sync-procs.tcl

API for managing synchronization of user data.

Location:
packages/acs-authentication/tcl/sync-procs.tcl
Created:
2003-09-05
Author:
Lars Pind <lars@collaboraid.biz>
CVS Identification:
$Id: sync-procs.tcl,v 1.44.2.7 2024/08/20 08:58:02 gustafn Exp $

Procedures in this file

Detailed information

auth::sync::GetAcknowledgementDocument (private)

 auth::sync::GetAcknowledgementDocument -authority_id authority_id \
    -job_id job_id -document document

Wrapper for the GetAckDocument operation of the auth_sync_process service contract.

Switches:
-authority_id (required)
-job_id (required)
-document (required)

Partial Call Graph (max 5 caller/called nodes):
%3 auth::authority::batch_sync auth::authority::batch_sync (public) auth::sync::GetAcknowledgementDocument auth::sync::GetAcknowledgementDocument auth::authority::batch_sync->auth::sync::GetAcknowledgementDocument acs_sc::invoke acs_sc::invoke (public) auth::sync::GetAcknowledgementDocument->acs_sc::invoke ad_raise ad_raise (public) auth::sync::GetAcknowledgementDocument->ad_raise auth::authority::get_element auth::authority::get_element (public) auth::sync::GetAcknowledgementDocument->auth::authority::get_element auth::driver::get_parameter_values auth::driver::get_parameter_values (public) auth::sync::GetAcknowledgementDocument->auth::driver::get_parameter_values

Testcases:
No testcase defined.

auth::sync::GetDocument (private)

 auth::sync::GetDocument -authority_id authority_id

Wrapper for the GetDocument operation of the auth_sync_retrieve service contract.

Switches:
-authority_id (required)

Partial Call Graph (max 5 caller/called nodes):
%3 auth::authority::batch_sync auth::authority::batch_sync (public) auth::sync::GetDocument auth::sync::GetDocument auth::authority::batch_sync->auth::sync::GetDocument acs_sc::invoke acs_sc::invoke (public) auth::sync::GetDocument->acs_sc::invoke auth::authority::get_element auth::authority::get_element (public) auth::sync::GetDocument->auth::authority::get_element auth::driver::get_parameter_values auth::driver::get_parameter_values (public) auth::sync::GetDocument->auth::driver::get_parameter_values

Testcases:
No testcase defined.

auth::sync::GetElements (private)

 auth::sync::GetElements -authority_id authority_id

Wrapper for the GetElements operation of the auth_sync_process service contract.

Switches:
-authority_id (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_batch_ims_test sync_batch_ims_test (test acs-authentication) auth::sync::GetElements auth::sync::GetElements test_sync_batch_ims_test->auth::sync::GetElements acs_sc::invoke acs_sc::invoke (public) auth::sync::GetElements->acs_sc::invoke ad_raise ad_raise (public) auth::sync::GetElements->ad_raise auth::authority::get_element auth::authority::get_element (public) auth::sync::GetElements->auth::authority::get_element auth::driver::get_parameter_values auth::driver::get_parameter_values (public) auth::sync::GetElements->auth::driver::get_parameter_values auth::sync::get_sync_elements auth::sync::get_sync_elements (private) auth::sync::get_sync_elements->auth::sync::GetElements

Testcases:
sync_batch_ims_test

auth::sync::ProcessDocument (private)

 auth::sync::ProcessDocument -authority_id authority_id -job_id job_id \
    -document document

Wrapper for the ProcessDocument operation of the auth_sync_process service contract.

Switches:
-authority_id (required)
-job_id (required)
-document (required)

Partial Call Graph (max 5 caller/called nodes):
%3 auth::authority::batch_sync auth::authority::batch_sync (public) auth::sync::ProcessDocument auth::sync::ProcessDocument auth::authority::batch_sync->auth::sync::ProcessDocument acs_sc::invoke acs_sc::invoke (public) auth::sync::ProcessDocument->acs_sc::invoke auth::authority::get_element auth::authority::get_element (public) auth::sync::ProcessDocument->auth::authority::get_element auth::driver::get_parameter_values auth::driver::get_parameter_values (public) auth::sync::ProcessDocument->auth::driver::get_parameter_values

Testcases:
No testcase defined.

auth::sync::get_doc::file::GetDocument (private)

 auth::sync::get_doc::file::GetDocument parameters

Retrieve the document from local filesystem

Parameters:
parameters (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_file_get_document sync_file_get_document (test acs-authentication) auth::sync::get_doc::file::GetDocument auth::sync::get_doc::file::GetDocument test_sync_file_get_document->auth::sync::get_doc::file::GetDocument template::util::read_file template::util::read_file (public) auth::sync::get_doc::file::GetDocument->template::util::read_file AcsSc.auth_sync_retrieve.getdocument.localfilesystem AcsSc.auth_sync_retrieve.getdocument.localfilesystem (private) AcsSc.auth_sync_retrieve.getdocument.localfilesystem->auth::sync::get_doc::file::GetDocument auth::sync::get_doc::file::register_impl auth::sync::get_doc::file::register_impl (private) auth::sync::get_doc::file::register_impl->auth::sync::get_doc::file::GetDocument

Testcases:
sync_file_get_document

auth::sync::get_doc::file::GetParameters (private)

 auth::sync::get_doc::file::GetParameters

Parameters for FILE GetDocument implementation.

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_get_parameters sync_get_parameters (test acs-authentication) auth::sync::get_doc::file::GetParameters auth::sync::get_doc::file::GetParameters test_sync_get_parameters->auth::sync::get_doc::file::GetParameters AcsSc.auth_sync_retrieve.getparameters.localfilesystem AcsSc.auth_sync_retrieve.getparameters.localfilesystem (private) AcsSc.auth_sync_retrieve.getparameters.localfilesystem->auth::sync::get_doc::file::GetParameters auth::sync::get_doc::file::register_impl auth::sync::get_doc::file::register_impl (private) auth::sync::get_doc::file::register_impl->auth::sync::get_doc::file::GetParameters

Testcases:
sync_get_parameters

auth::sync::get_doc::file::register_impl (private)

 auth::sync::get_doc::file::register_impl

Register this implementation

Partial Call Graph (max 5 caller/called nodes):
%3 auth::package_install auth::package_install (private) auth::sync::get_doc::file::register_impl auth::sync::get_doc::file::register_impl auth::package_install->auth::sync::get_doc::file::register_impl acs_sc::impl::new_from_spec acs_sc::impl::new_from_spec (public) auth::sync::get_doc::file::register_impl->acs_sc::impl::new_from_spec auth::sync::get_doc::file::GetDocument auth::sync::get_doc::file::GetDocument (private) auth::sync::get_doc::file::register_impl->auth::sync::get_doc::file::GetDocument auth::sync::get_doc::file::GetParameters auth::sync::get_doc::file::GetParameters (private) auth::sync::get_doc::file::register_impl->auth::sync::get_doc::file::GetParameters

Testcases:
No testcase defined.

auth::sync::get_doc::file::unregister_impl (private)

 auth::sync::get_doc::file::unregister_impl

Unregister this implementation

Partial Call Graph (max 5 caller/called nodes):
%3 auth::package_uninstall auth::package_uninstall (private) auth::sync::get_doc::file::unregister_impl auth::sync::get_doc::file::unregister_impl auth::package_uninstall->auth::sync::get_doc::file::unregister_impl acs_sc::impl::delete acs_sc::impl::delete (public) auth::sync::get_doc::file::unregister_impl->acs_sc::impl::delete

Testcases:
No testcase defined.

auth::sync::get_doc::http::GetDocument (private)

 auth::sync::get_doc::http::GetDocument parameters

Retrieve the document by HTTP

Parameters:
parameters (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_http_get_document sync_http_get_document (test acs-authentication) auth::sync::get_doc::http::GetDocument auth::sync::get_doc::http::GetDocument test_sync_http_get_document->auth::sync::get_doc::http::GetDocument util::http::get util::http::get (public) auth::sync::get_doc::http::GetDocument->util::http::get AcsSc.auth_sync_retrieve.getdocument.httpget AcsSc.auth_sync_retrieve.getdocument.httpget (private) AcsSc.auth_sync_retrieve.getdocument.httpget->auth::sync::get_doc::http::GetDocument auth::sync::get_doc::http::register_impl auth::sync::get_doc::http::register_impl (private) auth::sync::get_doc::http::register_impl->auth::sync::get_doc::http::GetDocument

Testcases:
sync_http_get_document

auth::sync::get_doc::http::GetParameters (private)

 auth::sync::get_doc::http::GetParameters

Parameters for HTTP GetDocument implementation.

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_get_parameters sync_get_parameters (test acs-authentication) auth::sync::get_doc::http::GetParameters auth::sync::get_doc::http::GetParameters test_sync_get_parameters->auth::sync::get_doc::http::GetParameters AcsSc.auth_sync_retrieve.getparameters.httpget AcsSc.auth_sync_retrieve.getparameters.httpget (private) AcsSc.auth_sync_retrieve.getparameters.httpget->auth::sync::get_doc::http::GetParameters auth::sync::get_doc::http::register_impl auth::sync::get_doc::http::register_impl (private) auth::sync::get_doc::http::register_impl->auth::sync::get_doc::http::GetParameters

Testcases:
sync_get_parameters

auth::sync::get_doc::http::register_impl (private)

 auth::sync::get_doc::http::register_impl

Register this implementation

Partial Call Graph (max 5 caller/called nodes):
%3 auth::package_install auth::package_install (private) auth::sync::get_doc::http::register_impl auth::sync::get_doc::http::register_impl auth::package_install->auth::sync::get_doc::http::register_impl acs_sc::impl::new_from_spec acs_sc::impl::new_from_spec (public) auth::sync::get_doc::http::register_impl->acs_sc::impl::new_from_spec auth::sync::get_doc::http::GetDocument auth::sync::get_doc::http::GetDocument (private) auth::sync::get_doc::http::register_impl->auth::sync::get_doc::http::GetDocument auth::sync::get_doc::http::GetParameters auth::sync::get_doc::http::GetParameters (private) auth::sync::get_doc::http::register_impl->auth::sync::get_doc::http::GetParameters

Testcases:
No testcase defined.

auth::sync::get_doc::http::unregister_impl (private)

 auth::sync::get_doc::http::unregister_impl

Unregister this implementation

Partial Call Graph (max 5 caller/called nodes):
%3 auth::package_uninstall auth::package_uninstall (private) auth::sync::get_doc::http::unregister_impl auth::sync::get_doc::http::unregister_impl auth::package_uninstall->auth::sync::get_doc::http::unregister_impl acs_sc::impl::delete acs_sc::impl::delete (public) auth::sync::get_doc::http::unregister_impl->acs_sc::impl::delete

Testcases:
No testcase defined.

auth::sync::get_sync_elements (private)

 auth::sync::get_sync_elements [ -user_id user_id ] \
    [ -authority_id authority_id ]

Get a Tcl list of the user profile elements controlled by the batch synchronization. These should not be editable by the user. Supply either user_id or authority_id. Authority_id is the most efficient.

Switches:
-user_id (optional)
-authority_id (optional)

Partial Call Graph (max 5 caller/called nodes):
%3 packages/acs-subsite/lib/user-info.tcl packages/acs-subsite/ lib/user-info.tcl auth::sync::get_sync_elements auth::sync::get_sync_elements packages/acs-subsite/lib/user-info.tcl->auth::sync::get_sync_elements acs_user::get_element acs_user::get_element (public) auth::sync::get_sync_elements->acs_user::get_element ad_log ad_log (public) auth::sync::get_sync_elements->ad_log ad_try ad_try (public) auth::sync::get_sync_elements->ad_try auth::sync::GetElements auth::sync::GetElements (private) auth::sync::get_sync_elements->auth::sync::GetElements

Testcases:
No testcase defined.

auth::sync::job::action (public)

 auth::sync::job::action -job_id job_id -operation operation \
    -username username [ -array array ]

Inserts/updates/deletes a user, depending on the operation.

Switches:
-job_id (required)
The job which this is part of for logging purposes.
-operation (required)
'insert', 'update', 'delete', or 'snapshot'.
-username (required)
The username which this action refers to.
-array (optional)
Name of an array containing the relevant registration elements. Not required if this is a delete operation.
Returns:
entry_id of newly created entry

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_actions sync_actions (test acs-authentication) auth::sync::job::action auth::sync::job::action test_sync_actions->auth::sync::job::action test_sync_snapshot sync_snapshot (test acs-authentication) test_sync_snapshot->auth::sync::job::action acs_user::get acs_user::get (public) auth::sync::job::action->acs_user::get acs_user::get_by_username acs_user::get_by_username (public) auth::sync::job::action->acs_user::get_by_username ad_log ad_log (public) auth::sync::job::action->ad_log ad_try ad_try (public) auth::sync::job::action->ad_try auth::create_local_account auth::create_local_account (public) auth::sync::job::action->auth::create_local_account auth::sync::job::snapshot_delete_remaining auth::sync::job::snapshot_delete_remaining (public) auth::sync::job::snapshot_delete_remaining->auth::sync::job::action auth::sync::process_doc::ims::ProcessDocument auth::sync::process_doc::ims::ProcessDocument (private) auth::sync::process_doc::ims::ProcessDocument->auth::sync::job::action

Testcases:
sync_actions, sync_snapshot

auth::sync::job::create_entry (public)

 auth::sync::job::create_entry -job_id job_id -operation operation \
    -username username [ -user_id user_id ] [ -success ] \
    [ -message message ] [ -element_messages element_messages ]

Record a batch job entry.

Switches:
-job_id (required)
The ID of the batch job you're ending.
-operation (required)
One of 'insert', 'update', or 'delete'.
-username (required)
The username of the user being inserted/updated/deleted.
-user_id (optional)
The user_id of the local user account, if known.
-success (optional, boolean)
Whether or not the operation went well.
-message (optional)
Any error message to stick into the log.
-element_messages (optional)
Returns:
entry_id

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_sync_process_ims_implementations auth_sync_process_ims_implementations (test acs-authentication) auth::sync::job::create_entry auth::sync::job::create_entry test_auth_sync_process_ims_implementations->auth::sync::job::create_entry test_sync_start_end sync_start_end (test acs-authentication) test_sync_start_end->auth::sync::job::create_entry db_dml db_dml (public) auth::sync::job::create_entry->db_dml db_nextval db_nextval (public) auth::sync::job::create_entry->db_nextval auth::sync::job::action auth::sync::job::action (public) auth::sync::job::action->auth::sync::job::create_entry

Testcases:
sync_start_end, auth_sync_process_ims_implementations

auth::sync::job::end (public)

 auth::sync::job::end -job_id job_id [ -message message ]

Record the end of a batch job. Closes out the transaction log and sends out notifications.

Switches:
-job_id (required)
The ID of the batch job you're ending.
-message (optional)
Returns:
array list with result of auth::sync::job::get.
Author:
Lars Pind <lars@collaboraid.biz>
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_actions sync_actions (test acs-authentication) auth::sync::job::end auth::sync::job::end test_sync_actions->auth::sync::job::end test_sync_snapshot sync_snapshot (test acs-authentication) test_sync_snapshot->auth::sync::job::end test_sync_start_end sync_start_end (test acs-authentication) test_sync_start_end->auth::sync::job::end acs_mail_lite::send acs_mail_lite::send (public) auth::sync::job::end->acs_mail_lite::send ad_log ad_log (public) auth::sync::job::end->ad_log ad_system_owner ad_system_owner (public) auth::sync::job::end->ad_system_owner ad_try ad_try (public) auth::sync::job::end->ad_try auth::sync::job::get auth::sync::job::get (public) auth::sync::job::end->auth::sync::job::get auth::authority::batch_sync auth::authority::batch_sync (public) auth::authority::batch_sync->auth::sync::job::end

Testcases:
sync_start_end, sync_actions, sync_snapshot

auth::sync::job::end_get_document (public)

 auth::sync::job::end_get_document -job_id job_id \
    -doc_status doc_status [ -doc_message doc_message ] \
    [ -document document ] [ -snapshot ]

Record the time that we've finished getting the document, and record the status.

Switches:
-job_id (required)
The ID of the batch job you're ending.
-doc_status (required)
-doc_message (optional)
-document (optional)
-snapshot (optional, boolean)
Set this if this is a snapshot job, as opposed to an incremental ('event driven') job.

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_start_end sync_start_end (test acs-authentication) auth::sync::job::end_get_document auth::sync::job::end_get_document test_sync_start_end->auth::sync::job::end_get_document db_boolean db_boolean (public) auth::sync::job::end_get_document->db_boolean db_dml db_dml (public) auth::sync::job::end_get_document->db_dml auth::authority::batch_sync auth::authority::batch_sync (public) auth::authority::batch_sync->auth::sync::job::end_get_document

Testcases:
sync_start_end

auth::sync::job::get (public)

 auth::sync::job::get -job_id job_id -array array

Get information about a batch job in an array.

Switches:
-job_id (required)
The ID of the batch job you're ending.
-array (required)
Name of an array into which you want the information.
Author:
Lars Pind <lars@collaboraid.biz>

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_batch_for_local sync_batch_for_local (test acs-authentication) auth::sync::job::get auth::sync::job::get test_sync_batch_for_local->auth::sync::job::get test_sync_batch_ims_example_doc sync_batch_ims_example_doc (test acs-authentication) test_sync_batch_ims_example_doc->auth::sync::job::get test_sync_batch_ims_test sync_batch_ims_test (test acs-authentication) test_sync_batch_ims_test->auth::sync::job::get ad_url ad_url (public) auth::sync::job::get->ad_url db_1row db_1row (public) auth::sync::job::get->db_1row export_vars export_vars (public) auth::sync::job::get->export_vars auth::sync::job::end auth::sync::job::end (public) auth::sync::job::end->auth::sync::job::get packages/acs-admin/www/auth/batch-action.tcl packages/acs-admin/ www/auth/batch-action.tcl packages/acs-admin/www/auth/batch-action.tcl->auth::sync::job::get packages/acs-admin/www/auth/batch-job.tcl packages/acs-admin/ www/auth/batch-job.tcl packages/acs-admin/www/auth/batch-job.tcl->auth::sync::job::get

Testcases:
sync_batch_for_local, sync_batch_ims_example_doc, sync_batch_ims_test

auth::sync::job::get_authority_id (public)

 auth::sync::job::get_authority_id -job_id job_id

Get the authority_id from a job_id. Cached.

Switches:
-job_id (required)
The ID of the batch job you're ending.
Author:
Lars Pind <lars@collaboraid.biz>

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_start_end sync_start_end (test acs-authentication) auth::sync::job::get_authority_id auth::sync::job::get_authority_id test_sync_start_end->auth::sync::job::get_authority_id auth::sync::job::get_authority_id_not_cached auth::sync::job::get_authority_id_not_cached (private) auth::sync::job::get_authority_id->auth::sync::job::get_authority_id_not_cached util_memoize util_memoize (public) auth::sync::job::get_authority_id->util_memoize auth::sync::job::action auth::sync::job::action (public) auth::sync::job::action->auth::sync::job::get_authority_id auth::sync::job::snapshot_delete_remaining auth::sync::job::snapshot_delete_remaining (public) auth::sync::job::snapshot_delete_remaining->auth::sync::job::get_authority_id

Testcases:
sync_start_end

auth::sync::job::get_authority_id_flush (private)

 auth::sync::job::get_authority_id_flush [ -job_id job_id ]

Flush cache

Switches:
-job_id (optional)
The ID of the batch job you're ending.
Author:
Lars Pind <lars@collaboraid.biz>

Partial Call Graph (max 5 caller/called nodes):
%3 util_memoize_flush util_memoize_flush (public) util_memoize_flush_regexp util_memoize_flush_regexp (public) auth::sync::job::get_authority_id_flush auth::sync::job::get_authority_id_flush auth::sync::job::get_authority_id_flush->util_memoize_flush auth::sync::job::get_authority_id_flush->util_memoize_flush_regexp

Testcases:
No testcase defined.

auth::sync::job::get_authority_id_not_cached (private)

 auth::sync::job::get_authority_id_not_cached job_id

Get the authority_id from a job_id. Not cached.

Parameters:
job_id (required)
The ID of the batch job you're ending.
Author:
Lars Pind <lars@collaboraid.biz>
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 auth::sync::job::get_authority_id auth::sync::job::get_authority_id (public) auth::sync::job::get_authority_id_not_cached auth::sync::job::get_authority_id_not_cached auth::sync::job::get_authority_id->auth::sync::job::get_authority_id_not_cached auth::sync::job::get_authority_id_seed auth::sync::job::get_authority_id_seed (private) auth::sync::job::get_authority_id_seed->auth::sync::job::get_authority_id_not_cached db_string db_string (public) auth::sync::job::get_authority_id_not_cached->db_string

Testcases:
No testcase defined.

auth::sync::job::get_authority_id_seed (private)

 auth::sync::job::get_authority_id_seed -job_id job_id \
    -authority_id authority_id

Flush cache

Switches:
-job_id (required)
The ID of the batch job you're ending.
-authority_id (required)
Author:
Lars Pind <lars@collaboraid.biz>

Partial Call Graph (max 5 caller/called nodes):
%3 auth::sync::job::start auth::sync::job::start (public) auth::sync::job::get_authority_id_seed auth::sync::job::get_authority_id_seed auth::sync::job::start->auth::sync::job::get_authority_id_seed auth::sync::job::get_authority_id_not_cached auth::sync::job::get_authority_id_not_cached (private) auth::sync::job::get_authority_id_seed->auth::sync::job::get_authority_id_not_cached util_memoize_seed util_memoize_seed (public) auth::sync::job::get_authority_id_seed->util_memoize_seed

Testcases:
No testcase defined.

auth::sync::job::get_entries (public)

 auth::sync::job::get_entries -job_id job_id

Get a list of entry_ids of the job log entries, ordered by entry_time.

Switches:
-job_id (required)
The ID of the batch job you're ending.
Author:
Lars Pind <lars@collaboraid.biz>

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_batch_ims_example_doc sync_batch_ims_example_doc (test acs-authentication) auth::sync::job::get_entries auth::sync::job::get_entries test_sync_batch_ims_example_doc->auth::sync::job::get_entries test_sync_batch_ims_test sync_batch_ims_test (test acs-authentication) test_sync_batch_ims_test->auth::sync::job::get_entries db_list db_list (public) auth::sync::job::get_entries->db_list

Testcases:
sync_batch_ims_example_doc, sync_batch_ims_test

auth::sync::job::get_entry (public)

 auth::sync::job::get_entry -entry_id entry_id -array array

Get information about a log entry

Switches:
-entry_id (required)
-array (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_actions sync_actions (test acs-authentication) auth::sync::job::get_entry auth::sync::job::get_entry test_sync_actions->auth::sync::job::get_entry test_sync_batch_ims_example_doc sync_batch_ims_example_doc (test acs-authentication) test_sync_batch_ims_example_doc->auth::sync::job::get_entry test_sync_batch_ims_test sync_batch_ims_test (test acs-authentication) test_sync_batch_ims_test->auth::sync::job::get_entry test_sync_snapshot sync_snapshot (test acs-authentication) test_sync_snapshot->auth::sync::job::get_entry db_1row db_1row (public) auth::sync::job::get_entry->db_1row packages/acs-admin/www/auth/batch-action.tcl packages/acs-admin/ www/auth/batch-action.tcl packages/acs-admin/www/auth/batch-action.tcl->auth::sync::job::get_entry

Testcases:
sync_actions, sync_snapshot, sync_batch_ims_example_doc, sync_batch_ims_test

auth::sync::job::snapshot_delete_remaining (public)

 auth::sync::job::snapshot_delete_remaining -job_id job_id

Deletes the users that weren't included in the snapshot.

Switches:
-job_id (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_snapshot sync_snapshot (test acs-authentication) auth::sync::job::snapshot_delete_remaining auth::sync::job::snapshot_delete_remaining test_sync_snapshot->auth::sync::job::snapshot_delete_remaining auth::sync::job::action auth::sync::job::action (public) auth::sync::job::snapshot_delete_remaining->auth::sync::job::action auth::sync::job::get_authority_id auth::sync::job::get_authority_id (public) auth::sync::job::snapshot_delete_remaining->auth::sync::job::get_authority_id db_list db_list (public) auth::sync::job::snapshot_delete_remaining->db_list auth::authority::batch_sync auth::authority::batch_sync (public) auth::authority::batch_sync->auth::sync::job::snapshot_delete_remaining

Testcases:
sync_snapshot

auth::sync::job::start (public)

 auth::sync::job::start [ -job_id job_id ] -authority_id authority_id \
    [ -interactive ] [ -creation_user creation_user ]

Record the beginning of a job.

Switches:
-job_id (optional)
-authority_id (required)
The ID of the authority you're trying to sync
-interactive (optional, boolean)
Set this if this is an interactive job, i.e. it's initiated by a user.
-creation_user (optional)
Returns:
job_id An ID for the new batch job. Used when calling other procs in this API.
Author:
Lars Pind <lars@collaboraid.biz>

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_sync_process_ims_implementations auth_sync_process_ims_implementations (test acs-authentication) auth::sync::job::start auth::sync::job::start test_auth_sync_process_ims_implementations->auth::sync::job::start test_sync_actions sync_actions (test acs-authentication) test_sync_actions->auth::sync::job::start test_sync_snapshot sync_snapshot (test acs-authentication) test_sync_snapshot->auth::sync::job::start test_sync_start_end sync_start_end (test acs-authentication) test_sync_start_end->auth::sync::job::start ad_conn ad_conn (public) auth::sync::job::start->ad_conn auth::sync::job::get_authority_id_seed auth::sync::job::get_authority_id_seed (private) auth::sync::job::start->auth::sync::job::get_authority_id_seed db_boolean db_boolean (public) auth::sync::job::start->db_boolean db_dml db_dml (public) auth::sync::job::start->db_dml db_nextval db_nextval (public) auth::sync::job::start->db_nextval auth::authority::batch_sync auth::authority::batch_sync (public) auth::authority::batch_sync->auth::sync::job::start

Testcases:
sync_start_end, sync_actions, sync_snapshot, auth_sync_process_ims_implementations

auth::sync::job::start_get_document (public)

 auth::sync::job::start_get_document -job_id job_id

Record the time that we're starting to get the document.

Switches:
-job_id (required)
The ID of the batch job you're ending.

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_start_end sync_start_end (test acs-authentication) auth::sync::job::start_get_document auth::sync::job::start_get_document test_sync_start_end->auth::sync::job::start_get_document db_dml db_dml (public) auth::sync::job::start_get_document->db_dml auth::authority::batch_sync auth::authority::batch_sync (public) auth::authority::batch_sync->auth::sync::job::start_get_document

Testcases:
sync_start_end

auth::sync::process_doc::ims::GetAcknowledgementDocument (private)

 auth::sync::process_doc::ims::GetAcknowledgementDocument job_id \
    document parameters

Generates an record-wise acknowledgement document in home-brewed adaptation of the IMS Enterprise v 1.1 spec.

Parameters:
job_id (required)
document (required)
parameters (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_sync_process_ims_implementations auth_sync_process_ims_implementations (test acs-authentication) auth::sync::process_doc::ims::GetAcknowledgementDocument auth::sync::process_doc::ims::GetAcknowledgementDocument test_auth_sync_process_ims_implementations->auth::sync::process_doc::ims::GetAcknowledgementDocument db_foreach db_foreach (public) auth::sync::process_doc::ims::GetAcknowledgementDocument->db_foreach xml_doc_get_first_node xml_doc_get_first_node (public) auth::sync::process_doc::ims::GetAcknowledgementDocument->xml_doc_get_first_node xml_get_child_node_content_by_path xml_get_child_node_content_by_path (public) auth::sync::process_doc::ims::GetAcknowledgementDocument->xml_get_child_node_content_by_path xml_node_get_name xml_node_get_name (public) auth::sync::process_doc::ims::GetAcknowledgementDocument->xml_node_get_name xml_parse xml_parse (public) auth::sync::process_doc::ims::GetAcknowledgementDocument->xml_parse AcsSc.auth_sync_process.getacknowledgementdocument.ims_enterprise_v_1p1 AcsSc.auth_sync_process.getacknowledgementdocument.ims_enterprise_v_1p1 (private) AcsSc.auth_sync_process.getacknowledgementdocument.ims_enterprise_v_1p1->auth::sync::process_doc::ims::GetAcknowledgementDocument auth::sync::process_doc::ims::register_impl auth::sync::process_doc::ims::register_impl (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::GetAcknowledgementDocument

Testcases:
auth_sync_process_ims_implementations

auth::sync::process_doc::ims::GetElements (private)

 auth::sync::process_doc::ims::GetElements parameters

Elements controlled by IMS Enterprise 1.1 auth_sync_process implementation.

Parameters:
parameters (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_sync_process_ims_implementations auth_sync_process_ims_implementations (test acs-authentication) auth::sync::process_doc::ims::GetElements auth::sync::process_doc::ims::GetElements test_auth_sync_process_ims_implementations->auth::sync::process_doc::ims::GetElements test_sync_batch_ims_test sync_batch_ims_test (test acs-authentication) test_sync_batch_ims_test->auth::sync::process_doc::ims::GetElements AcsSc.auth_sync_process.getelements.ims_enterprise_v_1p1 AcsSc.auth_sync_process.getelements.ims_enterprise_v_1p1 (private) AcsSc.auth_sync_process.getelements.ims_enterprise_v_1p1->auth::sync::process_doc::ims::GetElements auth::sync::process_doc::ims::register_impl auth::sync::process_doc::ims::register_impl (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::GetElements

Testcases:
sync_batch_ims_test, auth_sync_process_ims_implementations

auth::sync::process_doc::ims::GetParameters (private)

 auth::sync::process_doc::ims::GetParameters

Parameters for IMS Enterprise 1.1 auth_sync_process implementation.

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_sync_process_ims_implementations auth_sync_process_ims_implementations (test acs-authentication) auth::sync::process_doc::ims::GetParameters auth::sync::process_doc::ims::GetParameters test_auth_sync_process_ims_implementations->auth::sync::process_doc::ims::GetParameters AcsSc.auth_sync_process.getparameters.ims_enterprise_v_1p1 AcsSc.auth_sync_process.getparameters.ims_enterprise_v_1p1 (private) AcsSc.auth_sync_process.getparameters.ims_enterprise_v_1p1->auth::sync::process_doc::ims::GetParameters auth::sync::process_doc::ims::register_impl auth::sync::process_doc::ims::register_impl (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::GetParameters

Testcases:
auth_sync_process_ims_implementations

auth::sync::process_doc::ims::ProcessDocument (private)

 auth::sync::process_doc::ims::ProcessDocument job_id document \
    parameters

Process IMS Enterprise 1.1 document.

Parameters:
job_id (required)
document (required)
parameters (required)

Partial Call Graph (max 5 caller/called nodes):
%3 test_auth_sync_process_ims_implementations auth_sync_process_ims_implementations (test acs-authentication) auth::sync::process_doc::ims::ProcessDocument auth::sync::process_doc::ims::ProcessDocument test_auth_sync_process_ims_implementations->auth::sync::process_doc::ims::ProcessDocument auth::sync::job::action auth::sync::job::action (public) auth::sync::process_doc::ims::ProcessDocument->auth::sync::job::action xml_doc_get_first_node xml_doc_get_first_node (public) auth::sync::process_doc::ims::ProcessDocument->xml_doc_get_first_node xml_get_child_node_content_by_path xml_get_child_node_content_by_path (public) auth::sync::process_doc::ims::ProcessDocument->xml_get_child_node_content_by_path xml_node_get_attribute xml_node_get_attribute (public) auth::sync::process_doc::ims::ProcessDocument->xml_node_get_attribute xml_node_get_children_by_name xml_node_get_children_by_name (public) auth::sync::process_doc::ims::ProcessDocument->xml_node_get_children_by_name AcsSc.auth_sync_process.processdocument.ims_enterprise_v_1p1 AcsSc.auth_sync_process.processdocument.ims_enterprise_v_1p1 (private) AcsSc.auth_sync_process.processdocument.ims_enterprise_v_1p1->auth::sync::process_doc::ims::ProcessDocument auth::sync::process_doc::ims::register_impl auth::sync::process_doc::ims::register_impl (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::ProcessDocument

Testcases:
auth_sync_process_ims_implementations

auth::sync::process_doc::ims::register_impl (private)

 auth::sync::process_doc::ims::register_impl

Register this implementation

Partial Call Graph (max 5 caller/called nodes):
%3 auth::after_upgrade auth::after_upgrade (private) auth::sync::process_doc::ims::register_impl auth::sync::process_doc::ims::register_impl auth::after_upgrade->auth::sync::process_doc::ims::register_impl auth::package_install auth::package_install (private) auth::package_install->auth::sync::process_doc::ims::register_impl acs_sc::impl::new_from_spec acs_sc::impl::new_from_spec (public) auth::sync::process_doc::ims::register_impl->acs_sc::impl::new_from_spec auth::sync::process_doc::ims::GetAcknowledgementDocument auth::sync::process_doc::ims::GetAcknowledgementDocument (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::GetAcknowledgementDocument auth::sync::process_doc::ims::GetElements auth::sync::process_doc::ims::GetElements (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::GetElements auth::sync::process_doc::ims::GetParameters auth::sync::process_doc::ims::GetParameters (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::GetParameters auth::sync::process_doc::ims::ProcessDocument auth::sync::process_doc::ims::ProcessDocument (private) auth::sync::process_doc::ims::register_impl->auth::sync::process_doc::ims::ProcessDocument

Testcases:
No testcase defined.

auth::sync::process_doc::ims::unregister_impl (private)

 auth::sync::process_doc::ims::unregister_impl

Unregister this implementation

Partial Call Graph (max 5 caller/called nodes):
%3 auth::package_uninstall auth::package_uninstall (private) auth::sync::process_doc::ims::unregister_impl auth::sync::process_doc::ims::unregister_impl auth::package_uninstall->auth::sync::process_doc::ims::unregister_impl acs_sc::impl::delete acs_sc::impl::delete (public) auth::sync::process_doc::ims::unregister_impl->acs_sc::impl::delete

Testcases:
No testcase defined.

auth::sync::purge_jobs (public)

 auth::sync::purge_jobs [ -num_days num_days ]

Purge jobs that are older than KeepBatchLogDays days.

Switches:
-num_days (optional)

Partial Call Graph (max 5 caller/called nodes):
%3 test_sync_start_end sync_start_end (test acs-authentication) auth::sync::purge_jobs auth::sync::purge_jobs test_sync_start_end->auth::sync::purge_jobs db_dml db_dml (public) auth::sync::purge_jobs->db_dml parameter::get_from_package_key parameter::get_from_package_key (public) auth::sync::purge_jobs->parameter::get_from_package_key

Testcases:
sync_start_end

auth::sync::sweeper (private)

 auth::sync::sweeper

Partial Call Graph (max 5 caller/called nodes):
%3 auth::authority::batch_sync auth::authority::batch_sync (public) db_foreach db_foreach (public) auth::sync::sweeper auth::sync::sweeper auth::sync::sweeper->auth::authority::batch_sync auth::sync::sweeper->db_foreach

Testcases:
No testcase defined.
[ hide source ] | [ make this the default ]

Content File Source

ad_library {
    API for managing synchronization of user data.

    @creation-date 2003-09-05
    @author Lars Pind (lars@collaboraid.biz)
    @cvs-id $Id: sync-procs.tcl,v 1.44.2.7 2024/08/20 08:58:02 gustafn Exp $
}

namespace eval auth {}
namespace eval auth::sync {}
namespace eval auth::sync::job {}
namespace eval auth::sync::get_doc {}
namespace eval auth::sync::get_doc::http {}
namespace eval auth::sync::get_doc::file {}
namespace eval auth::sync::entry {}
namespace eval auth::sync::process_doc {}
namespace eval auth::sync::process_doc::ims {}

#####
#
# auth::sync::job namespace
#
#####

d_proc -public auth::sync::job::get {
    {-job_id:required}
    {-array:required}
} {
    Get information about a batch job in an array.

    @param job_id        The ID of the batch job you're ending.
    @param array         Name of an array into which you want the information.
    @author Lars Pind (lars@collaboraid.biz)
} {
    upvar 1 $array row

    db_1row select_job {} -column_array row

    set row(log_url) [export_vars -base "[ad_url]/acs-admin/auth/batch-job" { job_id }]
}

d_proc -public auth::sync::job::get_entries {
    {-job_id:required}
} {
    Get a list of entry_ids of the job log entries, ordered by entry_time.

    @param job_id        The ID of the batch job you're ending.

    @author Lars Pind (lars@collaboraid.biz)
} {
    return [db_list select_entries { select entry_id from auth_batch_job_entries where job_id = :job_id order by entry_time }]
}

d_proc -public auth::sync::job::get_authority_id {
    {-job_id:required}
} {
    Get the authority_id from a job_id. Cached.

    @param job_id        The ID of the batch job you're ending.
    @author Lars Pind (lars@collaboraid.biz)
} {
    return [util_memoize [list auth::sync::job::get_authority_id_not_cached $job_id]]
}

d_proc -private auth::sync::job::get_authority_id_flush {
    {-job_id ""}
} {
    Flush cache

    @param job_id        The ID of the batch job you're ending.
    @author Lars Pind (lars@collaboraid.biz)
} {
    if { $job_id ne "" } {
        util_memoize_flush [list auth::sync::job::get_authority_id_not_cached $job_id]
    } else {
        util_memoize_flush_regexp [list auth::sync::job::get_authority_id_not_cached .*]
    }
}

d_proc -private auth::sync::job::get_authority_id_seed {
    {-job_id:required}
    {-authority_id:required}
} {
    Flush cache

    @param job_id        The ID of the batch job you're ending.
    @author Lars Pind (lars@collaboraid.biz)
} {
    util_memoize_seed [list auth::sync::job::get_authority_id_not_cached $job_id$authority_id
}

d_proc -private auth::sync::job::get_authority_id_not_cached {
    job_id
} {
    Get the authority_id from a job_id. Not cached.

    @param job_id        The ID of the batch job you're ending.
    @author Lars Pind (lars@collaboraid.biz)
    @see auth::sync::job::get_authority_id
} {
    return [db_string select_auth_id { select authority_id from auth_batch_jobs where job_id = :job_id }]
}

d_proc -public auth::sync::job::start {
    {-job_id ""}
    {-authority_id:required}
    {-interactive:boolean}
    {-creation_user ""}
} {
    Record the beginning of a job.

    @param authority_id      The ID of the authority you're trying to sync
    @param interactive       Set this if this is an interactive job, i.e. it's initiated by a user.
    @return job_id           An ID for the new batch job. Used when calling other procs in this API.
    @author Lars Pind (lars@collaboraid.biz)
} {
    db_transaction {
        if { $job_id eq "" } {
            set job_id [db_nextval "auth_batch_jobs_job_id_seq"]
        }

        if { $interactive_p && $creation_user eq "" } {
            set creation_user [ad_conn user_id]
        }

        set interactive_p [db_boolean $interactive_p]

        db_dml job_insert {
            insert into auth_batch_jobs
            (job_id, interactive_p, creation_user, authority_id)
            values
            (:job_id, :interactive_p, :creation_user, :authority_id)
        }

    }

    # See the cache, we're going to need it shortly
    auth::sync::job::get_authority_id_seed -job_id $job_id -authority_id $authority_id

    return $job_id
}

d_proc -public auth::sync::job::end {
    {-job_id:required}
    {-message ""}
} {
    Record the end of a batch job. Closes out the transaction
    log and sends out notifications.

    @param job_id        The ID of the batch job you're ending.
    @return array list with result of auth::sync::job::get.
    @see auth::sync::job::get
    @author Lars Pind (lars@collaboraid.biz)
} {
    db_dml update_job_end {}

    # interactive_p, run_time_seconds, num_actions, num_problems
    get -job_id $job_id -array job

    set email_p [parameter::get_from_package_key \
                     -parameter SyncEmailConfirmationP \
                     -package_key "acs-authentication" \
                     -default 0]

    if { ![string is true -strict $job(interactive_p)] && $email_p } {
        # Only send out email if not an interactive job

        ad_try {
            acs_mail_lite::send -send_immediately \
                -to_addr [ad_system_owner] \
                -from_addr [ad_system_owner] \
                -subject "Batch user synchronization for $job(authority_pretty_name) complete" \
                -body "Batch user synchronization for $job(authority_pretty_name) is complete.

Authority         : $job(authority_pretty_name)
Running time      : $job(run_time_seconds) seconds
Number of actions : $job(num_actions)
Number of problems: $job(num_problems)
Job message       : $job(message)

To view the complete log, please visit\n$job(log_url)"
        } on error {errorMsg} {
            # We don't fail hard here, just log an error
            ad_log Error "Error sending registration confirmation to [ad_system_owner]: $errorMsg"
        }
    }

    return [array get job]
}

d_proc -public auth::sync::job::start_get_document {
    {-job_id:required}
} {
    Record the time that we're starting to get the document.

    @param job_id The ID of the batch job you're ending.
} {
    db_dml update_doc_start_time {}
}

d_proc -public auth::sync::job::end_get_document {
    {-job_id:required}
    {-doc_status:required}
    {-doc_message ""}
    {-document ""}
    {-snapshot:boolean}
} {
    Record the time that we've finished getting the document, and record the status.

    @param job_id The ID of the batch job you're ending.
    @param snapshot          Set this if this is a snapshot job, as opposed to an incremental ('event driven') job.
} {
    set snapshot_p [db_boolean $snapshot_p]

    db_dml update_doc_end {} -clobs [list $document]
}

d_proc -public auth::sync::job::create_entry {
    {-job_id:required}
    {-operation:required}
    {-username:required}
    {-user_id ""}
    {-success:boolean}
    {-message ""}
    {-element_messages ""}
} {
    Record a batch job entry.

    @param job_id The ID of the batch job you're ending.
    @param operation One of 'insert', 'update', or 'delete'.
    @param username The username of the user being inserted/updated/deleted.
    @param user_id The user_id of the local user account, if known.
    @param success Whether or not the operation went well.
    @param message Any error message to stick into the log.
    @return entry_id
} {
    set success_p_db [expr {$success_p ? "t" : "f"}]

    set entry_id [db_nextval "auth_batch_job_entry_id_seq"]

    db_dml insert_entry {} -clobs [list $element_messages]

    return $entry_id
}

d_proc -public auth::sync::job::get_entry {
    {-entry_id:required}
    {-array:required}
} {
    Get information about a log entry
} {
    upvar 1 $array row

    db_1row select_entry {
        select e.entry_id,
               e.job_id,
               e.entry_time,
               e.operation,
               j.authority_id,
               e.username,
               e.user_id,
               e.success_p,
               e.message,
               e.element_messages
        from   auth_batch_job_entries e,
               auth_batch_jobs j
        where  e.entry_id = :entry_id
        and    j.job_id = e.job_id
    } -column_array row
}


d_proc -public auth::sync::job::action {
    {-job_id:required}
    {-operation:required}
    {-username:required}
    {-array ""}
} {
    Inserts/updates/deletes a user, depending on the operation.

    @param job_id        The job which this is part of for logging purposes.
    @param operation     'insert', 'update', 'delete', or 'snapshot'.
    @param username      The username which this action refers to.
    @param array         Name of an array containing the relevant registration elements.
                         Not required if this is a delete operation.
    @return entry_id of newly created entry
} {
    if { $operation ne "delete" && $array eq "" } {
        error "Switch -array is required when operation is not delete"
    }
    upvar 1 $array user_info

    set entry_id {}
    set user_id {}

    set authority_id [get_authority_id -job_id $job_id]

    db_transaction {
        set user_id [acs_user::get_by_username \
                         -authority_id $authority_id \
                         -username $username]

        set success_p 1
        array set result {
            message {}
            element_messages {}
        }

        switch $operation {
            snapshot {
                if { $user_id ne "" } {
                    # user exists, it's an update
                    set operation "update"
                } else {
                    # user does not exist, it's an insert
                    set operation "insert"
                }
            }
            update - delete {
                if { $user_id eq "" } {
                    # Updating/deleting a user that doesn't exist
                    set success_p 0
                    set result(message) "A user with username '$username' does not exist"
                } else {
                    acs_user::get -user_id $user_id -array existing_user_info
                    if {$existing_user_info(member_state) eq "banned"} {
                        # Updating/deleting a user that's already deleted
                        set success_p 0
                        set result(message) "The user with username '$username' has been deleted (banned)"
                    }
                }
            }
            insert {
                if { $user_id ne "" } {
                    acs_user::get -user_id $user_id -array existing_user_info
                    if { $existing_user_info(member_state) ne "banned" } {
                        # Inserting a user that already exists (and is not deleted)
                        set success_p 0
                        set result(message) "A user with username '$username' already exists"
                    }
                }
            }
        }

        # Only actually perform the action if we didn't already encounter a problem
        if { $success_p } {
            ad_try {
                switch $operation {
                    "insert" {
                        # We set email_verified_p to 't', because we trust the email we get from the remote system
                        set user_info(email_verified_p) t

                        array set result [auth::create_local_account \
                                              -authority_id $authority_id \
                                              -username $username \
                                              -array user_info]

                        if { $result(creation_status) ne "ok" } {
                            set result(message) $result(creation_message)
                            set success_p 0
                        } else {
                            set user_id $result(user_id)

                            set add_to_dotlrn_p [parameter::get_from_package_key \
                                                     -parameter SyncAddUsersToDotLrnP \
                                                     -package_key "acs-authentication" \
                                                     -default 0]

                            if { $add_to_dotlrn_p } {
                                # Add user to .LRN
                                # Beware that this creates a portal and lots of other things for each user

                                set type [parameter::get_from_package_key \
                                              -parameter SyncDotLrnUserType \
                                              -package_key "acs-authentication" \
                                              -default "student"]

                                set can_browse_p [parameter::get_from_package_key \
                                                      -parameter SyncDotLrnAccessLevel \
                                                      -package_key "acs-authentication" \
                                                      -default 1]

                                set read_private_data_p [parameter::get_from_package_key \
                                                             -parameter SyncDotLrnReadPrivateDataP \
                                                             -package_key "acs-authentication" \
                                                             -default 1]

                                dotlrn::user_add \
                                    -id $user_info(email) \
                                    -type $type \
                                    -can_browse=$can_browse_p \
                                    -user_id $user_id

                                dotlrn_privacy::set_user_is_non_guest \
                                    -user_id $user_id \
                                    -value $read_private_data_p

                            }
                        }

                        # We ignore account_status
                    }
                    "update" {
                        # We set email_verified_p to 't', because we trust the email we get from the remote system
                        set user_info(email_verified_p) t

                        array set result [auth::update_local_account \
                                              -authority_id $authority_id \
                                              -username $username \
                                              -array user_info]

                        if { $result(update_status) ne "ok" } {
                            set result(message) $result(update_message)
                            set success_p 0
                        } else {
                            set user_id $result(user_id)
                        }
                    }
                    "delete" {
                        array set result [auth::delete_local_account \
                                              -authority_id $authority_id \
                                              -username $username]

                        if { $result(delete_status) ne "ok" } {
                            set result(message) $result(delete_message)
                            set success_p 0
                        } else {
                            set user_id $result(user_id)
                        }
                    }
                }
            } on error {errorMsg} {
                # Get errorInfo and log it
                ad_log Error "Error during batch synchronization job: $errorMsg"
                set success_p 0
                set result(message) $::errorInfo
            }
        }

        # Make a log entry
        set entry_id [auth::sync::job::create_entry \
                          -job_id $job_id \
                          -operation $operation \
                          -username $username \
                          -user_id $user_id \
                          -success=$success_p \
                          -message $result(message) \
                          -element_messages $result(element_messages)]
    }

    return $entry_id
}

d_proc -public auth::sync::job::snapshot_delete_remaining {
    {-job_id:required}
} {
    Deletes the users that weren't included in the snapshot.
} {
    set authority_id [get_authority_id -job_id $job_id]

    set usernames [db_list select_user_ids {
        select username
        from   cc_users
        where  authority_id = :authority_id
        and    user_id not in (select user_id from auth_batch_job_entries where job_id = :job_id and authority_id = :authority_id)
        and    member_state != 'banned'
    }]

    foreach username $usernames {
        auth::sync::job::action \
            -job_id $job_id \
            -operation "delete" \
            -username $username
    }
}


#####
#
# auth::sync namespace
#
#####

d_proc -public auth::sync::purge_jobs {
    {-num_days ""}
} {
    Purge jobs that are older than KeepBatchLogDays days.
} {
    if { $num_days eq "" } {
        set num_days [parameter::get_from_package_key \
                          -parameter KeepBatchLogDays \
                          -package_key "acs-authentication" \
                          -default 0]
    }

    if {![string is integer -strict $num_days]} {
        error "num_days ($num_days) has to be an integer"
    }

    if { $num_days > 0 } {
        db_dml purge_jobs {}
    }
}

d_proc -private auth::sync::get_sync_elements {
    {-user_id ""}
    {-authority_id ""}
} {
    Get a Tcl list of the user profile elements controlled by the batch synchronization.
    These should not be editable by the user. Supply either user_id or authority_id.
    Authority_id is the most efficient.
} {
    if { $authority_id eq "" } {
        if { $user_id eq "" } {
            error "You must supply either user_id or authority_id"
        }
        set authority_id [acs_user::get_element -user_id $user_id -element authority_id]
    }

    #
    # Try to sync. Many authorities do no support auth_sync_process,
    # but these will issue an exception below.
    #
    # TODO: using a different error-code could make the code saver, by
    # just ignoring such cases.
    #
    set elms [list]
    ad_try  {
        set elms [auth::sync::GetElements -authority_id $authority_id]
    } trap {AD EXCEPTION NO_AUTH_SYNC} {} {
        # authentication does not support auth_sync_process"
        ns_log notice "authentication of authority_id $authority_id does not support auth_sync_process"
    } on error {errorMsg dict} {
        ad_log error "auth::sync::GetElements raised: $errorMsg ($dict)"
    }

    return $elms
}

ad_proc -private auth::sync::sweeper {} {
    db_foreach select_authorities {
        select authority_id
        from   auth_authorities
        where  enabled_p = 't'
        and    batch_sync_enabled_p = 't'
    } {
        auth::authority::batch_sync \
            -authority_id $authority_id
    }
}

d_proc -private auth::sync::GetDocument {
    {-authority_id:required}
} {
    Wrapper for the GetDocument operation of the auth_sync_retrieve service contract.
} {
    set impl_id [auth::authority::get_element -authority_id $authority_id -element "get_doc_impl_id"]

    if { $impl_id eq "" } {
        # No implementation of GetDocument
        set authority_pretty_name [auth::authority::get_element -authority_id $authority_id -element "pretty_name"]
        error "The authority '$authority_pretty_name' doesn't support GetDocument"
    }

    set parameters [auth::driver::get_parameter_values \
                        -authority_id $authority_id \
                        -impl_id $impl_id]

    return [acs_sc::invoke \
                -error \
                -contract "auth_sync_retrieve" \
                -impl_id $impl_id \
                -operation GetDocument \
                -call_args [list $parameters]]
}

d_proc -private auth::sync::ProcessDocument {
    {-authority_id:required}
    {-job_id:required}
    {-document:required}
} {
    Wrapper for the ProcessDocument operation of the auth_sync_process service contract.
} {
    set impl_id [auth::authority::get_element -authority_id $authority_id -element "process_doc_impl_id"]

    if { $impl_id eq "" } {
        # No implementation of auth_sync_process
        set authority_pretty_name [auth::authority::get_element -authority_id $authority_id -element "pretty_name"]
        error "The authority '$authority_pretty_name' doesn't support auth_sync_process"
    }

    set parameters [auth::driver::get_parameter_values \
                        -authority_id $authority_id \
                        -impl_id $impl_id]

    return [acs_sc::invoke \
                -error \
                -contract "auth_sync_process" \
                -impl_id $impl_id \
                -operation ProcessDocument \
                -call_args [list $job_id $document $parameters]]
}

d_proc -private auth::sync::GetAcknowledgementDocument {
    {-authority_id:required}
    {-job_id:required}
    {-document:required}
} {
    Wrapper for the GetAckDocument operation of the auth_sync_process service contract.
} {
    set impl_id [auth::authority::get_element -authority_id $authority_id -element "process_doc_impl_id"]

    if { $impl_id eq "" } {
        # No implementation of auth_sync_process
        set authority_pretty_name [auth::authority::get_element -authority_id $authority_id -element "pretty_name"]
        ad_raise NO_AUTH_SYNC "The authority '$authority_pretty_name' doesn't support auth_sync_process"
    }

    set parameters [auth::driver::get_parameter_values \
                        -authority_id $authority_id \
                        -impl_id $impl_id]

    return [acs_sc::invoke \
                -error \
                -contract "auth_sync_process" \
                -impl_id $impl_id \
                -operation GetAcknowledgementDocument \
                -call_args [list $job_id $document $parameters]]
}

d_proc -private auth::sync::GetElements {
    {-authority_id:required}
} {
    Wrapper for the GetElements operation of the auth_sync_process service contract.
} {
    set impl_id [auth::authority::get_element -authority_id $authority_id -element "process_doc_impl_id"]

    if { $impl_id eq "" } {
        # No implementation of auth_sync_process
        set authority_pretty_name [auth::authority::get_element -authority_id $authority_id -element "pretty_name"]
        ad_raise NO_AUTH_SYNC "The authority '$authority_pretty_name' doesn't support auth_sync_process"
    }

    set parameters [auth::driver::get_parameter_values \
                        -authority_id $authority_id \
                        -impl_id $impl_id]

    return [acs_sc::invoke \
                -error \
                -contract "auth_sync_process" \
                -impl_id $impl_id \
                -operation GetElements \
                -call_args [list $parameters]]
}





#####
#
# auth::sync::get_doc::http namespace
#
#####

ad_proc -private auth::sync::get_doc::http::register_impl {} {
    Register this implementation
} {
    set spec {
        contract_name "auth_sync_retrieve"
        owner "acs-authentication"
        name "HTTPGet"
        pretty_name "HTTP GET"
        aliases {
            GetDocument auth::sync::get_doc::http::GetDocument
            GetParameters auth::sync::get_doc::http::GetParameters
        }
    }

    return [acs_sc::impl::new_from_spec -spec $spec]

}

ad_proc -private auth::sync::get_doc::http::unregister_impl {} {
    Unregister this implementation
} {
    acs_sc::impl::delete -contract_name "auth_sync_retrieve" -impl_name "HTTPGet"
}

ad_proc -private auth::sync::get_doc::http::GetParameters {} {
    Parameters for HTTP GetDocument implementation.
} {
    return {
        IncrementalURL {The URL from which to retrieve document for incremental update. Will retrieve this most of the time.}
        SnapshotURL {The URL from which to retrieve document for snapshot update. If specified, will get this once per month.}
    }
}

d_proc -private auth::sync::get_doc::http::GetDocument {
    parameters
} {
    Retrieve the document by HTTP
} {
    array set result {
        doc_status failed_to_conntect
        doc_message {}
        document {}
        snapshot_p f
    }

    array set param $parameters

    if { ($param(SnapshotURL) ne "" && [clock format [clock seconds] -format "%d"] eq "01")
         || $param(IncrementalURL) eq ""
     } {
        # On the first day of the month, we get a snapshot
        set url $param(SnapshotURL)
        set result(snapshot_p) "t"
    } else {
        # All the other days of the month, we get the incremental
        set url $param(IncrementalURL)
    }

    if { $url eq "" } {
        error "You must specify at least one URL to get."
    }

    set dict [util::http::get -url $url]
    set result(document) [dict get $dict page]

    set result(doc_status) "ok"

    return [array get result]
}



#####
#
# auth::sync::get_doc::file namespace
#
#####

ad_proc -private auth::sync::get_doc::file::register_impl {} {
    Register this implementation
} {
    set spec {
        contract_name "auth_sync_retrieve"
        owner "acs-authentication"
        name "LocalFilesystem"
        pretty_name "Local Filesystem"
        aliases {
            GetDocument auth::sync::get_doc::file::GetDocument
            GetParameters auth::sync::get_doc::file::GetParameters
        }
    }

    return [acs_sc::impl::new_from_spec -spec $spec]

}

ad_proc -private auth::sync::get_doc::file::unregister_impl {} {
    Unregister this implementation
} {
    acs_sc::impl::delete -contract_name "auth_sync_retrieve" -impl_name "LocalFilesystem"
}

ad_proc -private auth::sync::get_doc::file::GetParameters {} {
    Parameters for FILE GetDocument implementation.
} {
    return {
        IncrementalPath {The path to the document for incremental update. Will retrieve this most of the time.}
        SnapshotPath {The path to the document for snapshot update. If specified, will get this once per month.}
    }
}

d_proc -private auth::sync::get_doc::file::GetDocument {
    parameters
} {
    Retrieve the document from local filesystem
} {
    array set result {
        doc_status failed_to_conntect
        doc_message {}
        document {}
        snapshot_p f
    }

    array set param $parameters

    if { ($param(SnapshotPath) ne "" && [clock format [clock seconds] -format "%d"] eq "01")
         || $param(IncrementalPath) eq ""
     } {
        # On the first day of the month, we get a snapshot
        set path $param(SnapshotPath)
        set result(snapshot_p) "t"
    } else {
        # All the other days of the month, we get the incremental
        set path $param(IncrementalPath)
    }

    if { $path eq "" } {
        error "You must specify at least one path to get."
    }

    set result(document) [template::util::read_file $path]

    set result(doc_status) "ok"

    return [array get result]
}



#####
#
# auth::sync::process_doc::ims namespace
#
#####

ad_proc -private auth::sync::process_doc::ims::register_impl {} {
    Register this implementation
} {
    set spec {
        contract_name "auth_sync_process"
        owner "acs-authentication"
        name "IMS_Enterprise_v_1p1"
        pretty_name "IMS Enterprise 1.1"
        aliases {
            ProcessDocument auth::sync::process_doc::ims::ProcessDocument
            GetAcknowledgementDocument auth::sync::process_doc::ims::GetAcknowledgementDocument
            GetElements auth::sync::process_doc::ims::GetElements
            GetParameters auth::sync::process_doc::ims::GetParameters
        }
    }

    return [acs_sc::impl::new_from_spec -spec $spec]

}

ad_proc -private auth::sync::process_doc::ims::unregister_impl {} {
    Unregister this implementation
} {
    acs_sc::impl::delete -contract_name "auth_sync_process" -impl_name "IMS_Enterprise_v_1p1"
}

ad_proc -private auth::sync::process_doc::ims::GetParameters {} {
    Parameters for IMS Enterprise 1.1 auth_sync_process implementation.
} {
    return {
        Elements {List of elements covered by IMS batch synchronization, which we should prevent users from editing in OpenACS. Example: 'username email first_names last_name url'.}
    }
}


d_proc -private auth::sync::process_doc::ims::GetElements {
    parameters
} {
    Elements controlled by IMS Enterprise 1.1 auth_sync_process implementation.
} {
    array set param $parameters
    return $param(Elements)
}

d_proc -private auth::sync::process_doc::ims::ProcessDocument {
    job_id
    document
    parameters
} {
    Process IMS Enterprise 1.1 document.
} {
    set tree [xml_parse -persist $document]
    set root_node [xml_doc_get_first_node $tree]

    if { [xml_node_get_name $root_node] ne "enterprise" } {
        $tree delete
        error "Root node was not <enterprise>"
    }

    # Loop over <person> records
    foreach person_node [xml_node_get_children_by_name $root_node "person"] {
        switch [xml_node_get_attribute $person_node "recstatus"] {
            1 {
                set operation "insert"
            }
            2 {
                set operation "update"
            }
            3 {
                set operation "delete"
            }
            default {
                set operation "snapshot"
            }
        }

        # Initialize this record
        array unset user_info

        set username [xml_get_child_node_content_by_path $person_node { { userid } { sourcedid id } }]

        set user_info(email) [xml_get_child_node_content_by_path $person_node { { email } }]
        set user_info(url) [xml_get_child_node_content_by_path $person_node { { url } }]

        # We need a little more logic to deal with first_names/last_name, since they may not be split up in the XML
        set user_info(first_names) [xml_get_child_node_content_by_path $person_node { { name n given } }]
        set user_info(last_name) [xml_get_child_node_content_by_path $person_node { { name n family } }]

        if { $user_info(first_names) eq "" || $user_info(last_name) eq "" } {
            set formatted_name [xml_get_child_node_content_by_path $person_node { { name fn } }]
            if { $formatted_name ne "" || [string first " " $formatted_name] > -1 } {
                # Split, so everything up to the last space goes to first_names, the rest to last_name
                regexp {^(.+) ([^ ]+)$} $formatted_name match user_info(first_names) user_info(last_name)
            }
        }

        auth::sync::job::action \
            -job_id $job_id \
            -operation $operation \
            -username $username \
            -array user_info
    }
    $tree delete
}


d_proc -private auth::sync::process_doc::ims::GetAcknowledgementDocument {
    job_id
    document
    parameters
} {
    Generates an record-wise acknowledgement document in home-brewed
    adaptation of the IMS Enterprise v 1.1 spec.
} {
    set tree [xml_parse -persist $document]

    set root_node [xml_doc_get_first_node $tree]
    if { [xml_node_get_name $root_node] ne "enterprise" } {
        $tree delete
        error "Root node was not <enterprise>"
    }

    set timestamp [xml_get_child_node_content_by_path $root_node { { properties datetime } }]
    $tree delete

    append doc {<?xml version="1.0" encoding="} [ns_config "ns/parameters" OutputCharset] {"?>} \n
    append doc {<enterprise>} \n
    append doc {  <properties>} \n
    append doc {    <type>acknowledgement</type>} \n
    append doc {    <datetime>} $timestamp {</datetime>} \n
    append doc {  </properties>} \n

    array set recstatus {
        insert 1
        update 2
        delete 3
    }

    # Loop over successful actions
    db_foreach select_success_actions {
        select entry_id,
               operation,
               username
        from   auth_batch_job_entries
        where  job_id = :job_id
        and    success_p = 't'
        order  by entry_id
    } {
        if { [info exists recstatus($operation)] } {
            append doc {  <person recstatus="} $recstatus($operation)  {">} \n
            append doc {    <sourcedid><source>OpenACS</source><id>} $username {</id></sourcedid>} \n
            append doc {  </person>} \n
        } else {
            ns_log Error "Illegal operation encountered in job action log: '$operation'. Entry_id is '$entry_id'."
        }
    }

    append doc {</enterprise>} \n

    return $doc
}

# Local variables:
#    mode: tcl
#    tcl-indent-level: 4
#    indent-tabs-mode: nil
# End: