European Student IDs of user' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+olcAttributeTypes: {44}( 1.3.6.1.4.1.8057.2.80.50 NAME 'eIDASPersonIdentifier' DESC 'eIDAS Person Identifiers of user' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
 -
 replace: olcObjectClasses
-olcObjectClasses: {0}( 1.3.6.1.4.1.8057.2.80.4 NAME 'perunUser' DESC 'User managed by Perun' SUP inetOrgPerson STRUCTURAL MUST ( perunUserId $ isServiceUser  $ isSponsoredUser ) MAY ( preferredMail $ userCertificateSubject $ uidNumber $ login $ eduPersonPrincipalNames $ userPassword $ memberOfPerunVo $ libraryIDs $ schacHomeOrganizations $ eduPersonScopedAffiliations $ bonaFideStatus $ groupNames $ institutionsCountries $ isCesnetEligible $ loa $ internalUserIdentifiers $ eduPersonOrcid $ loaFenix $ adminOfVo $ adminOfGroup $ adminOfFacility $ eduPersonEntitlement ) )
+olcObjectClasses: {0}( 1.3.6.1.4.1.8057.2.80.4 NAME 'perunUser' DESC 'User managed by Perun' SUP inetOrgPerson STRUCTURAL MUST ( perunUserId $ isServiceUser  $ isSponsoredUser ) MAY ( preferredMail $ userCertificateSubject $ uidNumber $ login $ eduPersonPrincipalNames $ userPassword $ memberOfPerunVo $ libraryIDs $ schacHomeOrganizations $ eduPersonScopedAffiliations $ bonaFideStatus $ groupNames $ institutionsCountries $ isCesnetEligible $ loa $ internalUserIdentifiers $ eduPersonOrcid $ loaFenix $ adminOfVo $ adminOfGroup $ adminOfFacility $ eduPersonEntitlement $ europeanStudentID $ eIDASPersonIdentifier ) )
 olcObjectClasses: {1}( 1.3.6.1.4.1.8057.2.80.5 NAME 'perunGroup' DESC 'Group managed by Perun' SUP top  STRUCTURAL MUST ( cn $ perunGroupId $ perunVoId $ perunUniqueGroupName ) MAY ( uniqueMember $ businessCategory $ seeAlso $ owner $ ou $ o $ description $ perunParentGroup $ perunParentGroupId $ assignedToResourceId $ adminOfVo $ adminOfGroup $ adminOfFacility) )
 olcObjectClasses: {2}( 1.3.6.1.4.1.8057.2.80.15 NAME 'perunResource' DESC 'Resource managed by Perun' SUP top STRUCTURAL MUST ( cn $  perunResourceId $ perunVoId $ perunFacilityId ) MAY (uniqueMember $ businessCategory $ seeAlso $ owner $ ou $ o $ description $ assignedGroupId $ perunFacilityDn $ capabilities ))
 olcObjectClasses: {3}( 1.3.6.1.4.1.8057.2.80.6 NAME 'perunVO' DESC 'VO managed by Perun' SUP organization STRUCTURAL MUST perunVoId MAY uniqueMember )
