scimaenaga 0.9.0 → 0.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 58fc798213cd88360e3f55430717995ad195c6bac873128907233e82261fa4b1
-  data.tar.gz: 5e0e88484123fb42ffd42e1174439c88773615b4be4b1c8aa2e3f7eb38f7b8c3
+  metadata.gz: 41335471b09b4e09028210f9c05586a1f171cf2e6cf3d12d03b07bddd0022dc3
+  data.tar.gz: 12c2072c1bc4a57274cb427a4507ed2b4a13a038b9e311bfdb7e29fabc94e524
 SHA512:
-  metadata.gz: 66e68eba027f29f0f87bb94c339356c9b6bb5dce37561f1a9f35a96fd8d34d8fc2f7fbb7d0901106b2cf66fdc7fef18cf3861c593c6795c68834e8d67793ba32
-  data.tar.gz: 6809bbeab71b8cb0bf645ecdca6819c43e2bbfa5bf26936b8772a28fdace71b47c63b1211c5454033168b8812b4ba249c7ae0423c6a1b047faafb16b6caf69ee
+  metadata.gz: fc91680912294a747970e1ede984f5bbe4ad555bfacace02cc844abd6d13b124cb07f62481a6e7a7aaf1258253ca5e3d9fc83d4606cebfc44e50041dbd0e881f
+  data.tar.gz: 87da8ec3d1a3295d1766f13dc8474e525dc0a0c96fc4a458e79279ff48b05d7e8d628311880b10aa15925f149a59a4f54991154eeea605304df4338779dc03d3

data/README.md

@@ -17,7 +17,7 @@ The goal of the Gem is to offer a relatively painless way of adding SCIM 2.0 to
 Add this line to your application's Gemfile:
 
 ```ruby
-gem 'scimaenaga', require: 'scim_rails'
+gem 'scimaenaga'
 ```
 
 And then execute:
@@ -35,13 +35,13 @@ $ gem install scimaenaga
 Generate the config file with:
 
 ```bash
-$ rails generate scim_rails config
+$ rails generate scimaenaga config
 ```
 
 The config file will be located at:
 
 ```
-config/initializers/scim_rails_config.rb
+config/initializers/scimaenaga_config.rb
 ```
 
 Please update the config file with the models and attributes of your app.
@@ -50,7 +50,7 @@ Mount the gem in your routes file:
 
 ```ruby
 Application.routes.draw do
-  mount ScimRails::Engine => "/"
+  mount Scimaenaga::Engine => "/"
 end
 ```
 
@@ -95,7 +95,7 @@ The config setting `basic_auth_model_authenticatable_attribute` is the model att
 
 Assuming the attribute is `:api_token`, generate the password using:
 ```ruby
-token = ScimRails::Encoder.encode(company)
+token = Scimaenaga::Encoder.encode(company)
 # use the token as password for requests
 company.api_token = token # required
 company.save! # don't forget to persist the company record
@@ -119,7 +119,7 @@ In the config settings, ensure you set `signing_secret` to a secret key that wil
 
 If you have already generated the `api_token` in the "Basic Auth" section, then use that as your bearer token and ignore the steps below:
 ```ruby
-token = ScimRails::Encoder.encode(company)
+token = Scimaenaga::Encoder.encode(company)
 # use the token as bearer token for requests
 company.api_token = token #required
 company.save! # don't forget to persist the company record
@@ -245,7 +245,7 @@ If you would like, you can supply a custom handler for exceptions in the initial
 For example, you might want to notify Honeybadger:
 
 ```ruby
-ScimRails.configure do |config|
+Scimaenaga.configure do |config|
   config.on_error = ->(e) { Honeybadger.notify(e) }
 end
 ```
@@ -262,7 +262,7 @@ e.g.) When `userName` is defined in `mutable_user_attributes`, configure `userNa
 - corresponding with your model.
 e.g.) When `userName` must be specified configure `userName` as `required: true`
 
-Sample config (with comment) is written in lib/generators/scim_rails/templates/initializer.rb.
+Sample config (with comment) is written in lib/generators/scimaenaga/templates/initializer.rb.
 For more details, read [Schema Definition](https://datatracker.ietf.org/doc/html/rfc7643#section-7), and [Schema Representation](https://datatracker.ietf.org/doc/html/rfc7643#section-8.7)
 
 ## Contributing

data/Rakefile

@@ -8,27 +8,25 @@ require 'rdoc/task'
 
 RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'ScimRails'
+  rdoc.title    = 'Scimaenaga'
   rdoc.options << '--line-numbers'
   rdoc.rdoc_files.include('README.md')
   rdoc.rdoc_files.include('lib/**/*.rb')
 end
 
-APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+APP_RAKEFILE = File.expand_path('spec/dummy/Rakefile', __dir__)
 load 'rails/tasks/engine.rake'
 
-
 load 'rails/tasks/statistics.rake'
 
-
 Bundler::GemHelper.install_tasks
 
-Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
+Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each { |f| load f }
 
 require 'rspec/core'
 require 'rspec/core/rake_task'
 
-desc "Run all specs in spec directory (excluding plugin specs)"
-RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
+desc 'Run all specs in spec directory (excluding plugin specs)'
+RSpec::Core::RakeTask.new(spec: 'app:db:test:prepare')
 
-task :default => :spec
+task default: :spec

data/app/controllers/concerns/{scim_rails → scimaenaga}/exception_handler.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-module ScimRails
+module Scimaenaga
   module ExceptionHandler
     extend ActiveSupport::Concern
 
@@ -37,7 +37,7 @@ module ScimRails
     included do
       if Rails.env.production?
         rescue_from StandardError do |exception|
-          on_error = ScimRails.config.on_error
+          on_error = Scimaenaga.config.on_error
           if on_error.respond_to?(:call)
             on_error.call(exception)
           else
@@ -54,7 +54,7 @@ module ScimRails
         end
       end
 
-      rescue_from ScimRails::ExceptionHandler::InvalidCredentials do
+      rescue_from Scimaenaga::ExceptionHandler::InvalidCredentials do
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -65,7 +65,7 @@ module ScimRails
         )
       end
 
-      rescue_from ScimRails::ExceptionHandler::InvalidRequest do |e|
+      rescue_from Scimaenaga::ExceptionHandler::InvalidRequest do |e|
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -76,7 +76,7 @@ module ScimRails
         )
       end
 
-      rescue_from ScimRails::ExceptionHandler::InvalidQuery do
+      rescue_from Scimaenaga::ExceptionHandler::InvalidQuery do
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -88,7 +88,7 @@ module ScimRails
         )
       end
 
-      rescue_from ScimRails::ExceptionHandler::UnsupportedPatchRequest do
+      rescue_from Scimaenaga::ExceptionHandler::UnsupportedPatchRequest do
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -99,7 +99,7 @@ module ScimRails
         )
       end
 
-      rescue_from ScimRails::ExceptionHandler::UnsupportedDeleteRequest do
+      rescue_from Scimaenaga::ExceptionHandler::UnsupportedDeleteRequest do
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -110,7 +110,7 @@ module ScimRails
         )
       end
 
-      rescue_from ScimRails::ExceptionHandler::InvalidConfiguration do |e|
+      rescue_from Scimaenaga::ExceptionHandler::InvalidConfiguration do |e|
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -121,7 +121,7 @@ module ScimRails
         )
       end
 
-      rescue_from ScimRails::ExceptionHandler::UnexpectedError do |e|
+      rescue_from Scimaenaga::ExceptionHandler::UnexpectedError do |e|
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],
@@ -133,7 +133,7 @@ module ScimRails
       end
 
       rescue_from ActiveRecord::RecordNotFound,
-                  ScimRails::ExceptionHandler::ResourceNotFound do |e|
+                  Scimaenaga::ExceptionHandler::ResourceNotFound do |e|
         json_response(
           {
             schemas: ['urn:ietf:params:scim:api:messages:2.0:Error'],

data/app/controllers/concerns/scimaenaga/response.rb

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+
+module Scimaenaga
+  module Response
+    CONTENT_TYPE = 'application/scim+json'
+
+    def json_response(object, status = :ok)
+      render \
+        json: object,
+        status: status,
+        content_type: CONTENT_TYPE
+    end
+
+    def json_scim_response(object:, status: :ok, counts: nil)
+      case params[:action]
+      when 'index'
+        render \
+          json: list_response(object, counts),
+          status: status,
+          content_type: CONTENT_TYPE
+      when 'show', 'create', 'put_update', 'patch_update'
+        render \
+          json: object_response(object),
+          status: status,
+          content_type: CONTENT_TYPE
+      end
+    end
+
+    private
+
+      def list_response(object, counts)
+        object = object
+                 .order(:id)
+                 .offset(counts.offset)
+                 .limit(counts.limit)
+        {
+          schemas: [
+            'urn:ietf:params:scim:api:messages:2.0:ListResponse'
+          ],
+          totalResults: counts.total,
+          startIndex: counts.start_index,
+          itemsPerPage: counts.limit,
+          Resources: list_objects(object),
+        }
+      end
+
+      def list_objects(objects)
+        objects.map do |object|
+          object_response(object)
+        end
+      end
+
+      def object_response(object)
+        schema = case object
+                 when Scimaenaga.config.scim_users_model
+                   Scimaenaga.config.user_schema
+                 when Scimaenaga.config.scim_groups_model
+                   Scimaenaga.config.group_schema
+                 else
+                   raise Scimaenaga::ExceptionHandler::InvalidQuery,
+                         "Unknown model: #{object}"
+                 end
+        find_value(object, schema)
+      end
+
+      # `find_value` is a recursive method that takes a "user" and a
+      # "user schema" and replaces any symbols in the schema with the
+      # corresponding value from the user. Given a schema with symbols,
+      # `find_value` will search through the object for the symbols,
+      # send those symbols to the model, and replace the symbol with
+      # the return value.
+
+      def find_value(object, schema)
+        case schema
+        when Hash
+          schema.each.with_object({}) do |(key, value), hash|
+            hash[key] = find_value(object, value)
+          end
+        when Array, ActiveRecord::Associations::CollectionProxy
+          schema.map do |value|
+            find_value(object, value)
+          end
+        when Scimaenaga.config.scim_users_model
+          find_value(schema, Scimaenaga.config.user_abbreviated_schema)
+        when Scimaenaga.config.scim_groups_model
+          find_value(schema, Scimaenaga.config.group_abbreviated_schema)
+        when Symbol
+          find_value(object, object.public_send(schema))
+        else
+          schema
+        end
+      end
+  end
+end

data/app/controllers/scimaenaga/application_controller.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Scimaenaga
+  class ApplicationController < ActionController::API
+    include ActionController::HttpAuthentication::Basic::ControllerMethods
+    include ExceptionHandler
+    include Response
+
+    before_action :authorize_request
+
+    private
+
+      def authorize_request
+        send(authentication_strategy) do |searchable_attribute, authentication_attribute|
+          authorization = AuthorizeApiRequest.new(
+            searchable_attribute: searchable_attribute,
+            authentication_attribute: authentication_attribute
+          )
+          @company = authorization.company
+        end
+        raise Scimaenaga::ExceptionHandler::InvalidCredentials if @company.blank?
+      end
+
+      def authentication_strategy
+        if request.headers['Authorization']&.include?('Bearer')
+          :authenticate_with_oauth_bearer
+        else
+          :authenticate_with_http_basic
+        end
+      end
+
+      def authenticate_with_oauth_bearer
+        authentication_attribute = request.headers['Authorization'].split.last
+        payload = Scimaenaga::Encoder.decode(authentication_attribute).with_indifferent_access
+        searchable_attribute = payload[Scimaenaga.config.basic_auth_model_searchable_attribute]
+
+        yield searchable_attribute, authentication_attribute
+      end
+
+      def find_value_for(attribute)
+        params.dig(*path_for(attribute))
+      end
+
+      # `path_for` is a recursive method used to find the "path" for
+      # `.dig` to take when looking for a given attribute in the
+      # params.
+      #
+      # Example: `path_for(:name)` should return an array that looks
+      # like [:names, 0, :givenName]. `.dig` can then use that path
+      # against the params to translate the :name attribute to "John".
+
+      def path_for(attribute, object = controller_schema, path = [])
+        at_path = path.empty? ? object : object.dig(*path)
+        return path if at_path == attribute
+
+        case at_path
+        when Hash
+          at_path.each do |key, _value|
+            found_path = path_for(attribute, object, [*path, key])
+            return found_path if found_path
+          end
+          nil
+        when Array
+          at_path.each_with_index do |_value, index|
+            found_path = path_for(attribute, object, [*path, index])
+            return found_path if found_path
+          end
+          nil
+        end
+      end
+  end
+end

data/app/controllers/{scim_rails → scimaenaga}/scim_groups_controller.rb

@@ -1,27 +1,27 @@
 # frozen_string_literal: true
 
-module ScimRails
-  class ScimGroupsController < ScimRails::ApplicationController
+module Scimaenaga
+  class ScimGroupsController < Scimaenaga::ApplicationController
     def index
       if params[:filter].present?
-        query = ScimRails::ScimQueryParser.new(
-          params[:filter], ScimRails.config.queryable_group_attributes
+        query = Scimaenaga::ScimQueryParser.new(
+          params[:filter], Scimaenaga.config.queryable_group_attributes
         )
 
         groups = @company
-                 .public_send(ScimRails.config.scim_groups_scope)
+                 .public_send(Scimaenaga.config.scim_groups_scope)
                  .where(
-                   "#{ScimRails.config.scim_groups_model
+                   "#{Scimaenaga.config.scim_groups_model
                                .connection.quote_column_name(query.attribute)}
                                #{query.operator} ?",
                    query.parameter
                  )
-                 .order(ScimRails.config.scim_groups_list_order)
+                 .order(Scimaenaga.config.scim_groups_list_order)
       else
         groups = @company
-                 .public_send(ScimRails.config.scim_groups_scope)
+                 .public_send(Scimaenaga.config.scim_groups_scope)
                  .preload(:users)
-                 .order(ScimRails.config.scim_groups_list_order)
+                 .order(Scimaenaga.config.scim_groups_list_order)
       end
 
       counts = ScimCount.new(
@@ -35,14 +35,14 @@ module ScimRails
 
     def show
       group = @company
-              .public_send(ScimRails.config.scim_groups_scope)
+              .public_send(Scimaenaga.config.scim_groups_scope)
               .find(params[:id])
       json_scim_response(object: group)
     end
 
     def create
       group = @company
-              .public_send(ScimRails.config.scim_groups_scope)
+              .public_send(Scimaenaga.config.scim_groups_scope)
               .create!(permitted_group_params)
 
       json_scim_response(object: group, status: :created)
@@ -50,7 +50,7 @@ module ScimRails
 
     def put_update
       group = @company
-              .public_send(ScimRails.config.scim_groups_scope)
+              .public_send(Scimaenaga.config.scim_groups_scope)
               .find(params[:id])
       group.update!(permitted_group_params)
       json_scim_response(object: group)
@@ -58,7 +58,7 @@ module ScimRails
 
     def patch_update
       group = @company
-              .public_send(ScimRails.config.scim_groups_scope)
+              .public_send(Scimaenaga.config.scim_groups_scope)
               .find(params[:id])
       patch = ScimPatch.new(params, :group)
       patch.save(group)
@@ -67,23 +67,23 @@ module ScimRails
     end
 
     def destroy
-      unless ScimRails.config.group_destroy_method
-        raise ScimRails::ExceptionHandler::InvalidConfiguration
+      unless Scimaenaga.config.group_destroy_method
+        raise Scimaenaga::ExceptionHandler::InvalidConfiguration
       end
 
       group = @company
-              .public_send(ScimRails.config.scim_groups_scope)
+              .public_send(Scimaenaga.config.scim_groups_scope)
               .find(params[:id])
       raise ActiveRecord::RecordNotFound unless group
 
       begin
-        group.public_send(ScimRails.config.group_destroy_method)
+        group.public_send(Scimaenaga.config.group_destroy_method)
       rescue NoMethodError => e
-        raise ScimRails::ExceptionHandler::InvalidConfiguration, e.message
+        raise Scimaenaga::ExceptionHandler::InvalidConfiguration, e.message
       rescue ActiveRecord::RecordNotDestroyed => e
-        raise ScimRails::ExceptionHandler::InvalidRequest, e.message
-      rescue => e
-        raise ScimRails::ExceptionHandler::UnexpectedError, e.message
+        raise Scimaenaga::ExceptionHandler::InvalidRequest, e.message
+      rescue StandardError => e
+        raise Scimaenaga::ExceptionHandler::UnexpectedError, e.message
       end
 
       head :no_content
@@ -102,19 +102,19 @@ module ScimRails
 
       def member_params
         {
-          ScimRails.config.group_member_relation_attribute =>
+          Scimaenaga.config.group_member_relation_attribute =>
             params[:members].map do |member|
-              member[ScimRails.config.group_member_relation_schema.keys.first]
+              member[Scimaenaga.config.group_member_relation_schema.keys.first]
             end,
         }
       end
 
       def mutable_attributes
-        ScimRails.config.mutable_group_attributes
+        Scimaenaga.config.mutable_group_attributes
       end
 
       def controller_schema
-        ScimRails.config.mutable_group_attributes_schema
+        Scimaenaga.config.mutable_group_attributes_schema
       end
   end
 end

data/app/controllers/{scim_rails → scimaenaga}/scim_schemas_controller.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
-module ScimRails
-  class ScimSchemasController < ScimRails::ApplicationController
+module Scimaenaga
+  class ScimSchemasController < Scimaenaga::ApplicationController
     def index
-      schemas = ScimRails.config.schemas
+      schemas = Scimaenaga.config.schemas
 
       counts = ScimCount.new(
         start_index: params[:startIndex],
@@ -15,11 +15,11 @@ module ScimRails
     end
 
     def show
-      schema = ScimRails.config.schemas.find do |s|
+      schema = Scimaenaga.config.schemas.find do |s|
         s[:id] == params[:id]
       end
 
-      raise ScimRails::ExceptionHandler::ResourceNotFound, params[:id] if schema.nil?
+      raise Scimaenaga::ExceptionHandler::ResourceNotFound, params[:id] if schema.nil?
 
       json_response(schema)
     end

data/app/controllers/scimaenaga/scim_users_controller.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+module Scimaenaga
+  class ScimUsersController < Scimaenaga::ApplicationController
+
+    def index
+      if params[:filter].present?
+        query = Scimaenaga::ScimQueryParser.new(
+          params[:filter], Scimaenaga.config.queryable_user_attributes
+        )
+
+        users = @company
+                .public_send(Scimaenaga.config.scim_users_scope)
+                .where(
+                  "#{Scimaenaga.config.scim_users_model
+              .connection.quote_column_name(query.attribute)} #{query.operator} ?",
+                  query.parameter
+                )
+                .order(Scimaenaga.config.scim_users_list_order)
+      else
+        users = @company
+                .public_send(Scimaenaga.config.scim_users_scope)
+                .order(Scimaenaga.config.scim_users_list_order)
+      end
+
+      counts = ScimCount.new(
+        start_index: params[:startIndex],
+        limit: params[:count],
+        total: users.count
+      )
+
+      json_scim_response(object: users, counts: counts)
+    end
+
+    def create
+      if Scimaenaga.config.scim_user_prevent_update_on_create
+        user = @company
+               .public_send(Scimaenaga.config.scim_users_scope)
+               .create!(permitted_user_params)
+      else
+        username_key = Scimaenaga.config.queryable_user_attributes[:userName]
+        find_by_username = {}
+        find_by_username[username_key] = permitted_user_params[username_key]
+        user = @company
+               .public_send(Scimaenaga.config.scim_users_scope)
+               .find_or_create_by(find_by_username)
+        user.update!(permitted_user_params)
+      end
+      json_scim_response(object: user, status: :created)
+    end
+
+    def show
+      user = @company.public_send(Scimaenaga.config.scim_users_scope).find(params[:id])
+      json_scim_response(object: user)
+    end
+
+    def put_update
+      user = @company.public_send(Scimaenaga.config.scim_users_scope).find(params[:id])
+      user.update!(permitted_user_params)
+      json_scim_response(object: user)
+    end
+
+    def patch_update
+      user = @company.public_send(Scimaenaga.config.scim_users_scope).find(params[:id])
+      patch = ScimPatch.new(params, :user)
+      patch.save(user)
+
+      json_scim_response(object: user)
+    end
+
+    def destroy
+      unless Scimaenaga.config.user_destroy_method
+        raise Scimaenaga::ExceptionHandler::InvalidConfiguration
+      end
+
+      user = @company.public_send(Scimaenaga.config.scim_users_scope).find(params[:id])
+      raise ActiveRecord::RecordNotFound unless user
+
+      begin
+        user.public_send(Scimaenaga.config.user_destroy_method)
+      rescue NoMethodError => e
+        raise Scimaenaga::ExceptionHandler::InvalidConfiguration, e.message
+      rescue ActiveRecord::RecordNotDestroyed => e
+        raise Scimaenaga::ExceptionHandler::InvalidRequest, e.message
+      rescue StandardError => e
+        raise Scimaenaga::ExceptionHandler::UnexpectedError, e.message
+      end
+
+      head :no_content
+    end
+
+    private
+
+      def permitted_user_params
+        Scimaenaga.config.mutable_user_attributes.each.with_object({}) do |attribute, hash|
+          hash[attribute] = find_value_for(attribute)
+        end
+      end
+
+      def controller_schema
+        Scimaenaga.config.mutable_user_attributes_schema
+      end
+  end
+end

data/app/helpers/{scim_rails → scimaenaga}/application_helper.rb

@@ -1,4 +1,4 @@
-module ScimRails
+module Scimaenaga
   module ApplicationHelper
   end
 end

data/app/libraries/scim_patch.rb

@@ -7,7 +7,7 @@ class ScimPatch
   def initialize(params, resource_type)
     if params['schemas'] != ['urn:ietf:params:scim:api:messages:2.0:PatchOp'] ||
        params['Operations'].nil?
-      raise ScimRails::ExceptionHandler::UnsupportedPatchRequest
+      raise Scimaenaga::ExceptionHandler::UnsupportedPatchRequest
     end
 
     # complex-value(Hash) operation is converted to multiple single-value operations
@@ -35,6 +35,6 @@ class ScimPatch
   rescue ActiveRecord::RecordNotFound
     raise
   rescue StandardError
-    raise ScimRails::ExceptionHandler::UnsupportedPatchRequest
+    raise Scimaenaga::ExceptionHandler::UnsupportedPatchRequest
   end
 end

data/app/libraries/scim_patch_operation.rb

@@ -10,7 +10,7 @@ class ScimPatchOperation
   # complex-value(Hash) is converted to multiple single-value operations by ScimPatchOperationConverter
   def initialize(op, path, value)
     if !op.in?(%w[add replace remove]) || path.nil?
-      raise ScimRails::ExceptionHandler::UnsupportedPatchRequest
+      raise Scimaenaga::ExceptionHandler::UnsupportedPatchRequest
     end
 
     # define validate method in the inherited class