scimaenaga 0.4.1 → 0.6.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/MIT-LICENSE +1 -0
- data/README.md +8 -22
- data/app/controllers/scim_rails/scim_groups_controller.rb +51 -38
- data/app/controllers/scim_rails/scim_users_controller.rb +27 -65
- data/app/libraries/scim_patch.rb +34 -0
- data/app/libraries/scim_patch_operation.rb +89 -0
- data/app/models/scim_rails/scim_query_parser.rb +5 -3
- data/config/routes.rb +1 -0
- data/lib/generators/scim_rails/templates/initializer.rb +0 -6
- data/lib/scim_rails/config.rb +0 -2
- data/lib/scim_rails/version.rb +1 -1
- data/spec/controllers/scim_rails/scim_groups_controller_spec.rb +224 -129
- data/spec/controllers/scim_rails/scim_users_controller_spec.rb +115 -29
- data/spec/dummy/app/models/user.rb +12 -0
- data/spec/dummy/bin/setup +2 -0
- data/spec/dummy/config/initializers/scim_rails_config.rb +4 -5
- data/spec/dummy/db/migrate/20220117095407_add_country_to_users.rb +5 -0
- data/spec/dummy/db/schema.rb +6 -5
- data/spec/dummy/db/seeds.rb +5 -0
- data/spec/libraries/scim_patch_operation_spec.rb +96 -0
- data/spec/libraries/scim_patch_spec.rb +83 -0
- data/spec/models/scim_query_parser_spec.rb +30 -0
- metadata +13 -5
- data/spec/support/scim_rails_config.rb +0 -59
@@ -1,32 +1,32 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
3
|
+
require 'spec_helper'
|
4
4
|
|
5
5
|
RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
6
6
|
include AuthHelper
|
7
7
|
|
8
8
|
routes { ScimRails::Engine.routes }
|
9
9
|
|
10
|
-
describe
|
10
|
+
describe 'index' do
|
11
11
|
let(:company) { create(:company) }
|
12
12
|
|
13
|
-
context
|
14
|
-
it
|
13
|
+
context 'when unauthorized' do
|
14
|
+
it 'returns scim+json content type' do
|
15
15
|
get :index, as: :json
|
16
16
|
|
17
|
-
expect(response.media_type).to eq
|
17
|
+
expect(response.media_type).to eq 'application/scim+json'
|
18
18
|
end
|
19
19
|
|
20
|
-
it
|
20
|
+
it 'fails with no credentials' do
|
21
21
|
get :index, as: :json
|
22
22
|
|
23
23
|
expect(response.status).to eq 401
|
24
24
|
end
|
25
25
|
|
26
|
-
it
|
27
|
-
request.env[
|
26
|
+
it 'fails with invalid credentials' do
|
27
|
+
request.env['HTTP_AUTHORIZATION'] =
|
28
28
|
ActionController::HttpAuthentication::Basic
|
29
|
-
.encode_credentials(
|
29
|
+
.encode_credentials('unauthorized', '123456')
|
30
30
|
|
31
31
|
get :index, as: :json
|
32
32
|
|
@@ -34,58 +34,58 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
37
|
-
context
|
37
|
+
context 'when authorized' do
|
38
38
|
before :each do
|
39
39
|
http_login(company)
|
40
40
|
end
|
41
41
|
|
42
|
-
it
|
42
|
+
it 'returns scim+json content type' do
|
43
43
|
get :index, as: :json
|
44
44
|
|
45
|
-
expect(response.media_type).to eq
|
45
|
+
expect(response.media_type).to eq 'application/scim+json'
|
46
46
|
end
|
47
47
|
|
48
|
-
it
|
48
|
+
it 'is successful with valid credentials' do
|
49
49
|
get :index, as: :json
|
50
50
|
|
51
51
|
expect(response.status).to eq 200
|
52
52
|
end
|
53
53
|
|
54
|
-
it
|
54
|
+
it 'returns all results' do
|
55
55
|
create_list(:group, 5, company: company)
|
56
56
|
|
57
57
|
get :index, as: :json
|
58
58
|
response_body = JSON.parse(response.body)
|
59
|
-
expect(response_body.dig(
|
60
|
-
eq
|
59
|
+
expect(response_body.dig('schemas', 0)).to(
|
60
|
+
eq 'urn:ietf:params:scim:api:messages:2.0:ListResponse'
|
61
61
|
)
|
62
|
-
expect(response_body[
|
62
|
+
expect(response_body['totalResults']).to eq 5
|
63
63
|
end
|
64
64
|
|
65
|
-
it
|
65
|
+
it 'defaults to 100 results' do
|
66
66
|
create_list(:group, 300, company: company)
|
67
67
|
|
68
68
|
get :index, as: :json
|
69
69
|
response_body = JSON.parse(response.body)
|
70
|
-
expect(response_body[
|
71
|
-
expect(response_body[
|
70
|
+
expect(response_body['totalResults']).to eq 300
|
71
|
+
expect(response_body['Resources'].count).to eq 100
|
72
72
|
end
|
73
73
|
|
74
|
-
it
|
74
|
+
it 'paginates results' do
|
75
75
|
create_list(:group, 400, company: company)
|
76
76
|
expect(company.groups.first.id).to eq 1
|
77
77
|
|
78
78
|
get :index, params: {
|
79
79
|
startIndex: 101,
|
80
|
-
count: 200
|
80
|
+
count: 200,
|
81
81
|
}, as: :json
|
82
82
|
response_body = JSON.parse(response.body)
|
83
|
-
expect(response_body[
|
84
|
-
expect(response_body[
|
85
|
-
expect(response_body.dig(
|
83
|
+
expect(response_body['totalResults']).to eq 400
|
84
|
+
expect(response_body['Resources'].count).to eq 200
|
85
|
+
expect(response_body.dig('Resources', 0, 'id')).to eq 101
|
86
86
|
end
|
87
87
|
|
88
|
-
it
|
88
|
+
it 'paginates results by configurable scim_groups_list_order' do
|
89
89
|
allow(ScimRails.config).to(
|
90
90
|
receive(:scim_groups_list_order).and_return(created_at: :desc)
|
91
91
|
)
|
@@ -95,69 +95,69 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
95
95
|
|
96
96
|
get :index, params: {
|
97
97
|
startIndex: 1,
|
98
|
-
count: 10
|
98
|
+
count: 10,
|
99
99
|
}, as: :json
|
100
100
|
response_body = JSON.parse(response.body)
|
101
|
-
expect(response_body[
|
102
|
-
expect(response_body[
|
103
|
-
expect(response_body.dig(
|
101
|
+
expect(response_body['totalResults']).to eq 400
|
102
|
+
expect(response_body['Resources'].count).to eq 10
|
103
|
+
expect(response_body.dig('Resources', 0, 'id')).to eq 400
|
104
104
|
end
|
105
105
|
|
106
|
-
it
|
107
|
-
create(:group, name:
|
108
|
-
create(:group, name:
|
106
|
+
it 'filters results by provided displayName filter' do
|
107
|
+
create(:group, name: 'Foo', company: company)
|
108
|
+
create(:group, name: 'Bar', company: company)
|
109
109
|
|
110
110
|
get :index, params: {
|
111
|
-
filter:
|
111
|
+
filter: 'displayName eq Bar',
|
112
112
|
}, as: :json
|
113
113
|
response_body = JSON.parse(response.body)
|
114
|
-
expect(response_body[
|
115
|
-
expect(response_body[
|
116
|
-
expect(response_body.dig(
|
114
|
+
expect(response_body['totalResults']).to eq 1
|
115
|
+
expect(response_body['Resources'].count).to eq 1
|
116
|
+
expect(response_body.dig('Resources', 0, 'displayName')).to eq 'Bar'
|
117
117
|
end
|
118
118
|
|
119
|
-
it
|
119
|
+
it 'returns no results for unfound filter parameters' do
|
120
120
|
get :index, params: {
|
121
|
-
filter:
|
121
|
+
filter: 'displayName eq fake_not_there',
|
122
122
|
}, as: :json
|
123
123
|
response_body = JSON.parse(response.body)
|
124
|
-
expect(response_body[
|
125
|
-
expect(response_body[
|
124
|
+
expect(response_body['totalResults']).to eq 0
|
125
|
+
expect(response_body['Resources'].count).to eq 0
|
126
126
|
end
|
127
127
|
|
128
|
-
it
|
128
|
+
it 'returns no results for undefined filter queries' do
|
129
129
|
get :index, params: {
|
130
|
-
filter:
|
130
|
+
filter: 'address eq 101 Nowhere USA',
|
131
131
|
}, as: :json
|
132
132
|
expect(response.status).to eq 400
|
133
133
|
response_body = JSON.parse(response.body)
|
134
|
-
expect(response_body.dig(
|
135
|
-
eq
|
134
|
+
expect(response_body.dig('schemas', 0)).to(
|
135
|
+
eq 'urn:ietf:params:scim:api:messages:2.0:Error'
|
136
136
|
)
|
137
137
|
end
|
138
138
|
end
|
139
139
|
end
|
140
140
|
|
141
|
-
describe
|
141
|
+
describe 'show' do
|
142
142
|
let(:company) { create(:company) }
|
143
143
|
|
144
|
-
context
|
145
|
-
it
|
144
|
+
context 'when unauthorized' do
|
145
|
+
it 'returns scim+json content type' do
|
146
146
|
get :show, params: { id: 1 }, as: :json
|
147
147
|
|
148
|
-
expect(response.media_type).to eq
|
148
|
+
expect(response.media_type).to eq 'application/scim+json'
|
149
149
|
end
|
150
150
|
|
151
|
-
it
|
151
|
+
it 'fails with no credentials' do
|
152
152
|
get :show, params: { id: 1 }, as: :json
|
153
153
|
|
154
154
|
expect(response.status).to eq 401
|
155
155
|
end
|
156
156
|
|
157
|
-
it
|
158
|
-
request.env[
|
157
|
+
it 'fails with invalid credentials' do
|
158
|
+
request.env['HTTP_AUTHORIZATION'] =
|
159
159
|
ActionController::HttpAuthentication::Basic
|
160
|
-
.encode_credentials(
|
160
|
+
.encode_credentials('unauthorized', '123456')
|
161
161
|
|
162
162
|
get :show, params: { id: 1 }, as: :json
|
163
163
|
|
@@ -165,31 +165,31 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
165
165
|
end
|
166
166
|
end
|
167
167
|
|
168
|
-
context
|
168
|
+
context 'when authorized' do
|
169
169
|
before :each do
|
170
170
|
http_login(company)
|
171
171
|
end
|
172
172
|
|
173
|
-
it
|
173
|
+
it 'returns scim+json content type' do
|
174
174
|
get :show, params: { id: 1 }, as: :json
|
175
175
|
|
176
|
-
expect(response.media_type).to eq
|
176
|
+
expect(response.media_type).to eq 'application/scim+json'
|
177
177
|
end
|
178
178
|
|
179
|
-
it
|
179
|
+
it 'is successful with valid credentials' do
|
180
180
|
create(:group, id: 1, company: company)
|
181
181
|
get :show, params: { id: 1 }, as: :json
|
182
182
|
|
183
183
|
expect(response.status).to eq 200
|
184
184
|
end
|
185
185
|
|
186
|
-
it
|
187
|
-
get :show, params: { id:
|
186
|
+
it 'returns :not_found for id that cannot be found' do
|
187
|
+
get :show, params: { id: 'fake_id' }, as: :json
|
188
188
|
|
189
189
|
expect(response.status).to eq 404
|
190
190
|
end
|
191
191
|
|
192
|
-
it
|
192
|
+
it 'returns :not_found for a correct id but unauthorized company' do
|
193
193
|
new_company = create(:company)
|
194
194
|
create(:group, company: new_company, id: 1)
|
195
195
|
|
@@ -200,26 +200,26 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
200
200
|
end
|
201
201
|
end
|
202
202
|
|
203
|
-
describe
|
203
|
+
describe 'create' do
|
204
204
|
let(:company) { create(:company) }
|
205
205
|
|
206
|
-
context
|
207
|
-
it
|
206
|
+
context 'when unauthorized' do
|
207
|
+
it 'returns scim+json content type' do
|
208
208
|
post :create, as: :json
|
209
209
|
|
210
|
-
expect(response.media_type).to eq
|
210
|
+
expect(response.media_type).to eq 'application/scim+json'
|
211
211
|
end
|
212
212
|
|
213
|
-
it
|
213
|
+
it 'fails with no credentials' do
|
214
214
|
post :create, as: :json
|
215
215
|
|
216
216
|
expect(response.status).to eq 401
|
217
217
|
end
|
218
218
|
|
219
|
-
it
|
220
|
-
request.env[
|
219
|
+
it 'fails with invalid credentials' do
|
220
|
+
request.env['HTTP_AUTHORIZATION'] =
|
221
221
|
ActionController::HttpAuthentication::Basic
|
222
|
-
.encode_credentials(
|
222
|
+
.encode_credentials('unauthorized', '123456')
|
223
223
|
|
224
224
|
post :create, as: :json
|
225
225
|
|
@@ -227,107 +227,107 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
227
227
|
end
|
228
228
|
end
|
229
229
|
|
230
|
-
context
|
230
|
+
context 'when authorized' do
|
231
231
|
before :each do
|
232
232
|
http_login(company)
|
233
233
|
end
|
234
234
|
|
235
|
-
it
|
235
|
+
it 'returns scim+json content type' do
|
236
236
|
post :create, params: {
|
237
|
-
displayName:
|
238
|
-
members: []
|
237
|
+
displayName: 'Test Group',
|
238
|
+
members: [],
|
239
239
|
}, as: :json
|
240
240
|
|
241
|
-
expect(response.media_type).to eq
|
241
|
+
expect(response.media_type).to eq 'application/scim+json'
|
242
242
|
end
|
243
243
|
|
244
|
-
it
|
244
|
+
it 'is successful with valid credentials' do
|
245
245
|
expect(company.groups.count).to eq 0
|
246
246
|
|
247
247
|
post :create, params: {
|
248
|
-
displayName:
|
249
|
-
members: []
|
248
|
+
displayName: 'Test Group',
|
249
|
+
members: [],
|
250
250
|
}, as: :json
|
251
251
|
|
252
252
|
expect(response.status).to eq 201
|
253
253
|
expect(company.groups.count).to eq 1
|
254
254
|
group = company.groups.first
|
255
255
|
expect(group.persisted?).to eq true
|
256
|
-
expect(group.name).to eq
|
256
|
+
expect(group.name).to eq 'Test Group'
|
257
257
|
expect(group.users).to eq []
|
258
258
|
end
|
259
259
|
|
260
|
-
it
|
260
|
+
it 'ignores unconfigured params' do
|
261
261
|
post :create, params: {
|
262
|
-
displayName:
|
263
|
-
department:
|
264
|
-
members: []
|
262
|
+
displayName: 'Test Group',
|
263
|
+
department: 'Best Department',
|
264
|
+
members: [],
|
265
265
|
}, as: :json
|
266
266
|
|
267
267
|
expect(response.status).to eq 201
|
268
268
|
expect(company.groups.count).to eq 1
|
269
269
|
end
|
270
270
|
|
271
|
-
it
|
271
|
+
it 'returns 422 if required params are missing' do
|
272
272
|
post :create, params: {
|
273
|
-
members: []
|
273
|
+
members: [],
|
274
274
|
}, as: :json
|
275
275
|
|
276
276
|
expect(response.status).to eq 422
|
277
277
|
expect(company.users.count).to eq 0
|
278
278
|
end
|
279
279
|
|
280
|
-
it
|
281
|
-
create(:group, name:
|
280
|
+
it 'returns 409 if group already exists' do
|
281
|
+
create(:group, name: 'Test Group', company: company)
|
282
282
|
|
283
283
|
post :create, params: {
|
284
|
-
displayName:
|
285
|
-
members: []
|
284
|
+
displayName: 'Test Group',
|
285
|
+
members: [],
|
286
286
|
}, as: :json
|
287
287
|
|
288
288
|
expect(response.status).to eq 409
|
289
289
|
expect(company.groups.count).to eq 1
|
290
290
|
end
|
291
291
|
|
292
|
-
it
|
292
|
+
it 'creates group' do
|
293
293
|
users = create_list(:user, 3, company: company)
|
294
294
|
|
295
295
|
post :create, params: {
|
296
|
-
displayName:
|
296
|
+
displayName: 'Test Group',
|
297
297
|
members: users.map do |user|
|
298
298
|
{ value: user.id.to_s, display: user.email }
|
299
|
-
end
|
299
|
+
end,
|
300
300
|
}, as: :json
|
301
301
|
|
302
302
|
expect(response.status).to eq 201
|
303
303
|
expect(company.groups.count).to eq 1
|
304
304
|
group = company.groups.first
|
305
|
-
expect(group.name).to eq
|
305
|
+
expect(group.name).to eq 'Test Group'
|
306
306
|
expect(group.users.count).to eq 3
|
307
307
|
end
|
308
308
|
end
|
309
309
|
end
|
310
310
|
|
311
|
-
describe
|
311
|
+
describe 'put update' do
|
312
312
|
let(:company) { create(:company) }
|
313
313
|
|
314
|
-
context
|
315
|
-
it
|
314
|
+
context 'when unauthorized' do
|
315
|
+
it 'returns scim+json content type' do
|
316
316
|
put :put_update, params: { id: 1 }, as: :json
|
317
317
|
|
318
|
-
expect(response.media_type).to eq
|
318
|
+
expect(response.media_type).to eq 'application/scim+json'
|
319
319
|
end
|
320
320
|
|
321
|
-
it
|
321
|
+
it 'fails with no credentials' do
|
322
322
|
put :put_update, params: { id: 1 }, as: :json
|
323
323
|
|
324
324
|
expect(response.status).to eq 401
|
325
325
|
end
|
326
326
|
|
327
|
-
it
|
328
|
-
request.env[
|
327
|
+
it 'fails with invalid credentials' do
|
328
|
+
request.env['HTTP_AUTHORIZATION'] =
|
329
329
|
ActionController::HttpAuthentication::Basic
|
330
|
-
.encode_credentials(
|
330
|
+
.encode_credentials('unauthorized', '123456')
|
331
331
|
|
332
332
|
put :put_update, params: { id: 1 }, as: :json
|
333
333
|
|
@@ -335,26 +335,26 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
335
335
|
end
|
336
336
|
end
|
337
337
|
|
338
|
-
context
|
338
|
+
context 'when authorized' do
|
339
339
|
let!(:group) { create(:group, id: 1, company: company) }
|
340
340
|
|
341
341
|
before :each do
|
342
342
|
http_login(company)
|
343
343
|
end
|
344
344
|
|
345
|
-
it
|
345
|
+
it 'returns scim+json content type' do
|
346
346
|
put :put_update, params: put_params, as: :json
|
347
347
|
|
348
|
-
expect(response.media_type).to eq
|
348
|
+
expect(response.media_type).to eq 'application/scim+json'
|
349
349
|
end
|
350
350
|
|
351
|
-
it
|
351
|
+
it 'is successful with with valid credentials' do
|
352
352
|
put :put_update, params: put_params, as: :json
|
353
353
|
|
354
354
|
expect(response.status).to eq 200
|
355
355
|
end
|
356
356
|
|
357
|
-
it
|
357
|
+
it 'can add and delete Users from a Group at once' do
|
358
358
|
user1 = create(:user, company: company, groups: [group])
|
359
359
|
user2 = create(:user, company: company)
|
360
360
|
|
@@ -365,13 +365,13 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
365
365
|
expect(response.status).to eq 200
|
366
366
|
end
|
367
367
|
|
368
|
-
it
|
369
|
-
put :put_update, params: { id:
|
368
|
+
it 'returns :not_found for id that cannot be found' do
|
369
|
+
put :put_update, params: { id: 'fake_id' }, as: :json
|
370
370
|
|
371
371
|
expect(response.status).to eq 404
|
372
372
|
end
|
373
373
|
|
374
|
-
it
|
374
|
+
it 'returns :not_found for a correct id but unauthorized company' do
|
375
375
|
new_company = create(:company)
|
376
376
|
create(:group, company: new_company, id: 1000)
|
377
377
|
|
@@ -380,10 +380,10 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
380
380
|
expect(response.status).to eq 404
|
381
381
|
end
|
382
382
|
|
383
|
-
it
|
383
|
+
it 'returns 422 with incomplete request' do
|
384
384
|
put :put_update, params: {
|
385
385
|
id: 1,
|
386
|
-
members: []
|
386
|
+
members: [],
|
387
387
|
}, as: :json
|
388
388
|
|
389
389
|
expect(response.status).to eq 422
|
@@ -391,26 +391,105 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
391
391
|
end
|
392
392
|
end
|
393
393
|
|
394
|
-
describe
|
394
|
+
describe 'patch update' do
|
395
395
|
let(:company) { create(:company) }
|
396
396
|
|
397
|
-
context
|
398
|
-
|
397
|
+
context 'when authorized' do
|
398
|
+
let!(:group) { create(:group, id: 1, company: company) }
|
399
|
+
let(:user1) { create(:user, company: company, groups: [group]) }
|
400
|
+
let(:user2) { create(:user, company: company) }
|
401
|
+
|
402
|
+
before :each do
|
403
|
+
http_login(company)
|
404
|
+
end
|
405
|
+
|
406
|
+
it 'returns scim+json content type' do
|
407
|
+
patch :patch_update, params: patch_params, as: :json
|
408
|
+
|
409
|
+
expect(response.media_type).to eq 'application/scim+json'
|
410
|
+
end
|
411
|
+
|
412
|
+
it 'can change displayName of group' do
|
413
|
+
expect do
|
414
|
+
patch :patch_update, params: {
|
415
|
+
id: group.id,
|
416
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
|
417
|
+
Operations: [{
|
418
|
+
op: 'Replace',
|
419
|
+
path: 'displayName',
|
420
|
+
value: 'changed'
|
421
|
+
}]
|
422
|
+
}, as: :json
|
423
|
+
end.to change { group.reload.name }.to('changed')
|
424
|
+
|
425
|
+
expect(response.status).to eq 200
|
426
|
+
end
|
427
|
+
|
428
|
+
it 'can add Users from a Group' do
|
429
|
+
expect do
|
430
|
+
patch :patch_update, params: patch_params(user_id: user2.id), as: :json
|
431
|
+
end.to change { group.reload.users }.from([user1]).to([user1, user2])
|
432
|
+
|
433
|
+
expect(response.status).to eq 200
|
434
|
+
end
|
435
|
+
|
436
|
+
it 'can delete Users from a Group' do
|
437
|
+
user1 = create(:user, company: company, groups: [group])
|
438
|
+
user2 = create(:user, company: company, groups: [group])
|
439
|
+
|
440
|
+
expect do
|
441
|
+
put :patch_update, params: patch_params(user_id: user2.id, op: 'Remove'),
|
442
|
+
as: :json
|
443
|
+
end.to change { group.reload.users }.from([user1, user2]).to([user1])
|
444
|
+
|
445
|
+
expect(response.status).to eq 200
|
446
|
+
end
|
447
|
+
|
448
|
+
it 'returns :not_found for id that cannot be found' do
|
449
|
+
patch :patch_update, params: patch_params(user_id: 0), as: :json
|
450
|
+
|
451
|
+
expect(response.status).to eq 404
|
452
|
+
end
|
453
|
+
|
454
|
+
it 'rollback if even one cannot be saved' do
|
455
|
+
expect do
|
456
|
+
patch :patch_update, params: {
|
457
|
+
id: group.id,
|
458
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
|
459
|
+
Operations: [{
|
460
|
+
op: 'Add',
|
461
|
+
path: 'members',
|
462
|
+
value: [
|
463
|
+
{ value: user2.id },
|
464
|
+
{ value: 0 }
|
465
|
+
],
|
466
|
+
}],
|
467
|
+
}, as: :json
|
468
|
+
end.to_not change { group.reload.users.count }
|
469
|
+
end
|
470
|
+
end
|
471
|
+
end
|
472
|
+
|
473
|
+
describe 'destroy' do
|
474
|
+
let(:company) { create(:company) }
|
475
|
+
|
476
|
+
context 'when unauthorized' do
|
477
|
+
it 'returns scim+json content type' do
|
399
478
|
delete :destroy, params: { id: 1 }, as: :json
|
400
479
|
|
401
|
-
expect(response.media_type).to eq
|
480
|
+
expect(response.media_type).to eq 'application/scim+json'
|
402
481
|
end
|
403
482
|
|
404
|
-
it
|
483
|
+
it 'fails with no credentials' do
|
405
484
|
delete :destroy, params: { id: 1 }, as: :json
|
406
485
|
|
407
486
|
expect(response.status).to eq 401
|
408
487
|
end
|
409
488
|
|
410
|
-
it
|
411
|
-
request.env[
|
489
|
+
it 'fails with invalid credentials' do
|
490
|
+
request.env['HTTP_AUTHORIZATION'] =
|
412
491
|
ActionController::HttpAuthentication::Basic
|
413
|
-
.encode_credentials(
|
492
|
+
.encode_credentials('unauthorized', '123456')
|
414
493
|
|
415
494
|
delete :destroy, params: { id: 1 }, as: :json
|
416
495
|
|
@@ -418,39 +497,39 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
418
497
|
end
|
419
498
|
end
|
420
499
|
|
421
|
-
context
|
500
|
+
context 'when authorized' do
|
422
501
|
let!(:group) { create(:group, id: 1, company: company) }
|
423
502
|
|
424
503
|
before :each do
|
425
504
|
http_login(company)
|
426
505
|
end
|
427
506
|
|
428
|
-
context
|
507
|
+
context 'when Group destroy method is configured' do
|
429
508
|
before do
|
430
509
|
allow(ScimRails.config).to(
|
431
510
|
receive(:group_destroy_method).and_return(:destroy!)
|
432
511
|
)
|
433
512
|
end
|
434
513
|
|
435
|
-
it
|
514
|
+
it 'returns empty response' do
|
436
515
|
delete :destroy, params: { id: 1 }, as: :json
|
437
516
|
|
438
517
|
expect(response.body).to be_empty
|
439
518
|
end
|
440
519
|
|
441
|
-
it
|
520
|
+
it 'is successful with valid credentials' do
|
442
521
|
delete :destroy, params: { id: 1 }, as: :json
|
443
522
|
|
444
523
|
expect(response.status).to eq 204
|
445
524
|
end
|
446
525
|
|
447
|
-
it
|
448
|
-
delete :destroy, params: { id:
|
526
|
+
it 'returns :not_found for id that cannot be found' do
|
527
|
+
delete :destroy, params: { id: 'fake_id' }, as: :json
|
449
528
|
|
450
529
|
expect(response.status).to eq 404
|
451
530
|
end
|
452
531
|
|
453
|
-
it
|
532
|
+
it 'returns :not_found for a correct id but unauthorized company' do
|
454
533
|
new_company = create(:company)
|
455
534
|
create(:group, company: new_company, id: 1000)
|
456
535
|
|
@@ -459,7 +538,7 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
459
538
|
expect(response.status).to eq 404
|
460
539
|
end
|
461
540
|
|
462
|
-
it
|
541
|
+
it 'successfully deletes Group' do
|
463
542
|
expect do
|
464
543
|
delete :destroy, params: { id: 1 }, as: :json
|
465
544
|
end.to change { company.groups.reload.count }.from(1).to(0)
|
@@ -468,8 +547,8 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
468
547
|
end
|
469
548
|
end
|
470
549
|
|
471
|
-
context
|
472
|
-
it
|
550
|
+
context 'when Group destroy method is not configured' do
|
551
|
+
it 'does not delete Group' do
|
473
552
|
allow(ScimRails.config).to(
|
474
553
|
receive(:group_destroy_method).and_return(nil)
|
475
554
|
)
|
@@ -484,11 +563,27 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
484
563
|
end
|
485
564
|
end
|
486
565
|
|
487
|
-
def put_params(name:
|
566
|
+
def put_params(name: 'Test Group', users: [])
|
488
567
|
{
|
489
568
|
id: 1,
|
490
569
|
displayName: name,
|
491
|
-
members: users.map { |user| { value: user.id.to_s, display: user.email } }
|
570
|
+
members: users.map { |user| { value: user.id.to_s, display: user.email } },
|
571
|
+
}
|
572
|
+
end
|
573
|
+
|
574
|
+
# rubocop:disable Metrics/MethodLength
|
575
|
+
def patch_params(user_id: 1, op: 'Add')
|
576
|
+
{
|
577
|
+
id: 1,
|
578
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
|
579
|
+
Operations: [{
|
580
|
+
op: op,
|
581
|
+
path: 'members',
|
582
|
+
value: [{
|
583
|
+
value: user_id,
|
584
|
+
}],
|
585
|
+
}],
|
492
586
|
}
|
493
587
|
end
|
588
|
+
# rubocop:enable Metrics/MethodLength
|
494
589
|
end
|