Fix incomplete commit 4ab5779

NOTICE

@@ -1,7 +1,8 @@
 COmanage Registry
 
-Copyright (C) 2010-2024
+Copyright (C) 2010-2025
 University Corporation for Advanced Internet Development, Inc.
+SCG Collaboration Group
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this software except in compliance with the License.

app/composer.json

@@ -35,6 +35,7 @@
             "CoreAssigner\\": "plugins/CoreAssigner/src/",
             "CoreEnroller\\": "plugins/CoreEnroller/src/",
             "CoreServer\\": "plugins/CoreServer/src/",
+            "EnvSource\\": "plugins/EnvSource/src/",
             "FileConnector\\": "availableplugins/FileConnector/src/",
             "PipelineToolkit\\": "availableplugins/PipelineToolkit/src/",
             "SqlConnector\\": "availableplugins/SqlConnector/src/",
@@ -49,6 +50,7 @@
             "CoreAssigner\\Test\\": "plugins/CoreAssigner/tests/",
             "CoreEnroller\\Test\\": "plugins/CoreEnroller/tests/",
             "CoreServer\\Test\\": "plugins/CoreServer/tests/",
+            "EnvSource\\Test\\": "plugins/EnvSource/tests/",
             "FileConnector\\Test\\": "availableplugins/FileConnector/tests/",
             "PipelineToolkit\\Test\\": "availableplugins/PipelineToolkit/tests/",
             "SqlConnector\\Test\\": "availableplugins/SqlConnector/tests/",

app/config/schema/schema.json

@@ -39,6 +39,7 @@
       "server_id": { "type": "integer", "foreignkey": { "table": "servers", "column": "id" }, "notnull": true },
       "sor_label": { "type": "string", "size": 40 },
       "status": { "type": "string", "size": 2 },
+      "traffic_detour_id": { "type": "integer", "foreignkey": { "table": "traffic_detours", "column": "id" }, "notnull": true },
       "type_id": { "type": "integer", "foreignkey": { "table": "types", "column": "id" }, "notnull": true },
       "valid_from": { "type": "datetime" },
       "valid_through": { "type": "datetime" }
@@ -90,6 +91,7 @@
         "display_name": { "type": "string", "size": 64, "notnull": true },
         "value": { "type": "string", "size": 32, "notnull": true },
         "edupersonaffiliation": { "type": "string", "size": 32 },
+        "case_insensitive": { "type": "boolean", "XXX": "CFM-15" },
         "status": {}
       },
       "indexes": {
@@ -509,7 +511,7 @@
     "urls": {
       "columns": {
         "id": {},
-        "url": { "type": "string", "size": 256 },
+        "url": { "type": "url" },
         "description": {},
         "type_id": {}
       },
@@ -628,6 +630,7 @@
         "authz_cou_id": { "type": "integer", "foreignkey": { "table": "cous", "column": "id" }},
         "authz_group_id": { "type": "integer", "foreignkey": { "table": "groups", "column": "id" }},
         "collect_enrollee_email": { "type": "boolean" },
+        "redirect_on_duplicate": { "type": "string", "size": 256 },
         "redirect_on_finalize": { "type": "string", "size": 256 }
       },
       "indexes": {
@@ -712,6 +715,7 @@
         "verification_time": { "type": "datetime" },
         "request_expiration_time": { "type": "datetime" },
         "method": { "type": "string", "size": 2 },
+        "trusted_source": { "type": "string", "size": 128 },
         "email_address_id": { "type": "integer", "foreignkey": { "table": "email_addresses", "column": "id" } },
         "petition_id": {}
       },
@@ -806,7 +810,8 @@
         "sync_affiliation_type_id": { "type": "integer", "foreignkey": { "table": "types", "column": "id" } },
         "sync_cou_id": { "type": "integer", "foreignkey": { "table": "cous", "column": "id" } },
         "sync_replace_cou_id": { "type": "integer", "foreignkey": { "table": "cous", "column": "id" } },
-        "sync_identifier_type_id": { "type": "integer", "foreignkey": { "table": "types", "column": "id" } }
+        "sync_identifier_type_id": { "type": "integer", "foreignkey": { "table": "types", "column": "id" } },
+        "sync_verify_email_addresses": { "type": "boolean" }
       },
       "indexes": {
         "pipelines_i1": { "columns": [ "co_id" ] },
@@ -835,6 +840,9 @@
     },
 
     "external_identity_sources": {
+      "comments": [
+        "As a general rule, configurations that modify source data belong in the Pipeline"
+      ],
       "columns": {
         "id": {},
         "co_id": {},
@@ -884,6 +892,18 @@
         "application_states_i1": { "columns": [ "co_id" ] },
         "application_states_i2": { "columns": [ "person_id" ] }
       }
+    },
+
+    "traffic_detours": {
+      "columns": {
+        "id": {},
+        "description": {},
+        "plugin": {},
+        "status": {},
+        "ordr": {}
+      },
+      "indexes": {
+      }
     }
   },
 

app/plugins/CoreEnroller/resources/locales/en_US/core_enroller.po

@@ -28,9 +28,33 @@ msgstr "{0,plural,=1{Attribute Collector} other{Attribute Collectors}}"
 msgid "controller.BasicAttributeCollectors"
 msgstr "{0,plural,=1{Basic Attribute Collector} other{Basic Attribute Collectors}}"
 
+msgid "controller.EmailVerifiers"
+msgstr "{0,plural,=1{Email Verifier} other{Email Verifiers}}"
+
 msgid "controller.EnrollmentAttributes"
 msgstr "{0,plural,=1{Enrollment Attribute} other{Enrollment Attributes}}"
 
+msgid "controller.IdentifierCollectors"
+msgstr "{0,plural,=1{Identifier Collector} other{Identifier Collectors}}"
+
+msgid "controller.InvitationAccepters"
+msgstr "{0,plural,=1{Invitation Accepter} other{Invitation Accepters}}"
+
+msgid "controller.PetitionAcceptances"
+msgstr "{0,plural,=1{Petition Acceptance} other{Petition Acceptances}}"
+
+msgid "controller.PetitionAttributes"
+msgstr "{0,plural,=1{Petition Attribute} other{Petition Attributes}}"
+
+msgid "controller.PetitionBasicAttributeSets"
+msgstr "{0,plural,=1{Petition Basic Attribute Set} other{Petition Basic Attribute Sets}}"
+
+msgid "controller.PetitionIdentifiers"
+msgstr "{0,plural,=1{Petition Identifier} other{Petition Identifiers}}"
+
+msgid "controller.PetitionVerifications"
+msgstr "{0,plural,=1{Petition Verification} other{Petition Verifications}}"
+
 msgid "enumeration.VerificationModeEnum.0"
 msgstr "None"
 

app/plugins/CoreEnroller/src/Controller/EmailVerifiersController.php

@@ -94,7 +94,8 @@ public function dispatch(string $id) {
     $verifiedAddresses = [];
 
     foreach($candidateAddresses as $a => $v) {
-      if(!empty($v->verification->verification_time)) {
+      // true indicates verified by the plugin that collected the address
+      if($v === true || !empty($v->verification->verification_time)) {
         $verifiedAddresses[$a] = true;
       }
     }

app/plugins/CoreEnroller/src/Controller/IdentifierCollectorsController.php

@@ -111,6 +111,7 @@ public function willHandleAuth(\Cake\Event\EventInterface $event): string {
     if($action == 'dispatch') {
       // We need to perform special logic (vs StandardEnrollerController)
       // to ensure that web server authentication is triggered.
+      // (This logic is also used in EnvSourceCollectorsController.)
 
       // To start, we trigger the parent logic. This will return
       //  notauth: Some error occurred, we don't want to override this

app/plugins/CoreEnroller/src/Model/Entity/AttributeCollector.php

@@ -32,6 +32,8 @@
 use Cake\ORM\Entity;
 
 class AttributeCollector extends Entity {
+  use \App\Lib\Traits\EntityMetaTrait;
+
   /**
    * Fields that can be mass assigned using newEntity() or patchEntity().
    *

app/plugins/CoreEnroller/src/Model/Entity/BasicAttributeCollector.php

@@ -32,6 +32,8 @@
 use Cake\ORM\Entity;
 
 class BasicAttributeCollector extends Entity {
+  use \App\Lib\Traits\EntityMetaTrait;
+
   /**
    * Fields that can be mass assigned using newEntity() or patchEntity().
    *

app/plugins/CoreEnroller/src/Model/Entity/EmailVerifier.php

@@ -32,6 +32,8 @@
 use Cake\ORM\Entity;
 
 class EmailVerifier extends Entity {
+  use \App\Lib\Traits\EntityMetaTrait;
+
   /**
    * Fields that can be mass assigned using newEntity() or patchEntity().
    *

app/plugins/CoreEnroller/src/Model/Entity/IdentifierCollector.php

@@ -32,6 +32,8 @@
 use Cake\ORM\Entity;
 
 class IdentifierCollector extends Entity {
+  use \App\Lib\Traits\EntityMetaTrait;
+
   /**
    * Fields that can be mass assigned using newEntity() or patchEntity().
    *

app/plugins/CoreEnroller/src/Model/Entity/InvitationAccepter.php

@@ -32,6 +32,8 @@
 use Cake\ORM\Entity;
 
 class InvitationAccepter extends Entity {
+  use \App\Lib\Traits\EntityMetaTrait;
+
   /**
    * Fields that can be mass assigned using newEntity() or patchEntity().
    *

app/plugins/CoreEnroller/src/Model/Table/BasicAttributeCollectorsTable.php

@@ -134,14 +134,14 @@ public function initialize(array $config): void {
 
   /**
    * Perform steps necessary to hydrate the Person record as part of Petition finalization.
-   *
+   * 
+   * @since  COmanage Registry v5.1.0
    * @param  int      $id           Basic Attribute Collector ID
-   * @param  \App\Model\Entity\Petition $petition     Petition
+   * @param  Petition $petition     Petition
    * @return bool                   true on success
-   * @since  COmanage Registry v5.1.0
    */
 
-  public function finalize(int $id, \App\Model\Entity\Petition $petition) {
+  public function hydrate(int $id, \App\Model\Entity\Petition $petition) {
     $cfg = $this->get($id);
 
     // At this point there is a Person record allocated and stored in the Petition,
@@ -323,12 +323,12 @@ public function validationDefault(Validator $validator): Validator {
 
   /**
    * Obtain the set of Email Addresses known to this plugin that are eligible for
-   * verification.
+   * verification or that have already been verified.
    * 
    * @since  COmanage Registry v5.1.0
    * @param  EntityInterface  $config       Configuration entity for this plugin
    * @param  int              $petitionId   Petition ID
-   * @return array                          Array of Email Addrsses that are eligible for verification
+   * @return array                          Array of Email Addresses and verification status
    */
 
   public function verifiableEmailAddresses(
@@ -342,6 +342,6 @@ public function verifiableEmailAddresses(
                                             ])
                                             ->first();
 
-    return !empty($set->mail) ? [$set->mail] : [];
+    return !empty($set->mail) ? [$set->mail => false] : [];
   }
 }

app/plugins/CoreEnroller/src/Model/Table/EmailVerifiersTable.php

@@ -245,8 +245,12 @@ public function assembleVerifiableAddresses(
         $paddrs = $PluginTable->verifiableEmailAddresses($step->$pmodel, $petition->id);
 
         if(!empty($paddrs)) {
-          foreach($paddrs as $paddr) {
-            if(!array_key_exists($paddr, $ret)) {
+          foreach($paddrs as $paddr => $vstatus) {
+            if($vstatus) {
+              // The plugin asserts the address is verified, and is responsible for registering
+              // any Verifications
+              $ret[ $paddr ] = true;
+            } elseif(!array_key_exists($paddr, $ret)) {
               // Do we have a verification for this address?
               // This is basically copy/paste from above
               $verified = false;
@@ -281,14 +285,14 @@ public function assembleVerifiableAddresses(
 
   /**
    * Perform steps necessary to hydrate the Person record as part of Petition finalization.
-   *
+   * 
+   * @since  COmanage Registry v5.1.0
    * @param  int      $id           Invitation Accepter ID
-   * @param  \App\Model\Entity\Petition $petition     Petition
+   * @param  Petition $petition     Petition
    * @return bool                   true on success
-   * @since  COmanage Registry v5.1.0
    */
 
-  public function finalize(int $id, \App\Model\Entity\Petition $petition) {
+  public function hydrate(int $id, \App\Model\Entity\Petition $petition) {
     $cfg = $this->get($id);
 
     // At this point, the Steps that told us there are email addresses to verify

app/plugins/CoreEnroller/src/Model/Table/IdentifierCollectorsTable.php

@@ -120,14 +120,14 @@ public function initialize(array $config): void {
 
   /**
    * Perform steps necessary to hydrate the Person record as part of Petition finalization.
-   *
+   * 
+   * @since  COmanage Registry v5.1.0
    * @param  int      $id           Invitation Accepter ID
-   * @param  \App\Model\Entity\Petition $petition     Petition
+   * @param  Petition $petition     Petition
    * @return bool                   true on success
-   * @since  COmanage Registry v5.1.0
    */
 
-  public function finalize(int $id, \App\Model\Entity\Petition $petition) {
+  public function hydrate(int $id, \App\Model\Entity\Petition $petition) {
     $cfg = $this->get($id);
 
     // Pull the Identifier that was recorded

app/plugins/CoreEnroller/src/Model/Table/InvitationAcceptersTable.php

@@ -113,14 +113,14 @@ public function initialize(array $config): void {
 
   /**
    * Perform steps necessary to hydrate the Person record as part of Petition finalization.
-   *
+   * 
+   * @since  COmanage Registry v5.1.0
    * @param  int      $id           Invitation Accepter ID
-   * @param  \App\Model\Entity\Petition $petition     Petition
+   * @param  Petition $petition     Petition
    * @return bool                   true on success
-   * @since  COmanage Registry v5.1.0
    */
 
-  public function finalize(int $id, \App\Model\Entity\Petition $petition) {
+  public function hydrate(int $id, \App\Model\Entity\Petition $petition) {
     // $cfg = $this->get($id);
 
     // We don't have anything to do for finalization

app/plugins/CoreEnroller/src/Model/Table/PetitionVerificationsTable.php

@@ -132,8 +132,6 @@ public function verifyCode(int $petitionId, int $enrollmentFlowStepId, string $m
       enrollmentFlowStepId: $enrollmentFlowStepId,
       action:               PetitionActionEnum::EmailVerified,
       comment:              __d('core_enroller', 'result.EmailVerifiers.verified.history', [$mail, __d('enumeration', 'VerificationMethodEnum.C')])
-// We don't have $actorPersonId yet...
-//    ?int $actorPersonId=null
     );
 
     return true;
@@ -170,8 +168,6 @@ public function verifyFromHandoff(int $petitionId, int $enrollmentFlowStepId, st
       enrollmentFlowStepId: $enrollmentFlowStepId,
       action:               PetitionActionEnum::EmailVerified,
       comment:              __d('core_enroller', 'result.EmailVerifiers.verified.history', [$mail, __d('enumeration', 'VerificationMethodEnum.PH')])
-// We don't have $actorPersonId yet...
-//    ?int $actorPersonId=null
     );
 
     // We return in the format as if we used find() and contain()

app/plugins/CoreJob/src/Lib/Jobs/SyncJob.php

@@ -186,15 +186,20 @@ protected function fullSync() {
     if($this->runContext->eis->status == SyncModeEnum::Full) {
       $allKeys = $this->runContext->EISTable->inventory($this->runContext->eis->id);
 
-      $this->runContext->count = count($allKeys);
+      if($allKeys === false) {
+        $this->llog('error', "EIS " . $this->runContext->eis->description 
+                              . " configured for Full Sync but Plugin does not support inventory()");
+      } else {
+        $this->runContext->count = count($allKeys);
 
-      $newKeys = array_diff($allKeys, $knownKeys);
+        $newKeys = array_diff($allKeys, $knownKeys);
 
-      foreach($newKeys as $sourceKey) {
-        $this->llog('trace', "EIS " . $this->runContext->eis->description 
-                             . " processing new entry $sourceKey");
-
-        $this->syncRecord((string)$sourceKey);
+        foreach($newKeys as $sourceKey) {
+          $this->llog('trace', "EIS " . $this->runContext->eis->description 
+                              . " processing new entry $sourceKey");
+
+          $this->syncRecord((string)$sourceKey);
+        }
       }
     }
 

app/resources/locales/en_US/command.po

@@ -135,6 +135,21 @@ msgstr "Message Template ID"
 msgid "opt.notify.type"
 msgstr "Type (label) for provided Identifier"
 
+msgid "opt.upgrade.forcecurrent"
+msgstr "Force the specified current version -- ADVANCED USERS ONLY"
+
+msgid "opt.upgrade.task"
+msgstr "Upgrade task to perform -- ADVANCED USERS ONLY"
+
+msgid "opt.upgrade.skipdatabase"
+msgstr "Skip database schema update -- ADVANCED USERS ONLY"
+
+msgid "opt.upgrade.skipvalidation"
+msgstr "Skip version validation -- ADVANCED USERS ONLY"
+
+msgid "opt.upgrade.version"
+msgstr "Version to upgrade to (default: current release)"
+
 # msgid "se.admin"
 # msgstr "Creating initial administrator permission"
 

app/resources/locales/en_US/controller.po

@@ -144,6 +144,9 @@ msgstr "{0,plural,=1{Server} other{Servers}}"
 msgid "TelephoneNumbers"
 msgstr "{0,plural,=1{Telephone Number} other{Telephone Numbers}}"
 
+msgid "TrafficDetours"
+msgstr "{0,plural,=1{Traffic Detour} other{Traffic Detours}}"
+
 msgid "Types"
 msgstr "{0,plural,=1{Type} other{Types}}"