RubyGems - scimitar - Versions diffs - 1.0.0 - Mend

scimitar 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (106) hide show

checksums.yaml +7 -0
data/Rakefile +16 -0
data/app/controllers/scimitar/active_record_backed_resources_controller.rb +180 -0
data/app/controllers/scimitar/application_controller.rb +129 -0
data/app/controllers/scimitar/resource_types_controller.rb +28 -0
data/app/controllers/scimitar/resources_controller.rb +203 -0
data/app/controllers/scimitar/schemas_controller.rb +16 -0
data/app/controllers/scimitar/service_provider_configurations_controller.rb +8 -0
data/app/models/scimitar/authentication_error.rb +9 -0
data/app/models/scimitar/authentication_scheme.rb +18 -0
data/app/models/scimitar/bulk.rb +8 -0
data/app/models/scimitar/complex_types/address.rb +18 -0
data/app/models/scimitar/complex_types/base.rb +41 -0
data/app/models/scimitar/complex_types/email.rb +12 -0
data/app/models/scimitar/complex_types/entitlement.rb +12 -0
data/app/models/scimitar/complex_types/ims.rb +12 -0
data/app/models/scimitar/complex_types/name.rb +12 -0
data/app/models/scimitar/complex_types/phone_number.rb +12 -0
data/app/models/scimitar/complex_types/photo.rb +12 -0
data/app/models/scimitar/complex_types/reference_group.rb +12 -0
data/app/models/scimitar/complex_types/reference_member.rb +12 -0
data/app/models/scimitar/complex_types/role.rb +12 -0
data/app/models/scimitar/complex_types/x509_certificate.rb +12 -0
data/app/models/scimitar/engine_configuration.rb +24 -0
data/app/models/scimitar/error_response.rb +20 -0
data/app/models/scimitar/errors.rb +14 -0
data/app/models/scimitar/filter.rb +11 -0
data/app/models/scimitar/filter_error.rb +22 -0
data/app/models/scimitar/invalid_syntax_error.rb +9 -0
data/app/models/scimitar/lists/count.rb +64 -0
data/app/models/scimitar/lists/query_parser.rb +730 -0
data/app/models/scimitar/meta.rb +7 -0
data/app/models/scimitar/not_found_error.rb +10 -0
data/app/models/scimitar/resource_invalid_error.rb +9 -0
data/app/models/scimitar/resource_type.rb +29 -0
data/app/models/scimitar/resources/base.rb +159 -0
data/app/models/scimitar/resources/group.rb +13 -0
data/app/models/scimitar/resources/mixin.rb +964 -0
data/app/models/scimitar/resources/user.rb +13 -0
data/app/models/scimitar/schema/address.rb +24 -0
data/app/models/scimitar/schema/attribute.rb +123 -0
data/app/models/scimitar/schema/base.rb +86 -0
data/app/models/scimitar/schema/derived_attributes.rb +24 -0
data/app/models/scimitar/schema/email.rb +10 -0
data/app/models/scimitar/schema/entitlement.rb +10 -0
data/app/models/scimitar/schema/group.rb +27 -0
data/app/models/scimitar/schema/ims.rb +10 -0
data/app/models/scimitar/schema/name.rb +20 -0
data/app/models/scimitar/schema/phone_number.rb +10 -0
data/app/models/scimitar/schema/photo.rb +10 -0
data/app/models/scimitar/schema/reference_group.rb +23 -0
data/app/models/scimitar/schema/reference_member.rb +21 -0
data/app/models/scimitar/schema/role.rb +10 -0
data/app/models/scimitar/schema/user.rb +52 -0
data/app/models/scimitar/schema/vdtp.rb +18 -0
data/app/models/scimitar/schema/x509_certificate.rb +22 -0
data/app/models/scimitar/service_provider_configuration.rb +49 -0
data/app/models/scimitar/supportable.rb +14 -0
data/app/views/layouts/scimitar/application.html.erb +14 -0
data/config/initializers/scimitar.rb +82 -0
data/config/routes.rb +6 -0
data/lib/scimitar.rb +23 -0
data/lib/scimitar/engine.rb +63 -0
data/lib/scimitar/version.rb +13 -0
data/spec/apps/dummy/app/controllers/custom_destroy_mock_users_controller.rb +24 -0
data/spec/apps/dummy/app/controllers/custom_request_verifiers_controller.rb +30 -0
data/spec/apps/dummy/app/controllers/mock_groups_controller.rb +13 -0
data/spec/apps/dummy/app/controllers/mock_users_controller.rb +13 -0
data/spec/apps/dummy/app/models/mock_group.rb +83 -0
data/spec/apps/dummy/app/models/mock_user.rb +104 -0
data/spec/apps/dummy/config/application.rb +17 -0
data/spec/apps/dummy/config/boot.rb +2 -0
data/spec/apps/dummy/config/environment.rb +2 -0
data/spec/apps/dummy/config/environments/test.rb +15 -0
data/spec/apps/dummy/config/initializers/cookies_serializer.rb +3 -0
data/spec/apps/dummy/config/initializers/scimitar.rb +14 -0
data/spec/apps/dummy/config/initializers/session_store.rb +3 -0
data/spec/apps/dummy/config/routes.rb +24 -0
data/spec/apps/dummy/db/migrate/20210304014602_create_mock_users.rb +15 -0
data/spec/apps/dummy/db/migrate/20210308020313_create_mock_groups.rb +10 -0
data/spec/apps/dummy/db/migrate/20210308044214_create_join_table_mock_groups_mock_users.rb +8 -0
data/spec/apps/dummy/db/schema.rb +42 -0
data/spec/controllers/scimitar/application_controller_spec.rb +173 -0
data/spec/controllers/scimitar/resource_types_controller_spec.rb +94 -0
data/spec/controllers/scimitar/resources_controller_spec.rb +247 -0
data/spec/controllers/scimitar/schemas_controller_spec.rb +75 -0
data/spec/controllers/scimitar/service_provider_configurations_controller_spec.rb +22 -0
data/spec/models/scimitar/complex_types/address_spec.rb +19 -0
data/spec/models/scimitar/complex_types/email_spec.rb +23 -0
data/spec/models/scimitar/lists/count_spec.rb +147 -0
data/spec/models/scimitar/lists/query_parser_spec.rb +763 -0
data/spec/models/scimitar/resource_type_spec.rb +21 -0
data/spec/models/scimitar/resources/base_spec.rb +289 -0
data/spec/models/scimitar/resources/base_validation_spec.rb +61 -0
data/spec/models/scimitar/resources/mixin_spec.rb +2127 -0
data/spec/models/scimitar/resources/user_spec.rb +55 -0
data/spec/models/scimitar/schema/attribute_spec.rb +80 -0
data/spec/models/scimitar/schema/base_spec.rb +64 -0
data/spec/models/scimitar/schema/group_spec.rb +87 -0
data/spec/models/scimitar/schema/user_spec.rb +710 -0
data/spec/requests/active_record_backed_resources_controller_spec.rb +569 -0
data/spec/requests/application_controller_spec.rb +49 -0
data/spec/requests/controller_configuration_spec.rb +17 -0
data/spec/requests/engine_spec.rb +20 -0
data/spec/spec_helper.rb +66 -0
metadata +315 -0

data/spec/requests/active_record_backed_resources_controller_spec.rb ADDED Viewed

@@ -0,0 +1,569 @@
+require 'spec_helper'
+RSpec.describe Scimitar::ActiveRecordBackedResourcesController do
+  before :each do
+    allow_any_instance_of(Scimitar::ApplicationController).to receive(:authenticated?).and_return(true)
+    @u1 = MockUser.create(username: '1', first_name: 'Foo', last_name: 'Ark', home_email_address: 'home_1@test.com')
+    @u2 = MockUser.create(username: '2', first_name: 'Foo', last_name: 'Bar', home_email_address: 'home_2@test.com')
+    @u3 = MockUser.create(username: '3', first_name: 'Foo',                   home_email_address: 'home_3@test.com')
+  end
+  # ===========================================================================
+  context '#index' do
+    context 'with no items' do
+      it 'returns empty list' do
+        MockUser.delete_all
+        expect_any_instance_of(MockUsersController).to receive(:index).once.and_call_original
+        get '/Users', params: { format: :scim }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['totalResults']).to eql(0)
+        expect(result['startIndex'  ]).to eql(1)
+        expect(result['itemsPerPage']).to eql(100)
+      end
+    end # "context 'with no items' do"
+    context 'with items' do
+      it 'returns all items' do
+        get '/Users', params: { format: :scim }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['totalResults']).to eql(3)
+        expect(result['Resources'].size).to eql(3)
+        ids = result['Resources'].map { |resource| resource['id'] }
+        expect(ids).to match_array([@u1.id.to_s, @u2.id.to_s, @u3.id.to_s])
+        usernames = result['Resources'].map { |resource| resource['userName'] }
+        expect(usernames).to match_array(['1', '2', '3'])
+      end
+      it 'applies a filter, with case-insensitive value comparison' do
+        get '/Users', params: {
+          format: :scim,
+          filter: 'name.givenName eq "Foo" and name.familyName pr and emails ne "home_1@TEST.COM"'
+        }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['totalResults']).to eql(1)
+        expect(result['Resources'].size).to eql(1)
+        ids = result['Resources'].map { |resource| resource['id'] }
+        expect(ids).to match_array([@u2.id.to_s])
+        usernames = result['Resources'].map { |resource| resource['userName'] }
+        expect(usernames).to match_array(['2'])
+      end
+      it 'obeys a page size' do
+        get '/Users', params: {
+          format: :scim,
+          count:  2
+        }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['totalResults']).to eql(3)
+        expect(result['Resources'].size).to eql(2)
+        ids = result['Resources'].map { |resource| resource['id'] }
+        expect(ids).to match_array([@u1.id.to_s, @u2.id.to_s])
+        usernames = result['Resources'].map { |resource| resource['userName'] }
+        expect(usernames).to match_array(['1', '2'])
+      end
+      it 'obeys start-at-1 offsets' do
+        get '/Users', params: {
+          format:    :scim,
+          startIndex: 2
+        }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['totalResults']).to eql(3)
+        expect(result['Resources'].size).to eql(2)
+        ids = result['Resources'].map { |resource| resource['id'] }
+        expect(ids).to match_array([@u2.id.to_s, @u3.id.to_s])
+        usernames = result['Resources'].map { |resource| resource['userName'] }
+        expect(usernames).to match_array(['2', '3'])
+      end
+    end # "context 'with items' do"
+    context 'with bad calls' do
+      it 'complains about bad filters' do
+        get '/Users', params: {
+          format: :scim,
+          filter: 'name.givenName'
+        }
+        expect(response.status).to eql(400)
+        result = JSON.parse(response.body)
+        expect(result['scimType']).to eql('invalidFilter')
+      end
+    end # "context 'with bad calls' do"
+  end # "context '#index' do"
+  # ===========================================================================
+  context '#show' do
+    it 'shows an item' do
+      expect_any_instance_of(MockUsersController).to receive(:show).once.and_call_original
+      get "/Users/#{@u2.id}", params: { format: :scim }
+      expect(response.status).to eql(200)
+      result = JSON.parse(response.body)
+      expect(result['id']).to eql(@u2.id.to_s) # Note - ID was converted String; not Integer
+      expect(result['userName']).to eql('2')
+      expect(result['name']['familyName']).to eql('Bar')
+      expect(result['meta']['resourceType']).to eql('User')
+    end
+    it 'renders 404' do
+      get '/Users/xyz', params: { format: :scim }
+      expect(response.status).to eql(404)
+      result = JSON.parse(response.body)
+      expect(result['status']).to eql('404')
+    end
+  end # "context '#show' do"
+  # ===========================================================================
+  context '#create' do
+    context 'creates an item' do
+      it 'with minimal parameters' do
+        mock_before = MockUser.all.to_a
+        expect_any_instance_of(MockUsersController).to receive(:create).once.and_call_original
+        expect {
+          post "/Users", params: {
+            format: :scim,
+            userName: '4' # Minimum required by schema
+          }
+        }.to change { MockUser.count }.by(1)
+        mock_after = MockUser.all.to_a
+        new_mock = (mock_after - mock_before).first
+        expect(response.status).to eql(201)
+        result = JSON.parse(response.body)
+        expect(result['id']).to eql(new_mock.id.to_s)
+        expect(result['meta']['resourceType']).to eql('User')
+        expect(new_mock.username).to eql('4')
+      end
+      # A bit of extra coverage just for general confidence.
+      #
+      it 'with more comprehensive parameters' do
+        mock_before = MockUser.all.to_a
+        expect {
+          post "/Users", params: {
+            format: :scim,
+            userName: '4',
+            name: {
+              givenName: 'Given',
+              familyName: 'Family'
+            },
+            emails: [
+              {
+                type: 'work',
+                value: 'work_4@test.com'
+              },
+              {
+                type: 'home',
+                value: 'home_4@test.com'
+              }
+            ]
+          }
+        }.to change { MockUser.count }.by(1)
+        mock_after = MockUser.all.to_a
+        new_mock = (mock_after - mock_before).first
+        expect(response.status).to eql(201)
+        result = JSON.parse(response.body)
+        expect(result['id']).to eql(new_mock.id.to_s)
+        expect(result['meta']['resourceType']).to eql('User')
+        expect(new_mock.username).to eql('4')
+        expect(new_mock.first_name).to eql('Given')
+        expect(new_mock.last_name).to eql('Family')
+        expect(new_mock.home_email_address).to eql('home_4@test.com')
+        expect(new_mock.work_email_address).to eql('work_4@test.com')
+      end
+    end
+    it 'returns 409 for duplicates (by Rails validation)' do
+      expect_any_instance_of(MockUsersController).to receive(:create).once.and_call_original
+      expect {
+        post "/Users", params: {
+          format: :scim,
+          userName: '1' # Already exists
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(409)
+      result = JSON.parse(response.body)
+      expect(result['scimType']).to eql('uniqueness')
+      expect(result['detail']).to include('already been taken')
+    end
+    it 'notes schema validation failures' do
+      expect {
+        post "/Users", params: {
+          format: :scim
+          # userName parameter is required by schema, but missing
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(400)
+      result = JSON.parse(response.body)
+      expect(result['scimType']).to eql('invalidValue')
+      expect(result['detail']).to include('is required')
+    end
+    it 'notes Rails validation failures' do
+      expect {
+        post "/Users", params: {
+          format: :scim,
+          userName: MockUser::INVALID_USERNAME
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(400)
+      result = JSON.parse(response.body)
+      expect(result['scimType']).to eql('invalidValue')
+      expect(result['detail']).to include('is reserved')
+    end
+  end # "context '#create' do"
+  # ===========================================================================
+  context '#replace' do
+    it 'replaces all attributes in an instance' do
+      expect_any_instance_of(MockUsersController).to receive(:replace).once.and_call_original
+      expect {
+        put "/Users/#{@u2.id}", params: {
+          format: :scim,
+          userName: '4' # Minimum required by schema
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(200)
+      result = JSON.parse(response.body)
+      expect(result['id']).to eql(@u2.id.to_s)
+      expect(result['meta']['resourceType']).to eql('User')
+      @u2.reload
+      expect(@u2.username).to eql('4')
+      expect(@u2.first_name).to be_nil
+      expect(@u2.last_name).to be_nil
+      expect(@u2.home_email_address).to be_nil
+    end
+    it 'notes schema validation failures' do
+      expect {
+        put "/Users/#{@u2.id}", params: {
+          format: :scim
+          # userName parameter is required by schema, but missing
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(400)
+      result = JSON.parse(response.body)
+      expect(result['scimType']).to eql('invalidValue')
+      expect(result['detail']).to include('is required')
+      @u2.reload
+      expect(@u2.username).to eql('2')
+      expect(@u2.first_name).to eql('Foo')
+      expect(@u2.last_name).to eql('Bar')
+      expect(@u2.home_email_address).to eql('home_2@test.com')
+    end
+    it 'notes Rails validation failures' do
+      expect {
+        post "/Users", params: {
+          format: :scim,
+          userName: MockUser::INVALID_USERNAME
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(400)
+      result = JSON.parse(response.body)
+      expect(result['scimType']).to eql('invalidValue')
+      expect(result['detail']).to include('is reserved')
+      @u2.reload
+      expect(@u2.username).to eql('2')
+      expect(@u2.first_name).to eql('Foo')
+      expect(@u2.last_name).to eql('Bar')
+      expect(@u2.home_email_address).to eql('home_2@test.com')
+    end
+    it 'returns 404 if ID is invalid' do
+      expect {
+        put '/Users/xyz', params: {
+          format: :scim,
+          userName: '4' # Minimum required by schema
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(404)
+      result = JSON.parse(response.body)
+      expect(result['status']).to eql('404')
+    end
+  end # "context '#replace' do"
+  # ===========================================================================
+  context '#update' do
+    it 'patches specific attributes' do
+      expect_any_instance_of(MockUsersController).to receive(:update).once.and_call_original
+      expect {
+        patch "/Users/#{@u2.id}", params: {
+          format: :scim,
+          Operations: [
+            {
+              op: 'add',
+              path: 'userName',
+              value: '4'
+            },
+            {
+              op: 'replace',
+              path: 'emails[type eq "work"]',
+              value: { type: 'work', value: 'work_4@test.com' }
+            }
+          ]
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(200)
+      result = JSON.parse(response.body)
+      expect(result['id']).to eql(@u2.id.to_s)
+      expect(result['meta']['resourceType']).to eql('User')
+      @u2.reload
+      expect(@u2.username).to eql('4')
+      expect(@u2.first_name).to eql('Foo')
+      expect(@u2.last_name).to eql('Bar')
+      expect(@u2.home_email_address).to eql('home_2@test.com')
+      expect(@u2.work_email_address).to eql('work_4@test.com')
+    end
+    context 'clears attributes' do
+      before :each do
+        @u2.update!(work_email_address: 'work_2@test.com')
+      end
+      it 'with simple paths' do
+        expect_any_instance_of(MockUsersController).to receive(:update).once.and_call_original
+        expect {
+          patch "/Users/#{@u2.id}", params: {
+            format: :scim,
+            Operations: [
+              {
+                op: 'remove',
+                path: 'name.givenName'
+              }
+            ]
+          }
+        }.to_not change { MockUser.count }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['id']).to eql(@u2.id.to_s)
+        expect(result['meta']['resourceType']).to eql('User')
+        @u2.reload
+        expect(@u2.username).to eql('2')
+        expect(@u2.first_name).to be_nil
+        expect(@u2.last_name).to eql('Bar')
+        expect(@u2.home_email_address).to eql('home_2@test.com')
+        expect(@u2.work_email_address).to eql('work_2@test.com')
+      end
+      it 'by array entry filter match' do
+        expect_any_instance_of(MockUsersController).to receive(:update).once.and_call_original
+        expect {
+          patch "/Users/#{@u2.id}", params: {
+            format: :scim,
+            Operations: [
+              {
+                op: 'remove',
+                path: 'emails[type eq "work"]'
+              }
+            ]
+          }
+        }.to_not change { MockUser.count }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['id']).to eql(@u2.id.to_s)
+        expect(result['meta']['resourceType']).to eql('User')
+        @u2.reload
+        expect(@u2.username).to eql('2')
+        expect(@u2.first_name).to eql('Foo')
+        expect(@u2.last_name).to eql('Bar')
+        expect(@u2.home_email_address).to eql('home_2@test.com')
+        expect(@u2.work_email_address).to be_nil
+      end
+      it 'by whole collection' do
+        expect_any_instance_of(MockUsersController).to receive(:update).once.and_call_original
+        expect {
+          patch "/Users/#{@u2.id}", params: {
+            format: :scim,
+            Operations: [
+              {
+                op: 'remove',
+                path: 'emails'
+              }
+            ]
+          }
+        }.to_not change { MockUser.count }
+        expect(response.status).to eql(200)
+        result = JSON.parse(response.body)
+        expect(result['id']).to eql(@u2.id.to_s)
+        expect(result['meta']['resourceType']).to eql('User')
+        @u2.reload
+        expect(@u2.username).to eql('2')
+        expect(@u2.first_name).to eql('Foo')
+        expect(@u2.last_name).to eql('Bar')
+        expect(@u2.home_email_address).to be_nil
+        expect(@u2.work_email_address).to be_nil
+      end
+    end # "context 'clears attributes' do"
+    it 'notes Rails validation failures' do
+      expect {
+        patch "/Users/#{@u2.id}", params: {
+          format: :scim,
+          Operations: [
+            {
+              op: 'add',
+              path: 'userName',
+              value: MockUser::INVALID_USERNAME
+            }
+          ]
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(400)
+      result = JSON.parse(response.body)
+      expect(result['scimType']).to eql('invalidValue')
+      expect(result['detail']).to include('is reserved')
+      @u2.reload
+      expect(@u2.username).to eql('2')
+      expect(@u2.first_name).to eql('Foo')
+      expect(@u2.last_name).to eql('Bar')
+      expect(@u2.home_email_address).to eql('home_2@test.com')
+    end
+    it 'returns 404 if ID is invalid' do
+      expect {
+        patch '/Users/xyz', params: {
+          format: :scim,
+          Operations: [
+            {
+              op: 'add',
+              path: 'userName',
+              value: '4'
+            }
+          ]
+        }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(404)
+      result = JSON.parse(response.body)
+      expect(result['status']).to eql('404')
+    end
+  end # "context '#update' do"
+  # ===========================================================================
+  context '#destroy' do
+    it 'deletes an item if given no blok' do
+      expect_any_instance_of(MockUsersController).to receive(:destroy).once.and_call_original
+      expect_any_instance_of(MockUser).to receive(:destroy!).once.and_call_original
+      expect {
+        delete "/Users/#{@u2.id}", params: { format: :scim }
+      }.to change { MockUser.count }.by(-1)
+      expect(response.status).to eql(204)
+      expect(response.body).to be_empty
+    end
+    it 'invokes a block if given one' do
+      expect_any_instance_of(CustomDestroyMockUsersController).to receive(:destroy).once.and_call_original
+      expect_any_instance_of(MockUser).to_not receive(:destroy!)
+      expect {
+        delete "/CustomDestroyUsers/#{@u2.id}", params: { format: :scim }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(204)
+      expect(response.body).to be_empty
+      @u2.reload
+      expect(@u2.username).to eql(CustomDestroyMockUsersController::NOT_REALLY_DELETED_USERNAME_INDICATOR)
+    end
+    it 'returns 404 if ID is invalid' do
+      expect {
+        delete '/Users/xyz', params: { format: :scim }
+      }.to_not change { MockUser.count }
+      expect(response.status).to eql(404)
+      result = JSON.parse(response.body)
+      expect(result['status']).to eql('404')
+    end
+  end # "context '#destroy' do"
+  # ===========================================================================
+  context 'service methods' do
+    context '#storage_scope' do
+      it 'raises "not implemented" to warn subclass authors' do
+        expect { described_class.new.send(:storage_scope) }.to raise_error(NotImplementedError)
+      end
+    end # "context '#storage_class' do"
+  end # "context 'service methods' do"
+end