From: Jane Sandberg Date: Fri, 26 Feb 2021 17:55:20 +0000 (-0800) Subject: LP#1871211: Stamp shibboleth upgrade script X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=68d01961ecff98474f391f4693af0658b189477c;p=evergreen%2Fpines.git LP#1871211: Stamp shibboleth upgrade script Signed-off-by: Jane Sandberg --- diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql index ee742a94e7..cab9824cd7 100644 --- a/Open-ILS/src/sql/Pg/002.schema.config.sql +++ b/Open-ILS/src/sql/Pg/002.schema.config.sql @@ -92,7 +92,7 @@ CREATE TRIGGER no_overlapping_deps BEFORE INSERT OR UPDATE ON config.db_patch_dependencies FOR EACH ROW EXECUTE PROCEDURE evergreen.array_overlap_check ('deprecates'); -INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1246', :eg_version); -- miker / rfrasur / jboyer +INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1247', :eg_version); -- miker / cburns / sandbergja CREATE TABLE config.bib_source ( id SERIAL PRIMARY KEY, diff --git a/Open-ILS/src/sql/Pg/upgrade/1247.data.shib_sso.sql b/Open-ILS/src/sql/Pg/upgrade/1247.data.shib_sso.sql new file mode 100644 index 0000000000..986ebc8d0e --- /dev/null +++ b/Open-ILS/src/sql/Pg/upgrade/1247.data.shib_sso.sql @@ -0,0 +1,45 @@ +BEGIN; + +SELECT evergreen.upgrade_deps_block_check('1247', :eg_version); + +INSERT INTO permission.perm_list (id,code,description) VALUES (627,'SSO_ADMIN','Modify patron SSO settings'); + +INSERT INTO config.org_unit_setting_type +( name, grp, label, description, datatype, update_perm ) +VALUES +('opac.login.shib_sso.enable', + 'opac', + oils_i18n_gettext('opac.login.shib_sso.enable', 'Enable Shibboleth SSO for the OPAC', 'coust', 'label'), + oils_i18n_gettext('opac.login.shib_sso.enable', 'Enable Shibboleth SSO for the OPAC', 'coust', 'description'), + 'bool', 627), +('opac.login.shib_sso.entityId', + 'opac', + oils_i18n_gettext('opac.login.shib_sso.entityId', 'Shibboleth SSO Entity ID', 'coust', 'label'), + oils_i18n_gettext('opac.login.shib_sso.entityId', 'Which configured Entity ID to use for SSO when there is more than one available to Shibboleth', 'coust', 'description'), + 'string', 627), +('opac.login.shib_sso.logout', + 'opac', + oils_i18n_gettext('opac.login.shib_sso.logout', 'Log out of the Shibboleth IdP', 'coust', 'label'), + oils_i18n_gettext('opac.login.shib_sso.logout', 'When logging out of Evergreen, also force a logout of the IdP behind Shibboleth', 'coust', 'description'), + 'bool', 627), +('opac.login.shib_sso.allow_native', + 'opac', + oils_i18n_gettext('opac.login.shib_sso.allow_native', 'Allow both Shibboleth and native OPAC authentication', 'coust', 'label'), + oils_i18n_gettext('opac.login.shib_sso.allow_native', 'When Shibboleth SSO is enabled, also allow native Evergreen authentication', 'coust', 'description'), + 'bool', 627), +('opac.login.shib_sso.evergreen_matchpoint', + 'opac', + oils_i18n_gettext('opac.login.shib_sso.evergreen_matchpoint', 'Evergreen SSO matchpoint', 'coust', 'label'), + oils_i18n_gettext('opac.login.shib_sso.evergreen_matchpoint', + 'Evergreen-side field to match a patron against for Shibboleth SSO. Default is usrname. Other reasonable values would be barcode or email.', + 'coust', 'description'), + 'string', 627), +('opac.login.shib_sso.shib_matchpoint', + 'opac', + oils_i18n_gettext('opac.login.shib_sso.shib_matchpoint', 'Shibboleth SSO matchpoint', 'coust', 'label'), + oils_i18n_gettext('opac.login.shib_sso.shib_matchpoint', + 'Shibboleth-side field to match a patron against for Shibboleth SSO. Default is uid; use eppn for Active Directory', 'coust', 'description'), + 'string', 627) +; + +COMMIT; diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.shib_sso.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.shib_sso.sql deleted file mode 100644 index 4dd5f8454e..0000000000 --- a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.shib_sso.sql +++ /dev/null @@ -1,46 +0,0 @@ -BEGIN; - -SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version); - --- XXX Check perm number collisions, and adjust update_perm below if necessary! -INSERT INTO permission.perm_list (id,code,description) VALUES (627,'SSO_ADMIN','Modify patron SSO settings'); - -INSERT INTO config.org_unit_setting_type -( name, grp, label, description, datatype, update_perm ) -VALUES -('opac.login.shib_sso.enable', - 'opac', - oils_i18n_gettext('opac.login.shib_sso.enable', 'Enable Shibboleth SSO for the OPAC', 'coust', 'label'), - oils_i18n_gettext('opac.login.shib_sso.enable', 'Enable Shibboleth SSO for the OPAC', 'coust', 'description'), - 'bool', 627), -('opac.login.shib_sso.entityId', - 'opac', - oils_i18n_gettext('opac.login.shib_sso.entityId', 'Shibboleth SSO Entity ID', 'coust', 'label'), - oils_i18n_gettext('opac.login.shib_sso.entityId', 'Which configured Entity ID to use for SSO when there is more than one available to Shibboleth', 'coust', 'description'), - 'string', 627), -('opac.login.shib_sso.logout', - 'opac', - oils_i18n_gettext('opac.login.shib_sso.logout', 'Log out of the Shibboleth IdP', 'coust', 'label'), - oils_i18n_gettext('opac.login.shib_sso.logout', 'When logging out of Evergreen, also force a logout of the IdP behind Shibboleth', 'coust', 'description'), - 'bool', 627), -('opac.login.shib_sso.allow_native', - 'opac', - oils_i18n_gettext('opac.login.shib_sso.allow_native', 'Allow both Shibboleth and native OPAC authentication', 'coust', 'label'), - oils_i18n_gettext('opac.login.shib_sso.allow_native', 'When Shibboleth SSO is enabled, also allow native Evergreen authentication', 'coust', 'description'), - 'bool', 627), -('opac.login.shib_sso.evergreen_matchpoint', - 'opac', - oils_i18n_gettext('opac.login.shib_sso.evergreen_matchpoint', 'Evergreen SSO matchpoint', 'coust', 'label'), - oils_i18n_gettext('opac.login.shib_sso.evergreen_matchpoint', - 'Evergreen-side field to match a patron against for Shibboleth SSO. Default is usrname. Other reasonable values would be barcode or email.', - 'coust', 'description'), - 'string', 627), -('opac.login.shib_sso.shib_matchpoint', - 'opac', - oils_i18n_gettext('opac.login.shib_sso.shib_matchpoint', 'Shibboleth SSO matchpoint', 'coust', 'label'), - oils_i18n_gettext('opac.login.shib_sso.shib_matchpoint', - 'Shibboleth-side field to match a patron against for Shibboleth SSO. Default is uid; use eppn for Active Directory', 'coust', 'description'), - 'string', 627) -; - -COMMIT;