From f19d90b8b8c17e4fdc4640207a9c0102e3ccb9b0 Mon Sep 17 00:00:00 2001 From: axman Date: Tue, 3 Aug 2021 13:47:54 -0700 Subject: [PATCH] Refactored call to get userId via I2CollabPN field for I2 Grouper user synch --- Controller/GrouperGroupsController.php | 33 ++++++++++++++++--- Lib/GrouperApiAccess.php | 44 -------------------------- Model/GrouperGroup.php | 18 ----------- 3 files changed, 28 insertions(+), 67 deletions(-) diff --git a/Controller/GrouperGroupsController.php b/Controller/GrouperGroupsController.php index d33d20b..9a06dcf 100644 --- a/Controller/GrouperGroupsController.php +++ b/Controller/GrouperGroupsController.php @@ -27,6 +27,7 @@ App::uses('Validator', 'Vendor/cakephp/Validation'); App::uses('CoGrouperLite', 'GrouperLite.Model/'); +App::uses('Identifier', 'Model'); /** * Class GrouperGroupsController @@ -566,19 +567,25 @@ public function leaveGroup() { function isAuthorized() { $roles = $this->Role->calculateCMRoles(); - //This call just pulls in user ID from comanage but not Grouper, need the Grouper Id for API calls. - + //TODO - This is needed for my dev enviro since I do not log in via I2 IdP + /* if ($this->Session->check('Auth.User.username')) { $this->userId = $this->Session->read('Auth.User.username'); } -/* + */ + + /* + * TODO - Need to make the following code configurable in getting the user ID. In this case the code is + * specific to the needs of I2. + */ + if ($this->Session->check('Plugin.Grouper.UserId')) { $this->userId = $this->Session->read('Plugin.Grouper.UserId'); } else { - $this->userId = $this->GrouperGroup->getGrouperUserId(); + $this->userId = $this->getUserId($this->Session->read('Auth.User.co_person_id')); $this->Session->write('Plugin.Grouper.UserId', $this->userId); } -*/ + // Determine what operations this user can perform // Construct the permission set for this user, which will also be passed to the view. @@ -606,6 +613,22 @@ function isAuthorized() { return ($p[$this->action]); } + private function getUserId($id) { + $args = array(); + $args['conditions']['Identifier.co_person_id'] = $id; + $args['conditions']['Identifier.type'] = 'I2CollabPN'; + $args['conditions']['Identifier.status'] = SuspendableStatusEnum::Active; + $args['contain'] = false; + + $Identifier = new Identifier(); + $grouper_identifier = $Identifier->find('first', $args); + + return $grouper_identifier['Identifier']['identifier']; + } + + //############################################################################################################## + //TODO - Need to finish off the email list pages, once we get direction from I2 + //############################################################################################################## public function emaillistsOptin() { $this->set('title', _txt('pl.grouperlite.title.emaillists-join')); diff --git a/Lib/GrouperApiAccess.php b/Lib/GrouperApiAccess.php index 69689c2..3c38b87 100644 --- a/Lib/GrouperApiAccess.php +++ b/Lib/GrouperApiAccess.php @@ -70,50 +70,6 @@ public function __construct() { $this->http->setPassword(CakeSession::read('Plugin.Grouper.Api.pass')); } - /** - * Get User information from Grouper Web Service - * - * @return String User ID in Grouper Groups - * @throws Exception - */ - public function getGrouperUserId() { - - $this->http->setHeader(array('Content-Type' => 'application/json', 'Accept' => 'application/json')); - - // Create attributes want returned from call to Grouper WS - $formArray = array( - 'WsRestGetSubjectsRequest' => array( - 'subjectAttributeNames' => array( - 'edupersonprincipalname', - 'uid', - 'mail', - 'cn', - 'givenname' - ), - 'wsSubjectLookups' => array( - array('subjectIdentifier' => $_SERVER['REMOTE_USER']) - ) - ) - ); - $formData = json_encode($formArray); - $connectionUrl = $this->config['fullUrl'] . '/subjects'; - - try { - $results = $this->http->sendRequest('GET', $connectionUrl, $formData); - - // Parse out relevant records to send front end - if (isset($results['WsGetSubjectsResults']['wsSubjects'][0]['id']) && $results['WsGetSubjectsResults']['wsSubjects'][0]['id'] != NULL) { - return $results['WsGetSubjectsResults']['wsSubjects'][0]['id']; - } - - } catch (Exception $e) { - CakeLog::write('error', __METHOD__ . ': An error occurred'); - throw $e; - } - - return ''; - } - /** * Get Groups that User is a member of from Grouper. * diff --git a/Model/GrouperGroup.php b/Model/GrouperGroup.php index acf55b4..bc5246c 100644 --- a/Model/GrouperGroup.php +++ b/Model/GrouperGroup.php @@ -108,24 +108,6 @@ private function initApi() { } } - /** - * Gets the users Id from Grouper since can be different than what is in Comanage. - * - * @return String User's Id in Grouper - * @throws Exception - */ - public function getGrouperUserId() { - $this->initApi(); - - try { - return $this->grouperAPI->getGrouperUserId(); - - } catch (Exception $e) { - CakeLog::write('error', __METHOD__ . ': An error occurred'); - throw $e; - } - } - /** * Return all Groups that a User belongs to in Grouper. * Will also add OptOut Groups and flag them as joined so can display Optout option in UI.