Skip to content

Commit

Permalink
Merge branch 'develop' of github.internet2.edu:COmanage/registry into…
Browse files Browse the repository at this point in the history 
… develop
  • Loading branch information
Benn Oshrin committed Dec 6, 2023
2 parents 7193caa + cf66ab5 commit 8b63c59
Show file tree
Hide file tree
Showing 2 changed files with 160 additions and 11 deletions.
2 changes: 1 addition & 1 deletion app/resources/locales/en_US/field.po
View file
Original file line number Diff line number Diff line change
Expand Up @@ -385,7 +385,7 @@ msgid "Groups.nesting_mode_all"
msgstr "Require All for Nested Memberships"

msgid "Groups.nesting_mode_all.desc"
msgstr "For membership in this Group via Nested Groups, require membership in <i>all</i> Nested (Source) Groups to be a member of this Group (instead of <i>any</i>)"
msgstr "When enabled, a Person must be found in ALL nested groups to be included as a member. When disabled, a Person found in ANY nested group will be included. Also note that nested groups marked for "negation" (to exclude members) take priority over nested groups used for inclusion."

msgid "Groups.open"
msgstr "Open"
Expand Down
169 changes: 159 additions & 10 deletions container/registry/base/comanage_utils.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,10 +94,10 @@ function comanage_utils::consume_injected_environment() {
COMANAGE_REGISTRY_ADMIN_USERNAME
COMANAGE_REGISTRY_CRON_USER
COMANAGE_REGISTRY_CRONTAB
COMANAGE_REGISTRY_DATASOURCE
COMANAGE_REGISTRY_DATABASE
COMANAGE_REGISTRY_DATABASE_HOST
COMANAGE_REGISTRY_DATABASE_PORT
COMANAGE_REGISTRY_DATABASE_SCHEMA
COMANAGE_REGISTRY_DATABASE_USER
COMANAGE_REGISTRY_DATABASE_USER_PASSWORD
COMANAGE_REGISTRY_EMAIL_FROM
Expand Down Expand Up @@ -131,6 +131,15 @@ function comanage_utils::consume_injected_environment() {
COMANAGE_REGISTRY_REMOTE_IP_PROXY_PROTOCOL_EXCEPTIONS
COMANAGE_REGISTRY_REMOTE_IP_TRUSTED_PROXY
COMANAGE_REGISTRY_REMOTE_IP_TRUSTED_PROXY_LIST
COMANAGE_REGISTRY_TRANSMOGRIFY
COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE
COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_HOST
COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_PORT
COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SCHEMA
COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_USER
COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_USER_PASSWORD
COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_COPY
COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_TYPES
COMANAGE_REGISTRY_SECURITY_SALT
COMANAGE_REGISTRY_PHP_SESSION_REDIS_URL
COMANAGE_REGISTRY_SKIP_SETUP
Expand All @@ -147,9 +156,9 @@ function comanage_utils::consume_injected_environment() {

# If the file associated with a configuration variable is present then
# read the value from it into the appropriate variable. So for example
# if the variable COMANAGE_REGISTRY_DATASOURCE_FILE exists and its
# if the variable COMANAGE_REGISTRY_DATABASE_USER_PASSWORD_FILE exists and its
# value points to a file on the file system then read the contents
# of that file into the variable COMANAGE_REGISTRY_DATASOURCE.
# of that file into the variable COMANAGE_REGISTRY_DATABASE_USER_PASSWORD.

local config_var
for config_var in "${injectable_config_vars[@]}"
Expand Down Expand Up @@ -322,9 +331,16 @@ function comanage_utils::exec_cron() {
# COMANAGE_REGISTRY_DATABASE
# COMANAGE_REGISTRY_DATABASE_HOST
# COMANAGE_REGISTRY_DATABASE_PORT
# COMANAGE_REGISTRY_DATABASE_SCHEMA
# COMANAGE_REGISTRY_DATABASE_USER
# COMANAGE_REGISTRY_DATABASE_USER_PASSWORD
# COMANAGE_REGISTRY_DATASOURCE
# COMANAGE_REGISTRY_TRANSMOGRIFY
# COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE
# COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_HOST
# COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_PORT
# COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SCHEMA
# COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_USER
# COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_USER_PASSWORD
# COMANAGE_REGISTRY_DIR
# OUTPUT
# Arguments:
Expand Down Expand Up @@ -429,7 +445,96 @@ EOF
php_string+=$'\n '
php_string+="'cacheMetadata' => ${COMANAGE_REGISTRY_DATABASE_CACHE_METADATA:-true},"
php_string+=$'\n ]\n ]\n];\n';
# Close the default datasource.
php_string+=$'\n ]'
# Add a configuration for the database to be transmogrified (the source).
if [[ -n "${COMANAGE_REGISTRY_TRANSMOGRIFY}" ]]; then
php_string+=$','
php_string+=$'\n '
php_string+=$"'transmogrify' => ["
php_string+=$'\n '
php_string+=$"'className' => 'Cake\Database\Connection',"
php_string+=$'\n '
php_string+="'driver' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_DRIVER:-Cake\Database\Driver\Postgres}',"
php_string+=$'\n '
php_string+="'persistent' => ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_PERSISTENT:-false},"
php_string+=$'\n '
php_string+="'host' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_HOST:-registry-database}',"
php_string+=$'\n '
php_string+="'username' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_USER:-registry_user}',"
php_string+=$'\n '
php_string+="'password' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_USER_PASSWORD:-password}',"
php_string+=$'\n '
php_string+="'database' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE:-registry}',"
# The value of port is an integer.
if [[ -n "${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_PORT}" ]]; then
php_string+=$'\n '
php_string+="'port' => ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_PORT},"
fi
php_string+=$'\n '
php_string+="'encoding' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_ENCODING:-utf8}',"
php_string+=$'\n '
php_string+="'timezone' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_ENCODING:-UTC}',"
# Only used when the database driver is Postgres.
if [[ ((${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_DRIVER} == 'Cake\Database\Driver\Postgres') ||
-z ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_DRIVER}) &&
-n ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SCHEMA} ]]; then
php_string+=$'\n '
php_string+="'schema' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SCHEMA}',"
fi
if [[ -n ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_UNIX_SOCKET} ]]; then
php_string+=$'\n '
php_string+="'unix_socket' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_UNIX_SOCKET}',"
fi
# Only used when the database driver is MySQL.
if [[ (${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_DRIVER} == 'Cake\Database\Driver\Mysql') &&
-n ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SSL_KEY} ]]; then
php_string+=$'\n '
php_string+="'ssl_key' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SSL_KEY}',"
fi
# Only used when the database driver is MySQL.
if [[ (${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_DRIVER} == 'Cake\Database\Driver\Mysql') &&
-n ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SSL_CERT} ]]; then
php_string+=$'\n '
php_string+="'ssl_cert' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SSL_CERT}',"
fi
# Only used when the database driver is MySQL.
if [[ (${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_DRIVER} == 'Cake\Database\Driver\Mysql') &&
-n ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SSL_CA} ]]; then
php_string+=$'\n '
php_string+="'ssl_ca' => '${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_SSL_CA}',"
fi
php_string+=$'\n '
php_string+="'log' => ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_LOG:-false},"
php_string+=$'\n '
php_string+="'quoteIdentifiers' => ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_QUOTE_IDENTIFIERS:-false},"
php_string+=$'\n '
php_string+="'cacheMetadata' => ${COMANAGE_REGISTRY_TRANSMOGRIFY_DATABASE_CACHE_METADATA:-true},"
# Close the transmogrify datasource.
php_string+=$'\n ]'
fi
# Close Datasource and the top-level array.
php_string+=$'\n ]\n];\n';
printf "%s" "$php_string" > $database_config
Expand Down Expand Up @@ -878,9 +983,9 @@ function comanage_utils::registry_clear_cache() {
# COMANAGE_REGISTRY_ADMIN_FAMILY_NAME
# COMANAGE_REGISTRY_ADMIN_USERNAME
# COMANAGE_REGISTRY_DIR
# COMANAGE_REGISTRY_ENABLE_POOLING
# COMANAGE_REGISTRY_SECURITY_SALT
# COMANAGE_REGISTRY_SKIP_SETUP
# COMANAGE_REGISTRY_TRANSMOGRIFY
# OUTPUT
# Arguments:
# None
Expand All @@ -904,10 +1009,15 @@ function comanage_utils::registry_setup() {
export SECURITY_SALT="${COMANAGE_REGISTRY_SECURITY_SALT}"
fi
echo "Running ./bin/cake setup..." > "$OUTPUT" 2>&1
./bin/cake setup --admin-given-name "${COMANAGE_REGISTRY_ADMIN_GIVEN_NAME}" \
--admin-family-name "${COMANAGE_REGISTRY_ADMIN_FAMILY_NAME}" \
--admin-username "${COMANAGE_REGISTRY_ADMIN_USERNAME}" > "$OUTPUT" 2>&1
# We either transmogrify or setup.
if [[ -n "${COMANAGE_REGISTRY_TRANSMOGRIFY}" ]]; then
comanage_utils::transmogrify
else
echo "Running ./bin/cake setup..." > "$OUTPUT" 2>&1
./bin/cake setup --admin-given-name "${COMANAGE_REGISTRY_ADMIN_GIVEN_NAME}" \
--admin-family-name "${COMANAGE_REGISTRY_ADMIN_FAMILY_NAME}" \
--admin-username "${COMANAGE_REGISTRY_ADMIN_USERNAME}" > "$OUTPUT" 2>&1
fi
popd > "$OUTPUT" 2>&1
}
Expand Down Expand Up @@ -952,6 +1062,45 @@ function comanage_utils::tmp_ownership() {
echo "Recursively set ownership of ${tmp_dir} to ${ownership}" > "$OUTPUT"
}
##########################################
# Run the transmogrify command
# Globals:
# COMANAGE_REGISTRY_DIR
# COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_COPY
# COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_TYPES
# Arguments:
# None
# Returns:
# None
##########################################
function comanage_utils::transmogrify() {
local transmogrify
local itypes
local itype
pushd "$COMANAGE_REGISTRY_DIR/app" > "$OUTPUT" 2>&1
transmogrify=(./bin/cake transmogrify -v)
if [[ -n "${COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_COPY}" ]]; then
transmogrify+=(--login-identifier-copy)
fi
if [[ -n "${COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_TYPES}" ]]; then
itypes=(`echo "$COMANAGE_REGISTRY_TRANSMOGRIFY_LOGIN_IDENTIFIER_TYPES" | sed -e 's@,@ @g'`) > "$OUTPUT" 2>&1
for itype in "${itypes[@]}";
do
transmogrify+=(--login-identifier-type $itype)
done
fi
echo "Running ${transmogrify[@]}" > "$OUTPUT" 2>&1
"${transmogrify[@]}" > "$OUTPUT" 2>&1
popd > "$OUTPUT" 2>&1
}
##########################################
# Write virtual host authentication stanza
# Globals:
Expand Down

0 comments on commit 8b63c59

Please sign in to comment.