scimitar 1.10.0 → 2.0.0

data/spec/apps/dummy/app/models/mock_user.rb

@@ -1,25 +1,18 @@
 class MockUser < ActiveRecord::Base
 
-  self.primary_key = :primary_key
-
   # ===========================================================================
   # TEST ATTRIBUTES - see db/migrate/20210304014602_create_mock_users.rb etc.
   # ===========================================================================
 
   READWRITE_ATTRS = %w{
-    primary_key
+    id
     scim_uid
     username
-    password
     first_name
     last_name
     work_email_address
     home_email_address
     work_phone_number
-    organization
-    department
-    manager
-    mock_groups
   }
 
   has_and_belongs_to_many :mock_groups
@@ -45,11 +38,9 @@ class MockUser < ActiveRecord::Base
 
   def self.scim_attributes_map
     return {
-      id:         :primary_key,
+      id:         :id,
       externalId: :scim_uid,
       userName:   :username,
-      password:   :password,
-      active:     :is_active,
       name:       {
         givenName:  :first_name,
         familyName: :last_name
@@ -82,11 +73,8 @@ class MockUser < ActiveRecord::Base
           }
         },
       ],
-      groups: [
+      groups: [ # NB read-only, so no :find_with key
         {
-          # Read-only, so no :find_with key. There's no 'class' specified here
-          # either, to help test the "/Schemas" endpoint's reflection code.
-          #
           list:  :mock_groups,
           using: {
             value:   :id,
@@ -94,26 +82,7 @@ class MockUser < ActiveRecord::Base
           }
         }
       ],
-
-      # Custom extension schema - see configuration in
-      # "spec/apps/dummy/config/initializers/scimitar.rb".
-      #
-      organization: :organization,
-      department:   :department,
-      primaryEmail: :scim_primary_email,
-
-      manager:      :manager,
-
-      userGroups: [
-        {
-          list:      :mock_groups,
-          find_with: ->(value) { MockGroup.find(value["value"]) },
-          using: {
-            value:   :id,
-            display: :display_name
-          }
-        }
-      ]
+      active: :is_active
     }
   end
 
@@ -123,25 +92,13 @@ class MockUser < ActiveRecord::Base
 
   def self.scim_queryable_attributes
     return {
-      'id'                => { column: :primary_key },
-      'externalId'        => { column: :scim_uid },
-      'meta.lastModified' => { column: :updated_at },
-      'name.givenName'    => { column: :first_name },
-      'name.familyName'   => { column: :last_name  },
-      'groups'            => { column: MockGroup.arel_table[:id] },
-      'groups.value'      => { column: MockGroup.arel_table[:id] },
-      'emails'            => { columns: [ :work_email_address, :home_email_address ] },
-      'emails.value'      => { columns: [ :work_email_address, :home_email_address ] },
-      'emails.type'       => { ignore: true }, # We can't filter on that; it'll just search all e-mails
-      'primaryEmail'      => { column: :scim_primary_email },
+      'name.givenName'  => { column: :first_name },
+      'name.familyName' => { column: :last_name  },
+      'emails'          => { columns: [ :work_email_address, :home_email_address ] },
+      'emails.value'    => { columns: [ :work_email_address, :home_email_address ] },
+      'emails.type'     => { ignore: true } # We can't filter on that; it'll just search all e-mails
     }
   end
 
-  # Custom attribute reader
-  #
-  def scim_primary_email
-    work_email_address
-  end
-
   include Scimitar::Resources::Mixin
 end

data/spec/apps/dummy/config/application.rb

@@ -12,6 +12,7 @@ require 'scimitar'
 
 module Dummy
   class Application < Rails::Application
+    config.load_defaults 7.0
   end
 end
 

data/spec/apps/dummy/config/environments/test.rb

@@ -1,15 +1,38 @@
+require 'active_support/core_ext/integer/time'
+
 Rails.application.configure do
   config.cache_classes = true
   config.eager_load = false
-  config.serve_static_files = true
-  config.static_cache_control = 'public, max-age=3600'
-  config.consider_all_requests_local = true
 
-  config.action_dispatch.show_exceptions = false
+  # Configure public file server for tests with Cache-Control for performance.
+  config.public_file_server.enabled = true
+  config.public_file_server.headers = {
+    'Cache-Control' => "public, max-age=#{1.hour.to_i}"
+  }
 
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
+  config.cache_store = :null_store
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
   config.action_controller.allow_forgery_protection = false
 
-  config.active_support.test_order = :random
+  # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
+
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
+  # Raises error for missing translations.
+  config.i18n.raise_on_missing_translations = true
+
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
 end

data/spec/apps/dummy/config/initializers/scimitar.rb

@@ -1,96 +1,16 @@
 # Test app configuration.
 #
-# Note that as a result of https://github.com/RIPAGlobal/scimitar/issues/48,
-# tests include a custom extension of the core User schema. A shortcoming of
-# some of the code from which Scimitar was originally built is that those
-# extensions are done with class-level ivars, so it is largely impossible (or
-# at least, impractical in tests) to avoid polluting the core class itself
-# with the extension.
-#
-# All related schema tests are written with this in mind.
-#
-# Further, https://github.com/RIPAGlobal/scimitar/pull/54 fixed warning
-# messages in a way that worked on Rails 6+ but, for V1 Scimitar, it would
-# break existing working setups that didn't use the +to_prepare+ wrapper. Their
-# application configuration would be written *first* but then *overwritten* by
-# the default +to_prepare+ block in Scimitar itself, since that runs later. The
-# file below does *not* use +to_prepare+ in order to test the workaround that
-# was produced; it should work on all Ruby versions as-is.
-#
-Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
-
-  application_controller_mixin: Module.new do
-    def self.included(base)
-      base.class_eval do
-        def test_hook; end
-        before_action :test_hook
-      end
-    end
-
-    def scim_schemas_url(options)
-      super(test: 1, **options)
-    end
-
-    def scim_resource_type_url(options)
-      super(test: 1, **options)
-    end
-  end
-
-})
-
-module ScimSchemaExtensions
-  module User
-
-    # This "looks like" part of the standard Enterprise extension.
-    #
-    class Enterprise < Scimitar::Schema::Base
-      def initialize(options = {})
-        super(
-          name:            'EnterpriseExtendedUser',
-          description:     'Enterprise extension for a User',
-          id:              self.class.id,
-          scim_attributes: self.class.scim_attributes
-        )
-      end
-
-      def self.id
-        'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User'
-      end
-
-      def self.scim_attributes
-        [
-          Scimitar::Schema::Attribute.new(name: 'organization', type: 'string'),
-          Scimitar::Schema::Attribute.new(name: 'department',   type: 'string'),
-          Scimitar::Schema::Attribute.new(name: 'primaryEmail', type: 'string'),
-        ]
+Rails.application.config.to_prepare do
+  Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
+
+    application_controller_mixin: Module.new do
+      def self.included(base)
+        base.class_eval do
+          def test_hook; end
+          before_action :test_hook
+        end
       end
     end
 
-    # In https://github.com/RIPAGlobal/scimitar/issues/122 we learn that with
-    # more than one extension, things can go wrong - so now we test with two.
-    #
-    class Manager < Scimitar::Schema::Base
-      def initialize(options = {})
-        super(
-          name:            'ManagementExtendedUser',
-          description:     'Management extension for a User',
-          id:              self.class.id,
-          scim_attributes: self.class.scim_attributes
-        )
-      end
-
-      def self.id
-        'urn:ietf:params:scim:schemas:extension:manager:1.0:User'
-      end
-
-      def self.scim_attributes
-        [
-          Scimitar::Schema::Attribute.new(name: 'manager', type: 'string')
-        ]
-      end
-    end
-  end
+  })
 end
-
-Scimitar::Resources::User.extend_schema ScimSchemaExtensions::User::Enterprise
-Scimitar::Resources::User.extend_schema ScimSchemaExtensions::User::Manager

data/spec/apps/dummy/config/routes.rb

@@ -6,38 +6,17 @@
 Rails.application.routes.draw do
   mount Scimitar::Engine, at: '/'
 
-  get    'Users',      to: 'mock_users#index'
-  get    'Users/:id',  to: 'mock_users#show'
-  post   'Users',      to: 'mock_users#create'
-  put    'Users/:id',  to: 'mock_users#replace'
-  patch  'Users/:id',  to: 'mock_users#update'
-  delete 'Users/:id',  to: 'mock_users#destroy'
+  get    'Users',     to: 'mock_users#index'
+  get    'Users/:id', to: 'mock_users#show'
+  post   'Users',     to: 'mock_users#create'
+  put    'Users/:id', to: 'mock_users#replace'
+  patch  'Users/:id', to: 'mock_users#update'
+  delete 'Users/:id', to: 'mock_users#destroy'
 
-  get    'Groups',     to: 'mock_groups#index'
-  get    'Groups/:id', to: 'mock_groups#show'
-  patch  'Groups/:id', to: 'mock_groups#update'
-
-  # For testing blocks passed to ActiveRecordBackedResourcesController#create,
-  # #update, #replace and #destroy.
+  # For testing blocks passed to ActiveRecordBackedResourcesController#destroy
   #
-  post   'CustomCreateUsers',      to: 'custom_create_mock_users#create'
-  patch  'CustomUpdateUsers/:id',  to: 'custom_update_mock_users#update'
-  put    'CustomReplaceUsers/:id', to: 'custom_replace_mock_users#replace'
   delete 'CustomDestroyUsers/:id', to: 'custom_destroy_mock_users#destroy'
 
-  # Needed because the auto-render of most of the above includes a 'url_for'
-  # call for a 'show' action, so we must include routes (implemented in the
-  # base class) for the "show" endpoint.
-  #
-  get  'CustomCreateUsers/:id',  to: 'custom_create_mock_users#show'
-  get  'CustomUpdateUsers/:id',  to: 'custom_update_mock_users#show'
-  get  'CustomReplaceUsers/:id', to: 'custom_replace_mock_users#show'
-
-  # For testing blocks passed to ActiveRecordBackedResourcesController#save!
-  #
-  post 'CustomSaveUsers',     to: 'custom_save_mock_users#create'
-  get  'CustomSaveUsers/:id', to: 'custom_save_mock_users#show'
-
   # For testing environment inside Scimitar::ApplicationController subclasses.
   #
   get  'CustomRequestVerifiers', to: 'custom_request_verifiers#index'

data/spec/apps/dummy/db/migrate/20210304014602_create_mock_users.rb

@@ -1,25 +1,15 @@
 class CreateMockUsers < ActiveRecord::Migration[6.1]
   def change
-    create_table :mock_users, id: :uuid, primary_key: :primary_key do |t|
-      t.timestamps
+    create_table :mock_users do |t|
 
-      # Support part of the core schema
-      #
       t.text :scim_uid
       t.text :username
-      t.text :password
       t.text :first_name
       t.text :last_name
       t.text :work_email_address
       t.text :home_email_address
       t.text :work_phone_number
 
-      # Support the custom extension schema - see configuration in
-      # "spec/apps/dummy/config/initializers/scimitar.rb".
-      #
-      t.text :organization
-      t.text :department
-      t.text :manager
     end
   end
 end

data/spec/apps/dummy/db/migrate/20210308044214_create_join_table_mock_groups_mock_users.rb

@@ -1,13 +1,8 @@
 class CreateJoinTableMockGroupsMockUsers < ActiveRecord::Migration[6.1]
   def change
-    create_table :mock_groups_users, id: false do | t |
-      t.references :mock_group, foreign_key: true, type: :int8, index: true, null: false
-      t.references :mock_user,                     type: :uuid, index: true, null: false, primary_key: :primary_key
-
-      # The 'foreign_key:' option (used above) only works for 'id' column names
-      # but the test data has a column named 'primary_key' for 'mock_users'.
-      #
-      t.foreign_key :mock_users, primary_key: :primary_key
+    create_join_table :mock_groups, :mock_users do |t|
+      t.index [:mock_group_id, :mock_user_id]
+      t.index [:mock_user_id, :mock_group_id]
     end
   end
 end

data/spec/apps/dummy/db/schema.rb

@@ -24,27 +24,19 @@ ActiveRecord::Schema.define(version: 2021_03_08_044214) do
 
   create_table "mock_groups_users", id: false, force: :cascade do |t|
     t.bigint "mock_group_id", null: false
-    t.uuid "mock_user_id", null: false
-    t.index ["mock_group_id"], name: "index_mock_groups_users_on_mock_group_id"
-    t.index ["mock_user_id"], name: "index_mock_groups_users_on_mock_user_id"
+    t.bigint "mock_user_id", null: false
+    t.index ["mock_group_id", "mock_user_id"], name: "index_mock_groups_users_on_mock_group_id_and_mock_user_id"
+    t.index ["mock_user_id", "mock_group_id"], name: "index_mock_groups_users_on_mock_user_id_and_mock_group_id"
   end
 
-  create_table "mock_users", primary_key: "primary_key", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
-    t.datetime "created_at", null: false
-    t.datetime "updated_at", null: false
+  create_table "mock_users", force: :cascade do |t|
     t.text "scim_uid"
     t.text "username"
-    t.text "password"
     t.text "first_name"
     t.text "last_name"
     t.text "work_email_address"
     t.text "home_email_address"
     t.text "work_phone_number"
-    t.text "organization"
-    t.text "department"
-    t.text "manager"
   end
 
-  add_foreign_key "mock_groups_users", "mock_groups"
-  add_foreign_key "mock_groups_users", "mock_users", primary_key: "primary_key"
 end

data/spec/controllers/scimitar/application_controller_spec.rb

@@ -24,7 +24,7 @@ RSpec.describe Scimitar::ApplicationController do
       get :index, params: { format: :scim }
       expect(response).to be_ok
       expect(JSON.parse(response.body)).to eql({ 'message' => 'cool, cool!' })
-      expect(response.headers['WWW-Authenticate']).to eql('Basic')
+      expect(response.headers['WWW_AUTHENTICATE']).to eql('Basic')
     end
 
     it 'renders failure with bad password' do
@@ -84,61 +84,7 @@ RSpec.describe Scimitar::ApplicationController do
       get :index, params: { format: :scim }
       expect(response).to be_ok
       expect(JSON.parse(response.body)).to eql({ 'message' => 'cool, cool!' })
-      expect(response.headers['WWW-Authenticate']).to eql('Bearer')
-    end
-
-    it 'renders failure with bad token' do
-      request.env['HTTP_AUTHORIZATION'] = 'Bearer Invalid'
-
-      get :index, params: { format: :scim }
-      expect(response).not_to be_ok
-    end
-
-    it 'renders failure with blank token' do
-      request.env['HTTP_AUTHORIZATION'] = 'Bearer'
-
-      get :index, params: { format: :scim }
-      expect(response).not_to be_ok
-    end
-
-    it 'renders failure with missing header' do
-      get :index, params: { format: :scim }
-      expect(response).not_to be_ok
-    end
-  end
-
-  context 'authenticator evaluated within controller context' do
-
-    # Define a controller with a custom instance method 'valid_token'.
-    #
-    controller do
-      def index
-        render json: { 'message' => 'cool, cool!' }, format: :scim
-      end
-
-      def valid_token
-        'B'
-      end
-    end
-
-    # Call the above controller method from the token authenticator Proc,
-    # proving that it was executed in the controller's context.
-    #
-    before do
-      Scimitar.engine_configuration = Scimitar::EngineConfiguration.new(
-        token_authenticator: Proc.new do | token, options |
-          token == self.valid_token()
-        end
-      )
-    end
-
-    it 'renders success when valid creds are given' do
-      request.env['HTTP_AUTHORIZATION'] = 'Bearer B'
-
-      get :index, params: { format: :scim }
-      expect(response).to be_ok
-      expect(JSON.parse(response.body)).to eql({ 'message' => 'cool, cool!' })
-      expect(response.headers['WWW-Authenticate']).to eql('Bearer')
+      expect(response.headers['WWW_AUTHENTICATE']).to eql('Bearer')
     end
 
     it 'renders failure with bad token' do
@@ -223,74 +169,5 @@ RSpec.describe Scimitar::ApplicationController do
       expect(parsed_body).to include('status' => '500')
       expect(parsed_body).to include('detail' => 'Bang')
     end
-
-    context 'with an exception reporter' do
-      around :each do | example |
-        original_configuration = Scimitar.engine_configuration.exception_reporter
-        Scimitar.engine_configuration.exception_reporter = Proc.new do | exception |
-          @exception = exception
-        end
-        example.run()
-      ensure
-        Scimitar.engine_configuration.exception_reporter = original_configuration
-      end
-
-      context 'and "internal server error"' do
-        it 'is invoked' do
-          get :index, params: { format: :scim }
-
-          expect(@exception).to be_a(RuntimeError)
-          expect(@exception.message).to eql('Bang')
-        end
-      end
-
-      context 'and "not found"' do
-        controller do
-          def index
-            handle_resource_not_found(ActiveRecord::RecordNotFound.new(42))
-          end
-        end
-
-        it 'is invoked' do
-          get :index, params: { format: :scim }
-
-          expect(@exception).to be_a(ActiveRecord::RecordNotFound)
-          expect(@exception.message).to eql('42')
-        end
-      end
-
-      context 'and bad JSON' do
-        controller do
-          def index
-            begin
-              raise 'Hello'
-            rescue
-              raise ActionDispatch::Http::Parameters::ParseError
-            end
-          end
-        end
-
-        it 'is invoked' do
-          get :index, params: { format: :scim }
-
-          expect(@exception).to be_a(ActionDispatch::Http::Parameters::ParseError)
-          expect(@exception.message).to eql('Hello')
-        end
-      end
-
-      context 'and a bad content type' do
-        controller do
-          def index; end
-        end
-
-        it 'is invoked' do
-          request.headers['Content-Type'] = 'text/plain'
-          get :index
-
-          expect(@exception).to be_a(Scimitar::ErrorResponse)
-          expect(@exception.message).to eql('Only application/scim+json type is accepted.')
-        end
-      end
-    end # "context 'exception reporter' do"
-  end # "context 'error handling' do"
+  end
 end

data/spec/controllers/scimitar/resource_types_controller_spec.rb

@@ -9,8 +9,8 @@ RSpec.describe Scimitar::ResourceTypesController do
     it 'renders the resource type for user' do
       get :index, format: :scim
       response_hash = JSON.parse(response.body)
-      expected_response = [ Scimitar::Resources::User.resource_type(scim_resource_type_url(name: 'User', test: 1)),
-                            Scimitar::Resources::Group.resource_type(scim_resource_type_url(name: 'Group', test: 1))
+      expected_response = [ Scimitar::Resources::User.resource_type(scim_resource_type_url(name: 'User')),
+                            Scimitar::Resources::Group.resource_type(scim_resource_type_url(name: 'Group'))
       ].to_json
 
       response_hash = JSON.parse(response.body)