Initial commit of Terms and Conditions (CFM-199, etc)

app/composer.json

@@ -48,7 +48,8 @@
             "PipelineToolkit\\": "availableplugins/PipelineToolkit/src/",
             "SqlConnector\\": "availableplugins/SqlConnector/src/",
             "SshKeyAuthenticator\\": "plugins/SshKeyAuthenticator/src/",
-            "CoreJob\\": "plugins/CoreJob/src/"
+            "CoreJob\\": "plugins/CoreJob/src/",
+            "TermsAgreer\\": "plugins/TermsAgreer/src/"
         }
     },
     "autoload-dev": {
@@ -68,7 +69,8 @@
             "PipelineToolkit\\Test\\": "availableplugins/PipelineToolkit/tests/",
             "SqlConnector\\Test\\": "availableplugins/SqlConnector/tests/",
             "SshKeyAuthenticator\\Test\\": "plugins/SshKeyAuthenticator/tests/",
-            "CoreJob\\Test\\": "plugins/CoreJob/tests/"
+            "CoreJob\\Test\\": "plugins/CoreJob/tests/",
+            "TermsAgreer\\Test\\": "plugins/TermsAgreer/tests/"
         }
     },
     "scripts": {

app/config/bootstrap.php

@@ -249,11 +249,11 @@
 // \Cake\Utility\Inflector::rules('irregular', ['red' => 'redlings']);
 // \Cake\Utility\Inflector::rules('uninflected', ['dontinflectme']);
 
-\Cake\Utility\Inflector::rules('irregular', ['co_terms_and_condition' => 'co_terms_and_conditions']);
-\Cake\Utility\Inflector::rules('uninflected', ['co_terms_and_conditions' => 'co_terms_and_conditions']);
 \Cake\Utility\Inflector::rules('irregular', ['cou' => 'cous']);
 \Cake\Utility\Inflector::rules('uninflected', ['cous' => 'cous']);
 \Cake\Utility\Inflector::rules('irregular', ['meta' => 'meta']);
+// \Cake\Utility\Inflector::rules('irregular', ['terms_and_condition' => 'terms_and_conditions']);
+\Cake\Utility\Inflector::rules('uninflected', ['terms_and_conditions' => 'terms_and_conditions']);
 
 /*
  * Define some constants

app/config/schema/schema.json

@@ -29,6 +29,7 @@
       "language": { "type": "string", "size": 16 },
       "mail": { "type": "string", "size": 256 },
       "message_template_id": { "type": "integer", "foreignkey": { "table": "message_templates", "column": "id" } },
+      "mostly_static_page_id": { "type": "integer", "foreignkey": { "table": "mostly_static_pages", "column": "id" } },
       "name": { "type": "string", "size": 128, "notnull": true },
       "ordr": { "type": "integer" },
       "password": { "type": "string", "size": 400 },
@@ -981,6 +982,40 @@
         "authenticator_statuses_i2": { "needed": false, "columns": [ "authenticator_id"] },
         "authenticator_statuses_i3": { "needed": false, "columns": [ "person_id"] }
       }
+    },
+
+    "terms_and_conditions": {
+      "columns": {
+        "id": {},
+        "co_id": {},
+        "description": {},
+        "url": { "type": "url" },
+        "mostly_static_page_id": {},
+        "cou_id": {},
+        "status": {},
+        "ordr": {},
+        "agreement_duration": { "type": "integer" },
+        "agree_to_updates": { "type": "boolean" }
+      },
+      "indexes": {
+        "terms_and_conditions_i1": { "columns": [ "co_id" ] },
+        "terms_and_conditions_i2": { "needed": false, "columns": [ "cou_id" ] },
+        "terms_and_conditions_i3": { "needed": false, "columns": [ "mostly_static_page_id" ] }
+      }
+    },
+
+    "t_and_c_agreements": {
+      "columns": {
+        "id": {},
+        "terms_and_conditions_id": { "type": "integer", "foreignkey": { "table": "terms_and_conditions", "column": "id" } },
+        "person_id": {},
+        "agreement_time": { "type": "datetime" },
+        "identifier": { "type": "string", "size": 512 }
+      },
+      "indexes": {
+        "t_and_c_agreements_i1": { "columns": [ "terms_and_conditions_id" ]},
+        "t_and_c_agreements_i2": { "columns": [ "person_id" ]}
+      }
     }
   },
 

app/plugins/EnvSource/resources/locales/en_US/env_source.po

@@ -173,4 +173,4 @@ msgid "result.env.saved.login"
 msgstr "Env Attributes updated at login"
 
 msgid "result.pipeline.status"
-msgstr "Pipeline completed with status {0}"
+msgstr "EnvSource Pipeline completed with status {0}"

app/plugins/OrcidSource/resources/locales/en_US/orcid_source.po

@@ -110,4 +110,4 @@ msgid "result.orcid.saved"
 msgstr "ORCID Token recorded"
 
 msgid "result.pipeline.status"
-msgstr "Pipeline completed with status {0}"
+msgstr "OrcidSource Pipeline completed with status {0}"

app/plugins/TermsAgreer/config/plugin.json

@@ -0,0 +1,35 @@
+{
+  "types": {
+    "enrollment_flow_step": [
+      "AgreementCollectors"
+    ]
+  },
+  "schema": {
+    "tables": {
+      "agreement_collectors": {
+        "columns": {
+          "id": {},
+          "enrollment_flow_step_id": {},
+          "t_and_c_mode": { "type": "string", "size": 2 }
+        },
+        "indexes": {
+          "agreement_collectors_i1": { "columns": [ "enrollment_flow_step_id" ] }
+        }
+      },
+      "petition_agreements": {
+        "columns": {
+          "id": {},
+          "petition_id": {},
+          "agreement_collector_id": { "type": "integer", "foreignkey": { "table": "agreement_collectors", "column": "id" } },
+          "terms_and_conditions_id": { "type": "integer", "foreignkey": { "table": "terms_and_conditions", "column": "id" } },
+          "identifier": { "type": "string", "size": 512 },
+          "agreement_time": { "type": "datetime" }
+        },
+        "indexes": {
+          "petition_agreements_i1": { "columns": [ "petition_id" ] },
+          "petition_agreements_i2": { "needed": false, "columns": [ "terms_and_conditions_id" ] }
+        }
+      }
+    }
+  }
+}

app/plugins/TermsAgreer/resources/locales/en_US/terms_agreer.po

@@ -0,0 +1,53 @@
+# COmanage Registry Localizations (terms_agreer domain)
+#
+# Portions licensed to the University Corporation for Advanced Internet
+# Development, Inc. ("UCAID") under one or more contributor license agreements.
+# See the NOTICE file distributed with this work for additional information
+# regarding copyright ownership.
+#
+# UCAID licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @link          https://www.internet2.edu/comanage COmanage Project
+# @package       registry-plugins
+# @since         COmanage Registry v5.2.0
+# @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+
+msgid "controller.AgreementCollectors"
+msgstr "{0,plural,=1{T&C Agreement Collector} other{T&C Agreement Collectors}}"
+
+msgid "controller.PetitionAgreements"
+msgstr "{0,plural,=1{Petition T&C Agreement} other{Petition T&C Agreements}}"
+
+msgid "enumeration.TAndCEnrollmentModeEnum.EC"
+msgstr "Explicit Consent"
+
+msgid "enumeration.TAndCEnrollmentModeEnum.X"
+msgstr "Ignore"
+
+msgid "enumeration.TAndCEnrollmentModeEnum.IC"
+msgstr "Implied Consent"
+
+msgid "field.AgreementCollectors.t_and_c_mode"
+msgstr "Terms and Conditions Mode"
+
+msgid "information.AgreementCollectors.review"
+msgstr "You must review and agree to these Terms and Conditions before continuing."
+
+msgid "result.AgreementCollectors.ignored"
+msgstr "Terms and Conditions collection disabled"
+
+msgid "result.AgreementCollectors.recorded"
+msgstr "Agreed to Terms and Conditions {0} ({1}, {2})"
+
+msgid "result.AgreementCollectors.recorded.summary"
+msgstr "Agreed to {0} Terms and Conditions"

app/plugins/TermsAgreer/src/Controller/AgreementCollectorsController.php

@@ -0,0 +1,162 @@
+<?php
+/**
+ * COmanage Registry T&C Agreement Collectors Controller
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          https://www.internet2.edu/comanage COmanage Project
+ * @package       registry-plugins
+ * @since         COmanage Registry v5.2.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
+declare(strict_types=1);
+
+namespace TermsAgreer\Controller;
+
+use App\Controller\StandardEnrollerController;
+use App\Lib\Enum\SuspendableStatusEnum;
+use Cake\ORM\TableRegistry;
+use TermsAgreer\Lib\Enum\TAndCEnrollmentModeEnum;
+
+class AgreementCollectorsController extends StandardEnrollerController {
+  protected array $paginate = [
+    'order' => [
+      'AgreementCollectors.id' => 'asc'
+    ]
+  ];
+
+  /**
+   * Dispatch an Enrollment Flow Step.
+   * 
+   * @since  COmanage Registry v5.2.0
+   * @param  string  $id    Approval Collector ID
+   */
+
+  public function dispatch(string $id) {
+    $request = $this->getRequest();
+    $petition = $this->getPetition();
+    $coId = $this->getCOID();
+
+    // Pull the set of T&C as well as the plugin step configuration.
+    // Explicit vs Implicit is handled by the frontend.
+
+    $cfg = $this->AgreementCollectors->get($id);
+
+    if($cfg->t_and_c_mode == TAndCEnrollmentModeEnum::Ignore) {
+      // If the Plugin is set to Ignore, we simply skip this step and move on.
+
+      return $this->finishStep(
+        enrollmentFlowStepId: $cfg->enrollment_flow_step_id,
+        petitionId:           $petition->id,
+        comment:              __d('terms_agreer', 'result.AgreementCollectors.ignored')
+      );
+    }
+
+    // We pull Active T&C only, We pull all T&C that are not COU specific,
+    // and if there is a COU associated with this Petition then we also pull T&C
+    // for that COU.
+
+    $TermsAndConditions = TableRegistry::getTableLocator()->get('TermsAndConditions');
+
+    $whereClause = [
+      'co_id' => $coId,
+      'status' => SuspendableStatusEnum::Active
+    ];
+
+    if(!empty($petition->cou_id)) {
+      $whereClause['OR'] = [
+        'cou_id IS NULL',
+        'cou_id' => $petition->cou_id
+      ];
+    } else {
+      $whereClause[] = 'cou_id IS NULL';
+    }
+
+    $tandc = $TermsAndConditions->find()
+                                ->where($whereClause)
+                                ->order('ordr ASC')
+                                ->all();
+
+    // Calculating status of current Agreements is a bit tricky, because we need to look
+    // in both the Petition (PetitionAgreements) and if this is a Petition for a Person
+    // that already exists in TAndCAgreements. As a first pass, we simply ignore any
+    // existing Agreements (eg if this is an Additional Role Enrollment) and we always
+    // require this Step to be completed. It's valid to have multiple T&C Agreements,
+    // and even desirable if they expired.
+
+    if($request->is('post')) {
+      // Walk the set of $tandc and look for an agreement in the POST data.
+      // We shouldn't really get here without all $tandc agreed to since the
+      // frontend shouldn't allow the enrollee to get here otherwise.
+
+      $data = $request->getData();
+
+      $ok = true;
+
+      foreach($tandc as $tc) {
+        // The post data is keyed on the string "tc" appended to the T&C id,
+        // and the expected value is "1".
+
+        $key = "tc".$tc->id;
+
+        if(!isset($data[$key]) || $data[$key] != "1") {
+          $ok = false;
+
+          $this->Flash->error("Did not find agreement for T&C " . $tc->id);  // XXX I18n
+        }
+      }
+
+      if($ok) {
+        // Record the agreements and update the Petition
+
+        // Similar to v4, we use the Petition Token (formerly the Enrollee Token)
+        // for unauthenticated Enrollments.
+
+        $authIdentifier = $request->getSession()->read('Auth.external.user');
+
+        if(empty($authIdentifier)) {
+          $authIdentifier = $petition->token;
+        }
+
+        $this->AgreementCollectors->record(
+          petitionId: $petition->id,
+          agreementCollectorId: $cfg->id,
+          identifier: $authIdentifier,
+          tAndC: $tandc
+        );
+
+        // Redirect to the next step
+
+        return $this->finishStep(
+          enrollmentFlowStepId: $cfg->enrollment_flow_step_id,
+          petitionId:           $petition->id,
+          comment:              __d('terms_agreer', 'result.AgreementCollectors.recorded.summary', $tandc->count())
+        );
+      }
+    }
+
+    // If there are no pending T&C, redirect to the next step.
+
+    // Otherwise let the view render.
+    $this->set('vv_tandc_mode', $cfg->t_and_c_mode);
+    $this->set('vv_tandc', $tandc);
+
+    $this->render('/Standard/dispatch');
+  }
+}

app/plugins/TermsAgreer/src/Controller/AppController.php

@@ -0,0 +1,10 @@
+<?php
+declare(strict_types=1);
+
+namespace TermsAgreer\Controller;
+
+use App\Controller\AppController as BaseController;
+
+class AppController extends BaseController
+{
+}