scimitar 1.10.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: db2ddb3c77cd7a482505003624275950458638efef053abe9df427b644412de4
-  data.tar.gz: f2bc178baf10fd8cfc995114ae7dad80f822a604f9b016ae0f16cea5e1abbc9f
+  metadata.gz: 95a2166cc921a400959f9d8d4398f6bf8ecb772f8d7a0a0a73950892e85d808a
+  data.tar.gz: cdf5aab3812f10f69c96304e738a150f4208850267527b66d36eeb99548d7b1f
 SHA512:
-  metadata.gz: 945f6073d1fa337eab6ef82644402a7c977858db3289af7480970fadd047c4ef6a55ed8f6d2756265a84c794ca957f1c83d83ecbad07d999355c23dd0cf2cbfa
-  data.tar.gz: '0869c64c2c49128005a7163814a3ccb32e0c99209ad2a867b4c24a87c9b95e8bbb7cb39fc92bdec5c01a9d45c4316ea25c33ed3fd347e500bea02fe62922df2a'
+  metadata.gz: f0925517599b107e44fd93db9be142aebe608892c2c5069c50d22b353c51238290710474b062a002fdb010be3d783c4dea3b314f72f47b4aca3c2385a8fc1377
+  data.tar.gz: eef6eebfc64bb2d4adabfca110f26e3a6c9e227f47387da6fb384925899ddf0ae260cf68176f24040a6bb356cf34f6576c920bd44264d4a1fee415aeadc237e6

data/app/controllers/scimitar/active_record_backed_resources_controller.rb

@@ -1,3 +1,5 @@
+require_dependency "scimitar/application_controller"
+
 module Scimitar
 
   # An ActiveRecord-centric subclass of Scimitar::ResourcesController. See that
@@ -17,9 +19,7 @@ module Scimitar
   #
   class ActiveRecordBackedResourcesController < ResourcesController
 
-    rescue_from 'ActiveRecord::RecordNotFound', with: :handle_resource_not_found # See Scimitar::ApplicationController
-
-    before_action :obtain_id_column_name_from_attribute_map
+    rescue_from ActiveRecord::RecordNotFound, with: :handle_resource_not_found # See Scimitar::ApplicationController
 
     # GET (list)
     #
@@ -37,13 +37,12 @@ module Scimitar
       pagination_info = scim_pagination_info(query.count())
 
       page_of_results = query
-        .order(@id_column => :asc)
         .offset(pagination_info.offset)
         .limit(pagination_info.limit)
         .to_a()
 
       super(pagination_info, page_of_results) do | record |
-        record_to_scim(record)
+        record.to_scim(location: url_for(action: :show, id: record.id))
       end
     end
 
@@ -52,61 +51,45 @@ module Scimitar
     def show
       super do |record_id|
         record = self.find_record(record_id)
-        record_to_scim(record)
+        record.to_scim(location: url_for(action: :show, id: record_id))
       end
     end
 
     # POST (create)
     #
-    # Calls #save! on the new record if no block is given, else invokes the
-    # block, passing it the new ActiveRecord model instance to be saved. It
-    # is up to the block to make any further changes and persist the record.
-    #
-    # Blocks are invoked from within a wrapping database transaction.
-    # ActiveRecord::RecordInvalid exceptions are handled for you, rendering
-    # an appropriate SCIM error.
-    #
-    def create(&block)
+    def create
       super do |scim_resource|
         self.storage_class().transaction do
           record = self.storage_class().new
           record.from_scim!(scim_hash: scim_resource.as_json())
-          self.save!(record, &block)
-          record_to_scim(record)
+          self.save!(record)
+          record.to_scim(location: url_for(action: :show, id: record.id))
         end
       end
     end
 
     # PUT (replace)
     #
-    # Calls #save! on the updated record if no block is given, else invokes the
-    # block, passing the updated record which the block must persist, with the
-    # same rules as for #create.
-    #
-    def replace(&block)
+    def replace
       super do |record_id, scim_resource|
         self.storage_class().transaction do
           record = self.find_record(record_id)
           record.from_scim!(scim_hash: scim_resource.as_json())
-          self.save!(record, &block)
-          record_to_scim(record)
+          self.save!(record)
+          record.to_scim(location: url_for(action: :show, id: record.id))
         end
       end
     end
 
     # PATCH (update)
     #
-    # Calls #save! on the updated record if no block is given, else invokes the
-    # block, passing the updated record which the block must persist, with the
-    # same rules as for #create.
-    #
-    def update(&block)
+    def update
       super do |record_id, patch_hash|
         self.storage_class().transaction do
           record = self.find_record(record_id)
           record.from_scim_patch!(patch_hash: patch_hash)
-          self.save!(record, &block)
-          record_to_scim(record)
+          self.save!(record)
+          record.to_scim(location: url_for(action: :show, id: record.id))
         end
       end
     end
@@ -148,46 +131,19 @@ module Scimitar
         raise NotImplementedError
       end
 
-      # Return an Array of exceptions that #save! can rescue and handle with a
-      # SCIM error automatically.
-      #
-      def scimitar_rescuable_exceptions
-        [
-          ActiveRecord::RecordInvalid,
-          ActiveRecord::RecordNotSaved,
-          ActiveRecord::RecordNotUnique,
-        ]
-      end
-
       # Find a record by ID. Subclasses can override this if they need special
       # lookup behaviour.
       #
       # +record_id+:: Record ID (SCIM schema 'id' value - "our" ID).
       #
       def find_record(record_id)
-        self.storage_scope().find_by!(@id_column => record_id)
-      end
-
-      # DRY up controller actions - pass a record; returns the SCIM
-      # representation, with a "show" location specified via #url_for.
-      #
-      def record_to_scim(record)
-        record.to_scim(
-          location: url_for(action: :show, id: record.send(@id_column)),
-          include_attributes: params.fetch(:attributes, "").split(",")
-        )
+        self.storage_scope().find(record_id)
       end
 
       # Save a record, dealing with validation exceptions by raising SCIM
       # errors.
       #
-      # +record+:: ActiveRecord subclass to save.
-      #
-      # If you just let this superclass handle things, it'll call the standard
-      # +#save!+ method on the record. If you pass a block, then this block is
-      # invoked and passed the ActiveRecord model instance to be saved. You can
-      # then do things like calling a different method, using a service object
-      # of some kind, perform audit-related operations and so-on.
+      # +record+:: ActiveRecord subclass to save (via #save!).
       #
       # The return value is not used internally, making life easier for
       # overriding subclasses to "do the right thing" / avoid mistakes (instead
@@ -195,31 +151,11 @@ module Scimitar
       # and relying upon this to generate correct response payloads - an early
       # version of the gem did this and it caused a confusing subclass bug).
       #
-      def save!(record, &block)
-        if block_given?
-          yield(record)
-        else
-          record.save!
-        end
-      rescue *self.scimitar_rescuable_exceptions() => exception
-        handle_on_save_exception(record, exception)
-      end
+      def save!(record)
+        record.save!
 
-      # Deal with exceptions related to errors upon saving, by responding with
-      # an appropriate SCIM error. This is most effective if the record has
-      # validation errors defined, but falls back to the provided exception's
-      # message otherwise.
-      #
-      # +record+::    The record that provoked the exception. Mandatory.
-      # +exception+:: The exception that was raised. If omitted, a default of
-      #               'Unknown', in English with no I18n, is used.
-      #
-      def handle_on_save_exception(record, exception = RuntimeError.new('Unknown'))
-        details = if record.errors.present?
-          record.errors.full_messages.join('; ')
-        else
-          exception.message
-        end
+      rescue ActiveRecord::RecordInvalid => exception
+        joined_errors = record.errors.full_messages.join('; ')
 
         # https://tools.ietf.org/html/rfc7644#page-12
         #
@@ -229,27 +165,16 @@ module Scimitar
         #   status code 409 (Conflict) with a "scimType" error code of
         #   "uniqueness"
         #
-        if exception.is_a?(ActiveRecord::RecordNotUnique) || record.errors.any? { | e | e.type == :taken }
+        if record.errors.any? { | e | e.type == :taken }
           raise Scimitar::ErrorResponse.new(
             status:   409,
             scimType: 'uniqueness',
-            detail:   "Operation failed due to a uniqueness constraint: #{details}"
+            detail:   joined_errors
           )
         else
-          raise Scimitar::ResourceInvalidError.new(details)
+          raise Scimitar::ResourceInvalidError.new(joined_errors)
         end
       end
 
-      # Called via +before_action+ - stores in @id_column the name of whatever
-      # model column is used to store the record ID, via
-      # Scimitar::Resources::Mixin::scim_attributes_map.
-      #
-      # Default is <tt>:id</tt>.
-      #
-      def obtain_id_column_name_from_attribute_map
-        attrs      = storage_class().scim_attributes_map() || {}
-        @id_column = attrs[:id] || :id
-      end
-
   end
 end

data/app/controllers/scimitar/application_controller.rb

@@ -25,11 +25,10 @@ module Scimitar
       #
       # ...to "globally" invoke this handler if you wish.
       #
-      # +exception+:: Exception instance, used for a configured error reporter
-      #               via #handle_scim_error (if present).
+      # +_exception+:: Exception instance (currently unused).
       #
-      def handle_resource_not_found(exception)
-        handle_scim_error(NotFoundError.new(params[:id]), exception)
+      def handle_resource_not_found(_exception)
+        handle_scim_error(NotFoundError.new(params[:id]))
       end
 
       # This base controller uses:
@@ -39,22 +38,9 @@ module Scimitar
       # ...to "globally" invoke this handler for all Scimitar errors (including
       # subclasses).
       #
-      # Mandatory parameters are:
-      #
       # +error_response+:: Scimitar::ErrorResponse (or subclass) instance.
       #
-      # Optional parameters are:
-      #
-      # *exception+:: If a Ruby exception was the reason this method is being
-      #               called, pass it here. Any configured exception reporting
-      #               mechanism will be invokved with the given parameter.
-      #               Otherwise, the +error_response+ value is reported.
-      #
-      def handle_scim_error(error_response, exception = error_response)
-        unless Scimitar.engine_configuration.exception_reporter.nil?
-          Scimitar.engine_configuration.exception_reporter.call(exception)
-        end
-
+      def handle_scim_error(error_response)
         render json: error_response, status: error_response.status
       end
 
@@ -69,7 +55,7 @@ module Scimitar
       # +exception+:: Exception instance.
       #
       def handle_bad_json_error(exception)
-        handle_scim_error(ErrorResponse.new(status: 400, detail: "Invalid JSON - #{exception.message}"), exception)
+        handle_scim_error(ErrorResponse.new(status: 400, detail: "Invalid JSON - #{exception.message}"))
       end
 
       # This base controller uses:
@@ -82,7 +68,7 @@ module Scimitar
       #
       def handle_unexpected_error(exception)
         Rails.logger.error("#{exception.message}\n#{exception.backtrace}")
-        handle_scim_error(ErrorResponse.new(status: 500, detail: exception.message), exception)
+        handle_scim_error(ErrorResponse.new(status: 500, detail: exception.message))
       end
 
     # =========================================================================
@@ -96,17 +82,12 @@ module Scimitar
       # request and subclass processing.
       #
       def require_scim
-        scim_mime_type = Mime::Type.lookup_by_extension(:scim).to_s
-
-        if request.media_type.nil? || request.media_type.empty?
-          request.format = :scim
-          request.headers['CONTENT_TYPE'] = scim_mime_type
-        elsif request.media_type.downcase == scim_mime_type
+        if request.content_type&.downcase == Mime::Type.lookup_by_extension(:scim).to_s
           request.format = :scim
         elsif request.format == :scim
-          request.headers['CONTENT_TYPE'] = scim_mime_type
+          request.headers['CONTENT_TYPE'] = Mime::Type.lookup_by_extension(:scim).to_s
         else
-          handle_scim_error(ErrorResponse.new(status: 406, detail: "Only #{scim_mime_type} type is accepted."))
+          handle_scim_error(ErrorResponse.new(status: 406, detail: "Only #{Mime::Type.lookup_by_extension(:scim)} type is accepted."))
         end
       end
 
@@ -124,13 +105,8 @@ module Scimitar
         #
         # https://stackoverflow.com/questions/10239970/what-is-the-delimiter-for-www-authenticate-for-multiple-schemes
         #
-        response.set_header('WWW-Authenticate', 'Basic' ) if Scimitar.engine_configuration.basic_authenticator.present?
-        response.set_header('WWW-Authenticate', 'Bearer') if Scimitar.engine_configuration.token_authenticator.present?
-
-        # No matter what a caller might request via headers, the only content
-        # type we can ever respond with is JSON-for-SCIM.
-        #
-        response.set_header('Content-Type', "#{Mime::Type.lookup_by_extension(:scim)}; charset=utf-8")
+        response.set_header('WWW_AUTHENTICATE', 'Basic' ) if Scimitar.engine_configuration.basic_authenticator.present?
+        response.set_header('WWW_AUTHENTICATE', 'Bearer') if Scimitar.engine_configuration.token_authenticator.present?
       end
 
       def authenticate
@@ -139,15 +115,11 @@ module Scimitar
 
       def authenticated?
         result = if Scimitar.engine_configuration.basic_authenticator.present?
-          authenticate_with_http_basic do |username, password|
-            instance_exec(username, password, &Scimitar.engine_configuration.basic_authenticator)
-          end
+          authenticate_with_http_basic(&Scimitar.engine_configuration.basic_authenticator)
         end
 
         result ||= if Scimitar.engine_configuration.token_authenticator.present?
-          authenticate_with_http_token do |token, options|
-            instance_exec(token, options, &Scimitar.engine_configuration.token_authenticator)
-          end
+          authenticate_with_http_token(&Scimitar.engine_configuration.token_authenticator)
         end
 
         return result

data/app/controllers/scimitar/resource_types_controller.rb

@@ -1,3 +1,5 @@
+require_dependency "scimitar/application_controller"
+
 module Scimitar
   class ResourceTypesController < ApplicationController
     def index

data/app/controllers/scimitar/resources_controller.rb

@@ -1,3 +1,5 @@
+require_dependency "scimitar/application_controller"
+
 module Scimitar
 
   # A Rails controller which is mostly idiomatic, with #index, #show, #create