Implement Resolution Notification Callback (CO-1808) and Matchgrid Hi…

…story Records (CO-1682)
COmanage · Sep 17, 2022 · 5ee3c58 · 5ee3c58
1 parent 771d463
commit 5ee3c58
Showing 30 changed files with 1,307 additions and 35 deletions.
diff --git a/app/config/schema/endpoint-notification.json b/app/config/schema/endpoint-notification.json
@@ -0,0 +1,50 @@
+{
+  "$schema": "https://json-schema.org/draft/2019-09/schema",
+  "$id": "https://github.internet2.edu/COmanage/match/blob/main/app/config/schema/endpoint-notification.json",
+  "title": "COmanage Match Endpoint Notification Message Format",
+  "description": "COmanage Match Endpoint Notification Message Format v1",
+
+  "type": "object",
+  "properties": {
+    "meta": {
+      "type": "object",
+      "properties": {
+        "source": {
+          "description": "Source of this notification",
+          "const": "COmanage Match"
+        },
+        "event": {
+          "description": "Event described in this notification",
+          "const": "match-resolution"
+        },
+        "format": {
+          "description": "Notification message format version",
+          "const": "1"
+        }
+      },
+      "required": [ "source", "event", "format" ]
+    },
+    "sor": {
+      "description": "System of Record Label for notification subject",
+      "type": "string"
+    },
+    "sorid": {
+      "description": "System of Record Identifier for notification subject",
+      "type": "string"
+    },
+    "matchRequest": {
+      "description": "Match Request ID, as generated on original Match Request",
+      "type": "string"
+    },
+    "referenceId": {
+      "description": "Match Reference Identifier",
+      "type": "string"
+    },
+    "resolutionTime": {
+      "description": "Time request was resolved by the Identity Match service",
+      "type": "string",
+      "format": "date-time"
+    }
+  },
+  "required": [ "sor", "sorid", "matchRequest", "referenceId", "resolutionTime" ]
+}
diff --git a/app/config/schema/schema.json b/app/config/schema/schema.json
@@ -48,18 +48,39 @@
       "changelog": false
     },
 
+    "endpoints": {
+      "columns": {
+        "id": {},
+        "matchgrid_id": {},
+        "description": {},
+        "url": { "type": "string", "size": 256 },
+        "username": { "type": "string", "size": 128 },
+        "password": { "type": "string", "size": 256 }
+      },
+      "indexes": {
+        "endpoints_i1": {
+          "columns": [ "matchgrid_id" ]
+        }
+      },
+      "changelog": false
+    },
+
     "matchgrid_settings": {
       "columns": {
         "id": {},
         "matchgrid_id": {},
         "referenceid_method": { "type": "string", "size": 2 },
         "referenceid_start": { "type": "integer" },
         "referenceid_prefix": { "type": "string", "size": 32 },
-        "notification_email": { "type": "string", "size": 80 }
+        "notification_email": { "type": "string", "size": 80 },
+        "resolution_notification_endpoint_id": { "type": "integer", "foreignkey": { "table": "endpoints", "column": "id" } }
       },
       "indexes": {
         "matchgrid_settings_i1": {
           "columns": [ "matchgrid_id" ]
+        },
+        "matchgrid_settings_i2": {
+          "columns": [ "resolution_notification_endpoint_id" ]
         }
       },
       "changelog": false
@@ -208,7 +229,7 @@
       "columns": {
         "id": {},
         "matchgrid_id": {},
-        "label": { "type": "string", "size": 80 },
+        "label": { "type": "string", "size": 64 },
         "resolution_mode": { "type": "string", "size": 2 },
         "notification_email": { "type": "string", "size": 80 }
       },
@@ -241,6 +262,25 @@
         }
       },
       "changelog": false
+    },
+
+    "matchgrid_history_records": {
+      "columns": {
+        "id": {},
+        "matchgrid_id": {},
+        "sor": { "type": "string", "size": 64 },
+        "sorid": { "type": "string", "size": 64 },
+        "action": { "type": "string", "size": 4 },
+        "comment": { "type": "string", "size": 256 },
+        "remote_ip": { "type": "string", "size": 80 },
+        "actor_identifier": { "type": "string", "size": 256 }
+      },
+      "indexes": {
+        "matchgrid_history_records_i1": {
+          "columns": [ "matchgrid_id", "sor_label", "sorid" ]
+        }
+      },
+      "changelog": false
     }
   },
 

diff --git a/app/resources/locales/en_US/default.po b/app/resources/locales/en_US/default.po
@@ -117,12 +117,18 @@ msgstr "{0,plural,=1{Attribute Map} other{Attribute Maps}}"
 msgid "match.ct.Attributes"
 msgstr "{0,plural,=1{Attribute} other{Attributes}}"
 
+msgid "match.ct.Endpoints"
+msgstr "{0,plural,=1{Endpoint} other{Endpoints}}"
+
 msgid "match.ct.MatchgridSettings"
 msgstr "{0,plural,=1{Matchgrid Settings} other{Matchgrid Settings}}"
 
 msgid "match.ct.Matchgrids"
 msgstr "{0,plural,=1{Matchgrid} other{Matchgrids}}"
 
+msgid "match.ct.MatchgridHistoryRecords"
+msgstr "{0,plural,=1{Matchgrid History Record} other{Matchgrid History Records}}"
+
 msgid "match.ct.MatchgridRecords"
 msgstr "{0,plural,=1{Matchgrid Record} other{Matchgrid Records}}"
 
@@ -155,6 +161,39 @@ msgstr "Suspended"
 msgid "match.en.ConfidenceModeEnum.S.badge"
 msgstr "Danger"
 
+msgid "match.en.MatchgridActionEnum.FRRA"
+msgstr "Forced Reconciliation Request (API)"
+
+msgid "match.en.MatchgridActionEnum.FRRU"
+msgstr "Forced Reconciliation Request (UI)"
+
+msgid "match.en.MatchgridActionEnum.NEWA"
+msgstr "New Match Request (API, response: {0})"
+
+msgid "match.en.MatchgridActionEnum.NEWU"
+msgstr "New Match Request (UI)"
+
+msgid "match.en.MatchgridActionEnum.REDU"
+msgstr "Reprocess Reconciliation Request (UI, previous Reference ID: {0})"
+
+msgid "match.en.MatchgridActionEnum.REPN"
+msgstr "Endpoint Notified of Resolution (response: {0} {1})"
+
+msgid "match.en.MatchgridActionEnum.RIRA"
+msgstr "Reference ID Reassignment Request (API, from Reference ID {0})"
+
+msgid "match.en.MatchgridActionEnum.RIRU"
+msgstr "Reference ID Reassignment Request (UI, from Reference ID {0})"
+
+msgid "match.en.MatchgridActionEnum.RPMU"
+msgstr "Administrator Resolved Pending Match Request"
+
+msgid "match.en.MatchgridActionEnum.UPDA"
+msgstr "Update Match Request (API)"
+
+msgid "match.en.MatchgridActionEnum.UPDU"
+msgstr "Update Match Request (UI)"
+
 msgid "match.en.PermissionEnum.A"
 msgstr "Platform Administrator"
 
@@ -336,6 +375,9 @@ msgstr "Requested Reference ID must already be in use, or be the keyword 'new'"
 msgid "match.fd.action"
 msgstr "Action"
 
+msgid "match.fd.actor_identifier"
+msgstr "Actor Identifier"
+
 msgid "match.fd.all"
 msgstr "All"
 
@@ -369,12 +411,18 @@ msgstr "Crosscheck Attribute"
 msgid "match.fd.case_sensitive"
 msgstr "Case Sensitive"
 
+msgid "match.fd.comment"
+msgstr "Comment"
+
 msgid "match.fd.confidence_mode"
 msgstr "Confidence Mode"
 
 msgid "match.fd.copy_of"
 msgstr "Copy of {0}"
 
+msgid "match.fd.created"
+msgstr "Created"
+
 msgid "match.fd.description"
 msgstr "Description"
 
@@ -441,6 +489,9 @@ msgstr "Reference ID Initial Value"
 msgid "match.fd.referenceid_start.desc"
 msgstr "For sequence based Reference IDs, the first value to assign"
 
+msgid "match.fd.remote_ip"
+msgstr "Remote IP"
+
 msgid "match.fd.req"
 msgstr "* Denotes Required Field"
 
@@ -453,6 +504,12 @@ msgstr "Required"
 msgid "match.fd.resolution_mode"
 msgstr "Resolution Mode"
 
+msgid "match.fd.resolution_notification_endpoint"
+msgstr "Resolution Notification Endpoint"
+
+msgid "match.fd.resolution_time"
+msgstr "Resolution Time"
+
 msgid "match.fd.RuleAttributes.match_empty"
 msgstr "Match Empty Values"
 
@@ -498,6 +555,9 @@ msgstr "Table Name"
 msgid "match.fd.table_name.desc"
 msgstr "Unique name for matchgrid, must be a valid SQL identifier (will be prefixed mg_ for actual table name)"
 
+msgid "match.fd.url"
+msgstr "URL"
+
 msgid "match.fd.username"
 msgstr "Username"
 
@@ -511,6 +571,9 @@ msgstr "Welcome to {0}."
 msgid "match.in.matchgrid.display"
 msgstr "Display all records associated with this Matchgrid."
 
+msgid "match.in.matchgrid.history"
+msgstr "Display transactions (history records) associated with this Matchgrid."
+
 msgid "match.in.matchgrid.reconcile"
 msgstr "Resolve matching records when COmanage determines the same person may be coming from multiple systems of record."
 
@@ -569,6 +632,9 @@ msgstr "Are you sure you wish to delete this record ({0})?"
 msgid "match.op.display"
 msgstr "Display"
 
+msgid "match.op.display.history"
+msgstr "Display History"
+
 msgid "match.op.display.records"
 msgstr "Display Records"
 
@@ -653,6 +719,12 @@ msgstr "Matchgrid Selection"
 msgid "match.op.skip_to_content"
 msgstr "Skip to main content"
 
+msgid "match.op.view"
+msgstr "View"
+
+msgid "match.op.view.a"
+msgstr "View {0}"
+
 ### Results
 msgid "match.rs.AttributeMappings.install"
 msgstr "Attribute Mapping successfully installed"

diff --git a/app/src/Controller/Component/AuthorizationComponent.php b/app/src/Controller/Component/AuthorizationComponent.php
@@ -188,6 +188,7 @@ public function menuPermissions($username, $matchgridId=null) {
       'attribute_maps'     => $platformAdmin || $mgAdmin,
       'attributes'         => $platformAdmin || $mgAdmin,
       'display'            => $platformAdmin || $mgAdmin, // || $recMgr, this isn't yet implemented in the controller
+      'endpoints'          => $platformAdmin || $mgAdmin,
       'matchgrid_settings' => $platformAdmin || $mgAdmin,
       'rules'              => $platformAdmin || $mgAdmin,
       'systems_of_record'  => $platformAdmin || $mgAdmin,

diff --git a/app/src/Controller/EndpointsController.php b/app/src/Controller/EndpointsController.php
@@ -0,0 +1,66 @@
+<?php
+/**
+ * COmanage Match Endpoints Controller
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          https://www.internet2.edu/comanage COmanage Project
+ * @package       match
+ * @since         COmanage Match v1.1.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
+declare(strict_types = 1);
+
+namespace App\Controller;
+
+class EndpointsController extends StandardController {
+  public $pagination = [
+    'order' => [
+      'Endpoints.serverurl' => 'asc'
+    ]
+  ];
+
+  /**
+   * Authorization for this Controller, called by Auth component
+   * - postcondition: $vv_permissions set with calculated permissions for this Controller
+   *
+   * @since  COmanage Match v1.1.0
+   * @param  Array   $user Array of user data
+   * @return Boolean True if authorized for the current action, false otherwise
+   */
+
+  public function isAuthorized(Array $user) {
+    $mgid = isset($this->cur_mg->id) ? $this->cur_mg->id : null;
+
+    $platformAdmin = $this->Authorization->isPlatformAdmin($user['username']);
+
+    $mgAdmin = $this->Authorization->isMatchAdmin($user['username'], $mgid);
+
+    $p = [
+      'add'       => $platformAdmin || $mgAdmin,
+      'delete'    => $platformAdmin || $mgAdmin,
+      'edit'      => $platformAdmin || $mgAdmin,
+      'index'     => $platformAdmin || $mgAdmin,
+      'view'      => false
+    ];
+
+    $this->set('vv_permissions', $p);
+    return $p[$this->request->getParam('action')];
+  }
+}