Migrate check for entity owners against members.xml.

This concludes the migration of existing metadata checks out of the statistics generation stylesheet.
InCommon · May 12, 2009 · dd48619 · dd48619
1 parent 331be1a
commit dd48619
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 52 deletions.
diff --git a/build/check.xsl b/build/check.xsl
@@ -16,6 +16,7 @@
 	xmlns:set="http://exslt.org/sets"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+	xmlns:ukfxm="xalan://uk.org.ukfederation.xalan.Members"
 	xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
 
 	<!--
@@ -26,6 +27,13 @@
 	<xsl:output method="text"/>
 
 
+	<!--
+		Pick up the members.xml document, and create a Members class instance.
+	-->
+	<xsl:variable name="memberDocument" select="document('xml/members.xml')"/>
+	<xsl:variable name="members" select="ukfxm:new($memberDocument)"/>
+
+
 	<!--
 		Checks across the whole of the document are defined here.
 		
@@ -69,6 +77,28 @@
 	</xsl:template>
 
 
+	<!--
+		Check for entities which do not have an OrganizationName at all.
+	-->
+	<xsl:template match="md:EntityDescriptor[not(md:Organization/md:OrganizationName)]">
+		<xsl:call-template name="fatal">
+			<xsl:with-param name="m">entity lacks OrganizationName</xsl:with-param>
+		</xsl:call-template>
+	</xsl:template>
+
+
+	<!--
+		Check for entities with OrganizationName elements which don't correspond to
+		a canonical owner name.
+	-->
+	<xsl:template match="md:EntityDescriptor[md:Organization/md:OrganizationName]
+		[not(ukfxm:isOwnerName($members, md:Organization/md:OrganizationName))]">
+		<xsl:call-template name="fatal">
+			<xsl:with-param name="m">unknown owner name: <xsl:value-of select="md:Organization/md:OrganizationName"/></xsl:with-param>
+		</xsl:call-template>
+	</xsl:template>
+
+
 	<!--
 		Checks for an IdP whose KeyDescriptor elements do not include a @use attribute.
 		This causes problems with certain versions of the Shibboleth 1.3 SP, which

diff --git a/build/statistics.xsl b/build/statistics.xsl
@@ -85,20 +85,6 @@
         <xsl:variable name="embeddedX509Entities" select="$entities[descendant::ds:X509Data]"/>
         <xsl:variable name="embeddedX509EntityCount" select="count($embeddedX509Entities)"/>
 
-        <!--
-            Look for some potential problems in the metadata.  We need to do this
-            at the start so that we can include or exclude the associated section.
-        -->
-
-        <!-- entities without known owner -->
-        <xsl:variable name="ownedEntities"
-            select="dyn:closure($owners/md:OrganizationName, '$entities[md:Organization/md:OrganizationName = current()]')"/>
-        <xsl:variable name="prob.unowned.entities" select="set:difference($entities, $ownedEntities)"/>
-
-        <!-- all problems, used as a conditional -->
-        <xsl:variable name="prob.all" select="$prob.unowned.entities"/>
-        <xsl:variable name="prob.count" select="count($prob.all)"/>
-
         <html>
             <head>
                 <title>UK Federation metadata statistics</title>
@@ -109,9 +95,6 @@
                 <p>This version was created at <xsl:value-of select="$now"/>.</p>
                 <p>Contents:</p>
                 <ul>
-                    <xsl:if test="$prob.count != 0">
-                        <li><p><a href="#problems">Metadata Problems</a></p></li>                        
-                    </xsl:if>
                     <li><p><a href="#members">Member Statistics</a></p></li>
                     <li><p><a href="#entities">Entity Statistics</a></p></li>
                     <li><p><a href="#byOwner">Entities by Owner</a></p></li>
@@ -122,41 +105,6 @@
 
 
 
-                <!--
-                    Metadata Problems section
-                -->                
-                <xsl:if test="$prob.count != 0">
-                    <h2><a name="problems">Metadata Problems</a></h2>
-                    <xsl:if test="count($prob.unowned.entities) != 0">
-                        <p>
-                            The following
-                            <xsl:choose>
-                                <xsl:when test="count($prob.unowned.entities) = 1">
-                                    entity does not appear
-                                </xsl:when>
-                                <xsl:otherwise>
-                                    entities do not appear
-                                </xsl:otherwise>
-                            </xsl:choose>
-                            to have <code>OrganizationName</code> values corresponding to the registered names of
-                            federation members or other known legitimate entity owners:
-                        </p>
-                        <ul>
-                            <xsl:for-each select="$prob.unowned.entities">
-                                <xsl:sort select="md:Organization/md:OrganizationName"/>
-                                <li>
-                                    <xsl:value-of select="md:Organization/md:OrganizationName"/>:
-                                    <code><xsl:value-of select="@entityID"/></code>
-                                    (<xsl:value-of select="@ID"/>)
-                                </li>
-                            </xsl:for-each>
-                        </ul>
-                    </xsl:if>
-
-                </xsl:if>
-
-
-
                 <h2><a name="members">Member Statistics</a></h2>
                 <p>Number of members: <xsl:value-of select="$memberCount"/></p>
                 <p>The following table shows, for each federation member, the number of entities