scimaenaga 0.5.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/MIT-LICENSE +1 -0
- data/README.md +2 -14
- data/app/controllers/concerns/scim_rails/exception_handler.rb +43 -1
- data/app/controllers/scim_rails/scim_groups_controller.rb +64 -40
- data/app/controllers/scim_rails/scim_users_controller.rb +39 -65
- data/app/libraries/scim_patch.rb +15 -10
- data/app/libraries/scim_patch_operation.rb +127 -24
- data/app/models/scim_rails/scim_query_parser.rb +5 -3
- data/config/routes.rb +2 -0
- data/lib/generators/scim_rails/templates/initializer.rb +0 -6
- data/lib/scim_rails/config.rb +1 -2
- data/lib/scim_rails/version.rb +1 -1
- data/spec/controllers/scim_rails/scim_groups_controller_spec.rb +249 -136
- data/spec/controllers/scim_rails/scim_users_controller_spec.rb +413 -203
- data/spec/dummy/app/models/user.rb +21 -0
- data/spec/dummy/bin/setup +2 -0
- data/spec/dummy/config/initializers/scim_rails_config.rb +6 -4
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/migrate/20220117095407_add_country_to_users.rb +5 -0
- data/spec/dummy/db/migrate/20220131090107_add_deletable_to_users.rb +5 -0
- data/spec/dummy/db/schema.rb +7 -5
- data/spec/dummy/db/seeds.rb +15 -1
- data/spec/dummy/db/test.sqlite3 +0 -0
- data/spec/dummy/log/development.log +0 -0
- data/spec/dummy/log/test.log +5770 -0
- data/spec/dummy/put_group.http +5 -0
- data/spec/dummy/tmp/restart.txt +0 -0
- data/spec/factories/user.rb +2 -0
- data/spec/libraries/scim_patch_operation_spec.rb +61 -31
- data/spec/libraries/scim_patch_spec.rb +38 -29
- data/spec/models/scim_query_parser_spec.rb +30 -0
- metadata +83 -67
- data/spec/support/scim_rails_config.rb +0 -59
@@ -1,32 +1,32 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require
|
3
|
+
require 'spec_helper'
|
4
4
|
|
5
5
|
RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
6
6
|
include AuthHelper
|
7
7
|
|
8
8
|
routes { ScimRails::Engine.routes }
|
9
9
|
|
10
|
-
describe
|
10
|
+
describe 'index' do
|
11
11
|
let(:company) { create(:company) }
|
12
12
|
|
13
|
-
context
|
14
|
-
it
|
13
|
+
context 'when unauthorized' do
|
14
|
+
it 'returns scim+json content type' do
|
15
15
|
get :index, as: :json
|
16
16
|
|
17
|
-
expect(response.media_type).to eq
|
17
|
+
expect(response.media_type).to eq 'application/scim+json'
|
18
18
|
end
|
19
19
|
|
20
|
-
it
|
20
|
+
it 'fails with no credentials' do
|
21
21
|
get :index, as: :json
|
22
22
|
|
23
23
|
expect(response.status).to eq 401
|
24
24
|
end
|
25
25
|
|
26
|
-
it
|
27
|
-
request.env[
|
26
|
+
it 'fails with invalid credentials' do
|
27
|
+
request.env['HTTP_AUTHORIZATION'] =
|
28
28
|
ActionController::HttpAuthentication::Basic
|
29
|
-
.encode_credentials(
|
29
|
+
.encode_credentials('unauthorized', '123456')
|
30
30
|
|
31
31
|
get :index, as: :json
|
32
32
|
|
@@ -34,58 +34,58 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
37
|
-
context
|
37
|
+
context 'when authorized' do
|
38
38
|
before :each do
|
39
39
|
http_login(company)
|
40
40
|
end
|
41
41
|
|
42
|
-
it
|
42
|
+
it 'returns scim+json content type' do
|
43
43
|
get :index, as: :json
|
44
44
|
|
45
|
-
expect(response.media_type).to eq
|
45
|
+
expect(response.media_type).to eq 'application/scim+json'
|
46
46
|
end
|
47
47
|
|
48
|
-
it
|
48
|
+
it 'is successful with valid credentials' do
|
49
49
|
get :index, as: :json
|
50
50
|
|
51
51
|
expect(response.status).to eq 200
|
52
52
|
end
|
53
53
|
|
54
|
-
it
|
54
|
+
it 'returns all results' do
|
55
55
|
create_list(:group, 5, company: company)
|
56
56
|
|
57
57
|
get :index, as: :json
|
58
58
|
response_body = JSON.parse(response.body)
|
59
|
-
expect(response_body.dig(
|
60
|
-
eq
|
59
|
+
expect(response_body.dig('schemas', 0)).to(
|
60
|
+
eq 'urn:ietf:params:scim:api:messages:2.0:ListResponse'
|
61
61
|
)
|
62
|
-
expect(response_body[
|
62
|
+
expect(response_body['totalResults']).to eq 5
|
63
63
|
end
|
64
64
|
|
65
|
-
it
|
65
|
+
it 'defaults to 100 results' do
|
66
66
|
create_list(:group, 300, company: company)
|
67
67
|
|
68
68
|
get :index, as: :json
|
69
69
|
response_body = JSON.parse(response.body)
|
70
|
-
expect(response_body[
|
71
|
-
expect(response_body[
|
70
|
+
expect(response_body['totalResults']).to eq 300
|
71
|
+
expect(response_body['Resources'].count).to eq 100
|
72
72
|
end
|
73
73
|
|
74
|
-
it
|
74
|
+
it 'paginates results' do
|
75
75
|
create_list(:group, 400, company: company)
|
76
76
|
expect(company.groups.first.id).to eq 1
|
77
77
|
|
78
78
|
get :index, params: {
|
79
79
|
startIndex: 101,
|
80
|
-
count: 200
|
80
|
+
count: 200,
|
81
81
|
}, as: :json
|
82
82
|
response_body = JSON.parse(response.body)
|
83
|
-
expect(response_body[
|
84
|
-
expect(response_body[
|
85
|
-
expect(response_body.dig(
|
83
|
+
expect(response_body['totalResults']).to eq 400
|
84
|
+
expect(response_body['Resources'].count).to eq 200
|
85
|
+
expect(response_body.dig('Resources', 0, 'id')).to eq 101
|
86
86
|
end
|
87
87
|
|
88
|
-
it
|
88
|
+
it 'paginates results by configurable scim_groups_list_order' do
|
89
89
|
allow(ScimRails.config).to(
|
90
90
|
receive(:scim_groups_list_order).and_return(created_at: :desc)
|
91
91
|
)
|
@@ -95,69 +95,69 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
95
95
|
|
96
96
|
get :index, params: {
|
97
97
|
startIndex: 1,
|
98
|
-
count: 10
|
98
|
+
count: 10,
|
99
99
|
}, as: :json
|
100
100
|
response_body = JSON.parse(response.body)
|
101
|
-
expect(response_body[
|
102
|
-
expect(response_body[
|
103
|
-
expect(response_body.dig(
|
101
|
+
expect(response_body['totalResults']).to eq 400
|
102
|
+
expect(response_body['Resources'].count).to eq 10
|
103
|
+
expect(response_body.dig('Resources', 0, 'id')).to eq 400
|
104
104
|
end
|
105
105
|
|
106
|
-
it
|
107
|
-
create(:group, name:
|
108
|
-
create(:group, name:
|
106
|
+
it 'filters results by provided displayName filter' do
|
107
|
+
create(:group, name: 'Foo', company: company)
|
108
|
+
create(:group, name: 'Bar', company: company)
|
109
109
|
|
110
110
|
get :index, params: {
|
111
|
-
filter:
|
111
|
+
filter: 'displayName eq Bar',
|
112
112
|
}, as: :json
|
113
113
|
response_body = JSON.parse(response.body)
|
114
|
-
expect(response_body[
|
115
|
-
expect(response_body[
|
116
|
-
expect(response_body.dig(
|
114
|
+
expect(response_body['totalResults']).to eq 1
|
115
|
+
expect(response_body['Resources'].count).to eq 1
|
116
|
+
expect(response_body.dig('Resources', 0, 'displayName')).to eq 'Bar'
|
117
117
|
end
|
118
118
|
|
119
|
-
it
|
119
|
+
it 'returns no results for unfound filter parameters' do
|
120
120
|
get :index, params: {
|
121
|
-
filter:
|
121
|
+
filter: 'displayName eq fake_not_there',
|
122
122
|
}, as: :json
|
123
123
|
response_body = JSON.parse(response.body)
|
124
|
-
expect(response_body[
|
125
|
-
expect(response_body[
|
124
|
+
expect(response_body['totalResults']).to eq 0
|
125
|
+
expect(response_body['Resources'].count).to eq 0
|
126
126
|
end
|
127
127
|
|
128
|
-
it
|
128
|
+
it 'returns no results for undefined filter queries' do
|
129
129
|
get :index, params: {
|
130
|
-
filter:
|
130
|
+
filter: 'address eq 101 Nowhere USA',
|
131
131
|
}, as: :json
|
132
132
|
expect(response.status).to eq 400
|
133
133
|
response_body = JSON.parse(response.body)
|
134
|
-
expect(response_body.dig(
|
135
|
-
eq
|
134
|
+
expect(response_body.dig('schemas', 0)).to(
|
135
|
+
eq 'urn:ietf:params:scim:api:messages:2.0:Error'
|
136
136
|
)
|
137
137
|
end
|
138
138
|
end
|
139
139
|
end
|
140
140
|
|
141
|
-
describe
|
141
|
+
describe 'show' do
|
142
142
|
let(:company) { create(:company) }
|
143
143
|
|
144
|
-
context
|
145
|
-
it
|
144
|
+
context 'when unauthorized' do
|
145
|
+
it 'returns scim+json content type' do
|
146
146
|
get :show, params: { id: 1 }, as: :json
|
147
147
|
|
148
|
-
expect(response.media_type).to eq
|
148
|
+
expect(response.media_type).to eq 'application/scim+json'
|
149
149
|
end
|
150
150
|
|
151
|
-
it
|
151
|
+
it 'fails with no credentials' do
|
152
152
|
get :show, params: { id: 1 }, as: :json
|
153
153
|
|
154
154
|
expect(response.status).to eq 401
|
155
155
|
end
|
156
156
|
|
157
|
-
it
|
158
|
-
request.env[
|
157
|
+
it 'fails with invalid credentials' do
|
158
|
+
request.env['HTTP_AUTHORIZATION'] =
|
159
159
|
ActionController::HttpAuthentication::Basic
|
160
|
-
.encode_credentials(
|
160
|
+
.encode_credentials('unauthorized', '123456')
|
161
161
|
|
162
162
|
get :show, params: { id: 1 }, as: :json
|
163
163
|
|
@@ -165,31 +165,31 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
165
165
|
end
|
166
166
|
end
|
167
167
|
|
168
|
-
context
|
168
|
+
context 'when authorized' do
|
169
169
|
before :each do
|
170
170
|
http_login(company)
|
171
171
|
end
|
172
172
|
|
173
|
-
it
|
173
|
+
it 'returns scim+json content type' do
|
174
174
|
get :show, params: { id: 1 }, as: :json
|
175
175
|
|
176
|
-
expect(response.media_type).to eq
|
176
|
+
expect(response.media_type).to eq 'application/scim+json'
|
177
177
|
end
|
178
178
|
|
179
|
-
it
|
179
|
+
it 'is successful with valid credentials' do
|
180
180
|
create(:group, id: 1, company: company)
|
181
181
|
get :show, params: { id: 1 }, as: :json
|
182
182
|
|
183
183
|
expect(response.status).to eq 200
|
184
184
|
end
|
185
185
|
|
186
|
-
it
|
187
|
-
get :show, params: { id:
|
186
|
+
it 'returns :not_found for id that cannot be found' do
|
187
|
+
get :show, params: { id: 'fake_id' }, as: :json
|
188
188
|
|
189
189
|
expect(response.status).to eq 404
|
190
190
|
end
|
191
191
|
|
192
|
-
it
|
192
|
+
it 'returns :not_found for a correct id but unauthorized company' do
|
193
193
|
new_company = create(:company)
|
194
194
|
create(:group, company: new_company, id: 1)
|
195
195
|
|
@@ -200,26 +200,26 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
200
200
|
end
|
201
201
|
end
|
202
202
|
|
203
|
-
describe
|
203
|
+
describe 'create' do
|
204
204
|
let(:company) { create(:company) }
|
205
205
|
|
206
|
-
context
|
207
|
-
it
|
206
|
+
context 'when unauthorized' do
|
207
|
+
it 'returns scim+json content type' do
|
208
208
|
post :create, as: :json
|
209
209
|
|
210
|
-
expect(response.media_type).to eq
|
210
|
+
expect(response.media_type).to eq 'application/scim+json'
|
211
211
|
end
|
212
212
|
|
213
|
-
it
|
213
|
+
it 'fails with no credentials' do
|
214
214
|
post :create, as: :json
|
215
215
|
|
216
216
|
expect(response.status).to eq 401
|
217
217
|
end
|
218
218
|
|
219
|
-
it
|
220
|
-
request.env[
|
219
|
+
it 'fails with invalid credentials' do
|
220
|
+
request.env['HTTP_AUTHORIZATION'] =
|
221
221
|
ActionController::HttpAuthentication::Basic
|
222
|
-
.encode_credentials(
|
222
|
+
.encode_credentials('unauthorized', '123456')
|
223
223
|
|
224
224
|
post :create, as: :json
|
225
225
|
|
@@ -227,107 +227,107 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
227
227
|
end
|
228
228
|
end
|
229
229
|
|
230
|
-
context
|
230
|
+
context 'when authorized' do
|
231
231
|
before :each do
|
232
232
|
http_login(company)
|
233
233
|
end
|
234
234
|
|
235
|
-
it
|
235
|
+
it 'returns scim+json content type' do
|
236
236
|
post :create, params: {
|
237
|
-
displayName:
|
238
|
-
members: []
|
237
|
+
displayName: 'Test Group',
|
238
|
+
members: [],
|
239
239
|
}, as: :json
|
240
240
|
|
241
|
-
expect(response.media_type).to eq
|
241
|
+
expect(response.media_type).to eq 'application/scim+json'
|
242
242
|
end
|
243
243
|
|
244
|
-
it
|
244
|
+
it 'is successful with valid credentials' do
|
245
245
|
expect(company.groups.count).to eq 0
|
246
246
|
|
247
247
|
post :create, params: {
|
248
|
-
displayName:
|
249
|
-
members: []
|
248
|
+
displayName: 'Test Group',
|
249
|
+
members: [],
|
250
250
|
}, as: :json
|
251
251
|
|
252
252
|
expect(response.status).to eq 201
|
253
253
|
expect(company.groups.count).to eq 1
|
254
254
|
group = company.groups.first
|
255
255
|
expect(group.persisted?).to eq true
|
256
|
-
expect(group.name).to eq
|
256
|
+
expect(group.name).to eq 'Test Group'
|
257
257
|
expect(group.users).to eq []
|
258
258
|
end
|
259
259
|
|
260
|
-
it
|
260
|
+
it 'ignores unconfigured params' do
|
261
261
|
post :create, params: {
|
262
|
-
displayName:
|
263
|
-
department:
|
264
|
-
members: []
|
262
|
+
displayName: 'Test Group',
|
263
|
+
department: 'Best Department',
|
264
|
+
members: [],
|
265
265
|
}, as: :json
|
266
266
|
|
267
267
|
expect(response.status).to eq 201
|
268
268
|
expect(company.groups.count).to eq 1
|
269
269
|
end
|
270
270
|
|
271
|
-
it
|
271
|
+
it 'returns 422 if required params are missing' do
|
272
272
|
post :create, params: {
|
273
|
-
members: []
|
273
|
+
members: [],
|
274
274
|
}, as: :json
|
275
275
|
|
276
276
|
expect(response.status).to eq 422
|
277
277
|
expect(company.users.count).to eq 0
|
278
278
|
end
|
279
279
|
|
280
|
-
it
|
281
|
-
create(:group, name:
|
280
|
+
it 'returns 409 if group already exists' do
|
281
|
+
create(:group, name: 'Test Group', company: company)
|
282
282
|
|
283
283
|
post :create, params: {
|
284
|
-
displayName:
|
285
|
-
members: []
|
284
|
+
displayName: 'Test Group',
|
285
|
+
members: [],
|
286
286
|
}, as: :json
|
287
287
|
|
288
288
|
expect(response.status).to eq 409
|
289
289
|
expect(company.groups.count).to eq 1
|
290
290
|
end
|
291
291
|
|
292
|
-
it
|
292
|
+
it 'creates group' do
|
293
293
|
users = create_list(:user, 3, company: company)
|
294
294
|
|
295
295
|
post :create, params: {
|
296
|
-
displayName:
|
296
|
+
displayName: 'Test Group',
|
297
297
|
members: users.map do |user|
|
298
298
|
{ value: user.id.to_s, display: user.email }
|
299
|
-
end
|
299
|
+
end,
|
300
300
|
}, as: :json
|
301
301
|
|
302
302
|
expect(response.status).to eq 201
|
303
303
|
expect(company.groups.count).to eq 1
|
304
304
|
group = company.groups.first
|
305
|
-
expect(group.name).to eq
|
305
|
+
expect(group.name).to eq 'Test Group'
|
306
306
|
expect(group.users.count).to eq 3
|
307
307
|
end
|
308
308
|
end
|
309
309
|
end
|
310
310
|
|
311
|
-
describe
|
311
|
+
describe 'put update' do
|
312
312
|
let(:company) { create(:company) }
|
313
313
|
|
314
|
-
context
|
315
|
-
it
|
314
|
+
context 'when unauthorized' do
|
315
|
+
it 'returns scim+json content type' do
|
316
316
|
put :put_update, params: { id: 1 }, as: :json
|
317
317
|
|
318
|
-
expect(response.media_type).to eq
|
318
|
+
expect(response.media_type).to eq 'application/scim+json'
|
319
319
|
end
|
320
320
|
|
321
|
-
it
|
321
|
+
it 'fails with no credentials' do
|
322
322
|
put :put_update, params: { id: 1 }, as: :json
|
323
323
|
|
324
324
|
expect(response.status).to eq 401
|
325
325
|
end
|
326
326
|
|
327
|
-
it
|
328
|
-
request.env[
|
327
|
+
it 'fails with invalid credentials' do
|
328
|
+
request.env['HTTP_AUTHORIZATION'] =
|
329
329
|
ActionController::HttpAuthentication::Basic
|
330
|
-
.encode_credentials(
|
330
|
+
.encode_credentials('unauthorized', '123456')
|
331
331
|
|
332
332
|
put :put_update, params: { id: 1 }, as: :json
|
333
333
|
|
@@ -335,26 +335,26 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
335
335
|
end
|
336
336
|
end
|
337
337
|
|
338
|
-
context
|
338
|
+
context 'when authorized' do
|
339
339
|
let!(:group) { create(:group, id: 1, company: company) }
|
340
340
|
|
341
341
|
before :each do
|
342
342
|
http_login(company)
|
343
343
|
end
|
344
344
|
|
345
|
-
it
|
345
|
+
it 'returns scim+json content type' do
|
346
346
|
put :put_update, params: put_params, as: :json
|
347
347
|
|
348
|
-
expect(response.media_type).to eq
|
348
|
+
expect(response.media_type).to eq 'application/scim+json'
|
349
349
|
end
|
350
350
|
|
351
|
-
it
|
351
|
+
it 'is successful with with valid credentials' do
|
352
352
|
put :put_update, params: put_params, as: :json
|
353
353
|
|
354
354
|
expect(response.status).to eq 200
|
355
355
|
end
|
356
356
|
|
357
|
-
it
|
357
|
+
it 'can add and delete Users from a Group at once' do
|
358
358
|
user1 = create(:user, company: company, groups: [group])
|
359
359
|
user2 = create(:user, company: company)
|
360
360
|
|
@@ -365,13 +365,13 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
365
365
|
expect(response.status).to eq 200
|
366
366
|
end
|
367
367
|
|
368
|
-
it
|
369
|
-
put :put_update, params: { id:
|
368
|
+
it 'returns :not_found for id that cannot be found' do
|
369
|
+
put :put_update, params: { id: 'fake_id' }, as: :json
|
370
370
|
|
371
371
|
expect(response.status).to eq 404
|
372
372
|
end
|
373
373
|
|
374
|
-
it
|
374
|
+
it 'returns :not_found for a correct id but unauthorized company' do
|
375
375
|
new_company = create(:company)
|
376
376
|
create(:group, company: new_company, id: 1000)
|
377
377
|
|
@@ -380,10 +380,10 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
380
380
|
expect(response.status).to eq 404
|
381
381
|
end
|
382
382
|
|
383
|
-
it
|
383
|
+
it 'returns 422 with incomplete request' do
|
384
384
|
put :put_update, params: {
|
385
385
|
id: 1,
|
386
|
-
members: []
|
386
|
+
members: [],
|
387
387
|
}, as: :json
|
388
388
|
|
389
389
|
expect(response.status).to eq 422
|
@@ -391,26 +391,105 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
391
391
|
end
|
392
392
|
end
|
393
393
|
|
394
|
-
describe
|
394
|
+
describe 'patch update' do
|
395
395
|
let(:company) { create(:company) }
|
396
396
|
|
397
|
-
context
|
398
|
-
|
397
|
+
context 'when authorized' do
|
398
|
+
let!(:group) { create(:group, id: 1, company: company) }
|
399
|
+
let(:user1) { create(:user, company: company, groups: [group]) }
|
400
|
+
let(:user2) { create(:user, company: company) }
|
401
|
+
|
402
|
+
before :each do
|
403
|
+
http_login(company)
|
404
|
+
end
|
405
|
+
|
406
|
+
it 'returns scim+json content type' do
|
407
|
+
patch :patch_update, params: patch_params, as: :json
|
408
|
+
|
409
|
+
expect(response.media_type).to eq 'application/scim+json'
|
410
|
+
end
|
411
|
+
|
412
|
+
it 'can change displayName of group' do
|
413
|
+
expect do
|
414
|
+
patch :patch_update, params: {
|
415
|
+
id: group.id,
|
416
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
|
417
|
+
Operations: [{
|
418
|
+
op: 'Replace',
|
419
|
+
path: 'displayName',
|
420
|
+
value: 'changed'
|
421
|
+
}]
|
422
|
+
}, as: :json
|
423
|
+
end.to change { group.reload.name }.to('changed')
|
424
|
+
|
425
|
+
expect(response.status).to eq 200
|
426
|
+
end
|
427
|
+
|
428
|
+
it 'can add Users from a Group' do
|
429
|
+
expect do
|
430
|
+
patch :patch_update, params: patch_params(user_id: user2.id), as: :json
|
431
|
+
end.to change { group.reload.users }.from([user1]).to([user1, user2])
|
432
|
+
|
433
|
+
expect(response.status).to eq 200
|
434
|
+
end
|
435
|
+
|
436
|
+
it 'can delete Users from a Group' do
|
437
|
+
user1 = create(:user, company: company, groups: [group])
|
438
|
+
user2 = create(:user, company: company, groups: [group])
|
439
|
+
|
440
|
+
expect do
|
441
|
+
put :patch_update, params: patch_params(user_id: user2.id, op: 'Remove'),
|
442
|
+
as: :json
|
443
|
+
end.to change { group.reload.users }.from([user1, user2]).to([user1])
|
444
|
+
|
445
|
+
expect(response.status).to eq 200
|
446
|
+
end
|
447
|
+
|
448
|
+
it 'returns :not_found for id that cannot be found' do
|
449
|
+
patch :patch_update, params: patch_params(user_id: 0), as: :json
|
450
|
+
|
451
|
+
expect(response.status).to eq 404
|
452
|
+
end
|
453
|
+
|
454
|
+
it 'rollback if even one cannot be saved' do
|
455
|
+
expect do
|
456
|
+
patch :patch_update, params: {
|
457
|
+
id: group.id,
|
458
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
|
459
|
+
Operations: [{
|
460
|
+
op: 'Add',
|
461
|
+
path: 'members',
|
462
|
+
value: [
|
463
|
+
{ value: user2.id },
|
464
|
+
{ value: 0 }
|
465
|
+
],
|
466
|
+
}],
|
467
|
+
}, as: :json
|
468
|
+
end.to_not change { group.reload.users.count }
|
469
|
+
end
|
470
|
+
end
|
471
|
+
end
|
472
|
+
|
473
|
+
describe 'destroy' do
|
474
|
+
let(:company) { create(:company) }
|
475
|
+
|
476
|
+
context 'when unauthorized' do
|
477
|
+
it 'returns scim+json content type' do
|
399
478
|
delete :destroy, params: { id: 1 }, as: :json
|
400
479
|
|
401
|
-
expect(response.media_type).to eq
|
480
|
+
expect(response.media_type).to eq 'application/scim+json'
|
402
481
|
end
|
403
482
|
|
404
|
-
it
|
483
|
+
it 'fails with no credentials' do
|
405
484
|
delete :destroy, params: { id: 1 }, as: :json
|
406
485
|
|
407
486
|
expect(response.status).to eq 401
|
408
487
|
end
|
409
488
|
|
410
|
-
it
|
411
|
-
request.env[
|
489
|
+
it 'fails with invalid credentials' do
|
490
|
+
request.env['HTTP_AUTHORIZATION'] =
|
412
491
|
ActionController::HttpAuthentication::Basic
|
413
|
-
.encode_credentials(
|
492
|
+
.encode_credentials('unauthorized', '123456')
|
414
493
|
|
415
494
|
delete :destroy, params: { id: 1 }, as: :json
|
416
495
|
|
@@ -418,39 +497,33 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
418
497
|
end
|
419
498
|
end
|
420
499
|
|
421
|
-
context
|
500
|
+
context 'when authorized' do
|
422
501
|
let!(:group) { create(:group, id: 1, company: company) }
|
423
502
|
|
424
503
|
before :each do
|
425
504
|
http_login(company)
|
426
505
|
end
|
427
506
|
|
428
|
-
context
|
429
|
-
|
430
|
-
allow(ScimRails.config).to(
|
431
|
-
receive(:group_destroy_method).and_return(:destroy!)
|
432
|
-
)
|
433
|
-
end
|
434
|
-
|
435
|
-
it "returns empty response" do
|
507
|
+
context 'when Group destroy method is configured' do
|
508
|
+
it 'returns empty response' do
|
436
509
|
delete :destroy, params: { id: 1 }, as: :json
|
437
510
|
|
438
511
|
expect(response.body).to be_empty
|
439
512
|
end
|
440
513
|
|
441
|
-
it
|
514
|
+
it 'is successful with valid credentials' do
|
442
515
|
delete :destroy, params: { id: 1 }, as: :json
|
443
516
|
|
444
517
|
expect(response.status).to eq 204
|
445
518
|
end
|
446
519
|
|
447
|
-
it
|
448
|
-
delete :destroy, params: { id:
|
520
|
+
it 'returns :not_found for id that cannot be found' do
|
521
|
+
delete :destroy, params: { id: 'fake_id' }, as: :json
|
449
522
|
|
450
523
|
expect(response.status).to eq 404
|
451
524
|
end
|
452
525
|
|
453
|
-
it
|
526
|
+
it 'returns :not_found for a correct id but unauthorized company' do
|
454
527
|
new_company = create(:company)
|
455
528
|
create(:group, company: new_company, id: 1000)
|
456
529
|
|
@@ -459,7 +532,7 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
459
532
|
expect(response.status).to eq 404
|
460
533
|
end
|
461
534
|
|
462
|
-
it
|
535
|
+
it 'successfully deletes Group' do
|
463
536
|
expect do
|
464
537
|
delete :destroy, params: { id: 1 }, as: :json
|
465
538
|
end.to change { company.groups.reload.count }.from(1).to(0)
|
@@ -468,8 +541,8 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
468
541
|
end
|
469
542
|
end
|
470
543
|
|
471
|
-
context
|
472
|
-
it
|
544
|
+
context 'when Group destroy method is not configured' do
|
545
|
+
it 'does not delete Group' do
|
473
546
|
allow(ScimRails.config).to(
|
474
547
|
receive(:group_destroy_method).and_return(nil)
|
475
548
|
)
|
@@ -478,17 +551,57 @@ RSpec.describe ScimRails::ScimGroupsController, type: :controller do
|
|
478
551
|
delete :destroy, params: { id: 1 }, as: :json
|
479
552
|
end.not_to change { company.groups.reload.count }.from(1)
|
480
553
|
|
481
|
-
expect(response.status).to eq
|
554
|
+
expect(response.status).to eq 500
|
555
|
+
end
|
556
|
+
end
|
557
|
+
|
558
|
+
context 'when Group destroy method is invalid' do
|
559
|
+
it 'does not delete Group' do
|
560
|
+
allow(ScimRails.config).to(
|
561
|
+
receive(:group_destroy_method).and_return('destory!')
|
562
|
+
)
|
563
|
+
|
564
|
+
expect do
|
565
|
+
delete :destroy, params: { id: 1 }, as: :json
|
566
|
+
end.not_to change { company.groups.reload.count }.from(1)
|
567
|
+
|
568
|
+
expect(response.status).to eq 500
|
569
|
+
end
|
570
|
+
end
|
571
|
+
|
572
|
+
context 'whenr target Group is not found' do
|
573
|
+
it 'return 404 not found' do
|
574
|
+
expect do
|
575
|
+
delete :destroy, params: { id: 999999 }, as: :json
|
576
|
+
end.not_to change { company.groups.reload.count }.from(1)
|
577
|
+
|
578
|
+
expect(response.status).to eq 404
|
482
579
|
end
|
483
580
|
end
|
484
581
|
end
|
485
582
|
end
|
486
583
|
|
487
|
-
def put_params(name:
|
584
|
+
def put_params(name: 'Test Group', users: [])
|
488
585
|
{
|
489
586
|
id: 1,
|
490
587
|
displayName: name,
|
491
|
-
members: users.map { |user| { value: user.id.to_s, display: user.email } }
|
588
|
+
members: users.map { |user| { value: user.id.to_s, display: user.email } },
|
589
|
+
}
|
590
|
+
end
|
591
|
+
|
592
|
+
# rubocop:disable Metrics/MethodLength
|
593
|
+
def patch_params(user_id: 1, op: 'Add')
|
594
|
+
{
|
595
|
+
id: 1,
|
596
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'],
|
597
|
+
Operations: [{
|
598
|
+
op: op,
|
599
|
+
path: 'members',
|
600
|
+
value: [{
|
601
|
+
value: user_id,
|
602
|
+
}],
|
603
|
+
}],
|
492
604
|
}
|
493
605
|
end
|
606
|
+
# rubocop:enable Metrics/MethodLength
|
494
607
|
end
|