scimitar 1.8.1 → 2.0.0

data/app/models/scimitar/resources/mixin.rb

@@ -220,8 +220,13 @@ module Scimitar
     # allow for different client searching "styles", given ambiguities in RFC
     # 7644 filter examples).
     #
-    # Each value is a hash of queryable SCIM attribute options, described
-    # below - for example:
+    # Each value is a Hash with Symbol keys ':column', naming just one simple
+    # column for a mapping; ':columns', with an Array of column names that you
+    # want to map using 'OR' for a single search on the corresponding SCIM
+    # attribute; or ':ignore' with value 'true', which means that a fitler on
+    # the matching attribute is ignored rather than resulting in an "invalid
+    # filter" exception - beware possibilities for surprised clients getting a
+    # broader result set than expected. Example:
     #
     #     def self.scim_queryable_attributes
     #       return {
@@ -229,27 +234,10 @@ module Scimitar
     #         'name.familyName' => { column: :last_name  },
     #         'emails'          => { columns: [ :work_email_address, :home_email_address ] },
     #         'emails.value'    => { columns: [ :work_email_address, :home_email_address ] },
-    #         'emails.type'     => { ignore: true },
-    #         'groups.value'    => { column: Group.arel_table[:id] }
+    #         'emails.type'     => { ignore: true }
     #       }
     #     end
     #
-    # Column references can be either a Symbol representing a column within
-    # the resource model table, or an <tt>Arel::Attribute</tt> instance via
-    # e.g. <tt>MyModel.arel_table[:my_column]</tt>.
-    #
-    # === Queryable SCIM attribute options
-    #
-    # +:column+::  Just one simple column for a mapping.
-    #
-    # +:columns+:: An Array of columns that you want to map using 'OR' for a
-    #              single search of the corresponding entity.
-    #
-    # +:ignore+::  When set to +true+, the matching attribute is ignored rather
-    #              than resulting in an "invalid filter" exception. Beware
-    #              possibilities for surprised clients getting a broader result
-    #              set than expected, since a constraint may have been ignored.
-    #
     # Filtering is currently limited and searching within e.g. arrays of data
     # is not supported; only simple top-level keys can be mapped.
     #
@@ -418,11 +406,8 @@ module Scimitar
         def from_scim_patch!(patch_hash:)
           frozen_ci_patch_hash = patch_hash.with_indifferent_case_insensitive_access().freeze()
           ci_scim_hash         = self.to_scim(location: '(unused)').as_json().with_indifferent_case_insensitive_access()
-          operations           = frozen_ci_patch_hash['operations']
-
-          raise Scimitar::InvalidSyntaxError.new("Missing PATCH \"operations\"") unless operations
 
-          operations.each do |operation|
+          frozen_ci_patch_hash['operations'].each do |operation|
             nature   = operation['op'   ]&.downcase
             path_str = operation['path' ]
             value    = operation['value']
@@ -458,30 +443,9 @@ module Scimitar
               ci_scim_hash = { 'root' => ci_scim_hash }.with_indifferent_case_insensitive_access()
             end
 
-            # Handle extension schema. Contributed by @bettysteger and
-            # @MorrisFreeman via:
-            #
-            #   https://github.com/RIPAGlobal/scimitar/issues/48
-            #   https://github.com/RIPAGlobal/scimitar/pull/49
-            #
-            # Note the ":" separating the schema ID (URN) from the attribute.
-            # The nature of JSON rendering / other payloads might lead you to
-            # expect a "." as with any complex types, but that's not the case;
-            # see https://tools.ietf.org/html/rfc7644#section-3.10, or
-            # https://tools.ietf.org/html/rfc7644#section-3.5.2 of which in
-            # particular, https://tools.ietf.org/html/rfc7644#page-35.
-            #
-            paths = []
-            self.class.scim_resource_type.extended_schemas.each do |schema|
-              path_str.downcase.split(schema.id.downcase + ':').drop(1).each do |path|
-                paths += [schema.id] + path.split('.')
-              end
-            end
-            paths = path_str.split('.') if paths.empty?
-
             self.from_patch_backend!(
               nature:        nature,
-              path:          paths,
+              path:          (path_str || '').split('.'),
               value:         value,
               altering_hash: ci_scim_hash
             )
@@ -652,19 +616,7 @@ module Scimitar
                 attrs_map_or_leaf_value.each do | scim_attribute, sub_attrs_map_or_leaf_value |
                   next if scim_attribute&.to_s&.downcase == 'id' && path.empty?
 
-                  # Handle extension schema. Contributed by @bettysteger and
-                  # @MorrisFreeman via:
-                  #
-                  #   https://github.com/RIPAGlobal/scimitar/issues/48
-                  #   https://github.com/RIPAGlobal/scimitar/pull/49
-                  #
-                  attribute_tree = []
-                  resource_class.extended_schemas.each do |schema|
-                    attribute_tree << schema.id and break if schema.scim_attributes.any? { |attribute| attribute.name == scim_attribute.to_s }
-                  end
-                  attribute_tree << scim_attribute.to_s
-
-                  sub_scim_hash_or_leaf_value = scim_hash_or_leaf_value&.dig(*attribute_tree)
+                  sub_scim_hash_or_leaf_value = scim_hash_or_leaf_value&.dig(scim_attribute.to_s)
 
                   self.from_scim_backend!(
                     attrs_map_or_leaf_value: sub_attrs_map_or_leaf_value,
@@ -949,89 +901,10 @@ module Scimitar
                   else
                     altering_hash[path_component] = value
                   end
-
                 when 'replace'
-                  if path_component == 'root'
-                    dot_pathed_value = value.inject({}) do |hash, (k, v)|
-                      hash.deep_merge!(::Scimitar::Support::Utilities.dot_path(k.split('.'), v))
-                    end
-                    altering_hash[path_component].deep_merge!(dot_pathed_value)
-                  else
-                    altering_hash[path_component] = value
-                  end
-
-                # The array check handles payloads seen from e.g. Microsoft for
-                # remove-user-from-group, where contrary to examples in the RFC
-                # which would imply "payload removes all users", there is the
-                # clear intent to remove just one.
-                #
-                # https://tools.ietf.org/html/rfc7644#section-3.5.2.2
-                # https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#update-group-remove-members
-                #
-                # Since remove-all in the face of remove-one is destructive, we
-                # do a special check here to see if there's an array value for
-                # the array path that the payload yielded. If so, we can match
-                # each value against array items and remove just those items.
-                #
-                # There is an additional special case to handle a bad example
-                # from Salesforce:
-                #
-                #   https://help.salesforce.com/s/articleView?id=sf.identity_scim_manage_groups.htm&type=5
-                #
+                  altering_hash[path_component] = value
                 when 'remove'
-                  if altering_hash[path_component].is_a?(Array) && value.present?
-
-                    # Handle bad Salesforce example. That might be simply a
-                    # documentation error, but just in case...
-                    #
-                    value = value.values.first if (
-                      path_component&.downcase == 'members' &&
-                      value.is_a?(Hash)                     &&
-                      value.keys.size == 1                  &&
-                      value.keys.first&.downcase == 'members'
-                    )
-
-                    # The Microsoft example provides an array of values, but we
-                    # may as well cope with a value specified 'flat'. Promote
-                    # such a thing to an Array to simplify the following code.
-                    #
-                    value = [value] unless value.is_a?(Array)
-
-                    # For each value item, delete matching array entries. The
-                    # concept of "matching" is:
-                    #
-                    # * For simple non-Hash values (if possible) just delete on
-                    #   an exact match
-                    #
-                    # * For Hash-based values, only delete if all 'patch' keys
-                    #   are present in the resource and all values thus match.
-                    #
-                    # Special case to ignore '$ref' from the Microsoft payload.
-                    #
-                    # Note coercion to strings to account for SCIM vs the usual
-                    # tricky case of underlying implementations with (say)
-                    # integer primary keys, which all end up as strings anyway.
-                    #
-                    value.each do | value_item |
-                      altering_hash[path_component].delete_if do | item |
-                        if item.is_a?(Hash) && value_item.is_a?(Hash)
-                          matched_all = true
-                          value_item.each do | value_key, value_value |
-                            next if value_key == '$ref'
-                            if ! item.key?(value_key) || item[value_key]&.to_s != value_value&.to_s
-                              matched_all = false
-                            end
-                          end
-                          matched_all
-                        else
-                          item&.to_s == value_item&.to_s
-                        end
-                      end
-                    end
-                  else
-                    altering_hash.delete(path_component)
-                  end
-
+                  altering_hash.delete(path_component)
               end
             end
           end

data/app/models/scimitar/schema/address.rb

@@ -10,7 +10,6 @@ module Scimitar
       def self.scim_attributes
         @scim_attributes ||= [
           Attribute.new(name: 'type',          type: 'string'),
-          Attribute.new(name: 'primary',       type: 'boolean'),
           Attribute.new(name: 'formatted',     type: 'string'),
           Attribute.new(name: 'streetAddress', type: 'string'),
           Attribute.new(name: 'locality',      type: 'string'),

data/app/models/scimitar/schema/attribute.rb

@@ -93,23 +93,14 @@ module Scimitar
       end
 
       def valid_simple_type?(value)
-        if multiValued
-          valid = value.is_a?(Array) && value.all? { |v| simple_type?(v) }
-          errors.add(self.name, "or one of its elements has the wrong type. It has to be an array of #{self.type}s.") unless valid
-        else
-          valid = simple_type?(value)
-          errors.add(self.name, "has the wrong type. It has to be a(n) #{self.type}.") unless valid
-        end
+        valid = (type == 'string' && value.is_a?(String)) ||
+          (type == 'boolean' && (value.is_a?(TrueClass) || value.is_a?(FalseClass))) ||
+          (type == 'integer' && (value.is_a?(Integer))) ||
+          (type == 'dateTime' && valid_date_time?(value))
+        errors.add(self.name, "has the wrong type. It has to be a(n) #{self.type}.") unless valid
         valid
       end
 
-      def simple_type?(value)
-        (type == 'string' && value.is_a?(String)) ||
-        (type == 'boolean' && (value.is_a?(TrueClass) || value.is_a?(FalseClass))) ||
-        (type == 'integer' && (value.is_a?(Integer))) ||
-        (type == 'dateTime' && valid_date_time?(value))
-      end
-
       def valid_date_time?(value)
         !!Time.iso8601(value)
       rescue ArgumentError

data/app/models/scimitar/schema/base.rb

@@ -13,7 +13,7 @@ module Scimitar
 
       # Converts the schema to its json representation that will be returned by /SCHEMAS end-point of a SCIM service provider.
       def as_json(options = {})
-        @meta.location ||= Scimitar::Engine.routes.url_helpers.scim_schemas_path(name: id)
+        @meta.location = Scimitar::Engine.routes.url_helpers.scim_schemas_path(name: id)
         original = super
         original.merge('attributes' => original.delete('scim_attributes'))
       end

data/app/models/scimitar/schema/vdtp.rb

@@ -7,7 +7,7 @@ module Scimitar
     class Vdtp < Base
       def self.scim_attributes
         @scim_attributes ||= [
-          Attribute.new(name: 'value',   type: 'string', required: Scimitar.engine_configuration.optional_value_fields_required),
+          Attribute.new(name: 'value',   type: 'string', required: true),
           Attribute.new(name: 'display', type: 'string', mutability: 'readOnly'),
           Attribute.new(name: 'type',    type: 'string'),
           Attribute.new(name: 'primary', type: 'boolean'),

data/app/models/scimitar/service_provider_configuration.rb

@@ -9,22 +9,11 @@ module Scimitar
   class ServiceProviderConfiguration
     include ActiveModel::Model
 
-    attr_accessor(
-      :uses_defaults,
-      :patch,
-      :bulk,
-      :filter,
-      :changePassword,
-      :sort,
-      :etag,
-      :authenticationSchemes,
-      :schemas,
-      :meta,
-    )
+    attr_accessor :patch, :bulk, :filter, :changePassword,
+      :sort, :etag, :authenticationSchemes,
+      :schemas, :meta
 
     def initialize(attributes = {})
-      @uses_defaults = attributes.empty?
-
       defaults = {
         bulk:           Supportable.unsupported,
         changePassword: Supportable.unsupported,

data/config/initializers/scimitar.rb

@@ -38,10 +38,9 @@ Rails.application.config.to_prepare do # (required for >= Rails 7 / Zeitwerk)
   Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
 
     # If you have filters you want to run for any Scimitar action/route, you
-    # can define them here. You can also override any shared controller methods
-    # here. For example, you might use a before-action to set up some
-    # multi-tenancy related state, skip Rails CSRF token verification, or
-    # customise how Scimitar generates URLs:
+    # can define them here. For example, you might use a before-action to set
+    # up some multi-tenancy related state, or skip Rails CSRF token
+    # verification. For example:
     #
     #     application_controller_mixin: Module.new do
     #       def self.included(base)
@@ -55,10 +54,6 @@ Rails.application.config.to_prepare do # (required for >= Rails 7 / Zeitwerk)
     #           prepend_before_action :setup_some_kind_of_multi_tenancy_data
     #         end
     #       end
-    #
-    #       def scim_schemas_url(options)
-    #         super(custom_param: 'value', **options)
-    #       end
     #     end, # ...other configuration entries might follow...
 
     # If you want to support username/password authentication:
@@ -86,26 +81,6 @@ Rails.application.config.to_prepare do # (required for >= Rails 7 / Zeitwerk)
     # Note that both basic and token authentication can be declared, with the
     # parameters in the inbound HTTP request determining which is invoked.
 
-    # Scimitar rescues certain error cases and exceptions, in order to return a
-    # JSON response to the API caller. If you want exceptions to also be
-    # reported to a third party system such as sentry.io or raygun.com, you can
-    # configure a Proc to do so. It is passed a Ruby exception subclass object.
-    # For example, a minimal sentry.io reporter might do this:
-    #
-    #     exception_reporter: Proc.new do | exception |
-    #       Sentry.capture_exception(exception)
-    #     end
-    #
-    # You will still need to configure your reporting system according to its
-    # documentation (e.g. via a Rails "config/initializers/<foo>.rb" file).
-
-    # Scimilar treats "VDTP" (Value, Display, Type, Primary) attribute values,
-    # used for e.g. e-mail addresses or phone numbers, as required by default.
-    # If you encounter a service which calls these with e.g. "null" value data,
-    # you can configure all values to be optional. You'll need to deal with
-    # whatever that means for you receiving system in your model code.
-    #
-    #     optional_value_fields_required: false
   })
 
 end

data/lib/scimitar/version.rb

@@ -3,11 +3,11 @@ module Scimitar
   # Gem version. If this changes, be sure to re-run "bundle install" or
   # "bundle update".
   #
-  VERSION = '1.8.1'
+  VERSION = '2.0.0'
 
   # Date for VERSION. If this changes, be sure to re-run "bundle install"
   # or "bundle update".
   #
-  DATE = '2024-01-16'
+  DATE = '2022-03-04'
 
 end

data/lib/scimitar.rb

@@ -1,13 +1,10 @@
 require 'scimitar/version'
 require 'scimitar/support/hash_with_indifferent_case_insensitive_access'
-require 'scimitar/support/utilities'
 require 'scimitar/engine'
 
 module Scimitar
   def self.service_provider_configuration=(custom_configuration)
-    if @service_provider_configuration.nil? || ! custom_configuration.uses_defaults
-      @service_provider_configuration = custom_configuration
-    end
+    @service_provider_configuration = custom_configuration
   end
 
   def self.service_provider_configuration(location:)
@@ -17,9 +14,7 @@ module Scimitar
   end
 
   def self.engine_configuration=(custom_configuration)
-    if @engine_configuration.nil? || ! custom_configuration.uses_defaults
-      @engine_configuration = custom_configuration
-    end
+    @engine_configuration = custom_configuration
   end
 
   def self.engine_configuration

data/spec/apps/dummy/app/controllers/mock_groups_controller.rb

@@ -1,4 +1,4 @@
-class MockGroupsController < Scimitar::ActiveRecordBackedResourcesController
+class MockUsersController < Scimitar::ActiveRecordBackedResourcesController
 
   protected
 

data/spec/apps/dummy/app/models/mock_group.rb

@@ -58,7 +58,7 @@ class MockGroup < ActiveRecord::Base
 
           case type.downcase
             when 'user'
-              MockUser.find_by_primary_key(id)
+              MockUser.find_by_id(id)
             when 'group'
               MockGroup.find_by_id(id)
             else

data/spec/apps/dummy/app/models/mock_user.rb

@@ -1,24 +1,18 @@
 class MockUser < ActiveRecord::Base
 
-  self.primary_key = :primary_key
-
   # ===========================================================================
   # TEST ATTRIBUTES - see db/migrate/20210304014602_create_mock_users.rb etc.
   # ===========================================================================
 
   READWRITE_ATTRS = %w{
-    primary_key
+    id
     scim_uid
     username
-    password
     first_name
     last_name
     work_email_address
     home_email_address
     work_phone_number
-    organization
-    department
-    mock_groups
   }
 
   has_and_belongs_to_many :mock_groups
@@ -44,10 +38,9 @@ class MockUser < ActiveRecord::Base
 
   def self.scim_attributes_map
     return {
-      id:         :primary_key,
+      id:         :id,
       externalId: :scim_uid,
       userName:   :username,
-      password:   :password,
       name:       {
         givenName:  :first_name,
         familyName: :last_name
@@ -89,23 +82,7 @@ class MockUser < ActiveRecord::Base
           }
         }
       ],
-      active: :is_active,
-
-      # Custom extension schema - see configuration in
-      # "spec/apps/dummy/config/initializers/scimitar.rb".
-      #
-      organization: :organization,
-      department:   :department,
-      userGroups: [
-        {
-          list:      :mock_groups,
-          find_with: ->(value) { MockGroup.find(value["value"]) },
-          using: {
-            value:   :id,
-            display: :display_name
-          }
-        }
-      ]
+      active: :is_active
     }
   end
 
@@ -115,16 +92,11 @@ class MockUser < ActiveRecord::Base
 
   def self.scim_queryable_attributes
     return {
-      'id'                => { column: :primary_key },
-      'externalId'        => { column: :scim_uid },
-      'meta.lastModified' => { column: :updated_at },
-      'name.givenName'    => { column: :first_name },
-      'name.familyName'   => { column: :last_name  },
-      'groups'            => { column: MockGroup.arel_table[:id] },
-      'groups.value'      => { column: MockGroup.arel_table[:id] },
-      'emails'            => { columns: [ :work_email_address, :home_email_address ] },
-      'emails.value'      => { columns: [ :work_email_address, :home_email_address ] },
-      'emails.type'       => { ignore: true } # We can't filter on that; it'll just search all e-mails
+      'name.givenName'  => { column: :first_name },
+      'name.familyName' => { column: :last_name  },
+      'emails'          => { columns: [ :work_email_address, :home_email_address ] },
+      'emails.value'    => { columns: [ :work_email_address, :home_email_address ] },
+      'emails.type'     => { ignore: true } # We can't filter on that; it'll just search all e-mails
     }
   end
 

data/spec/apps/dummy/config/application.rb

@@ -12,6 +12,7 @@ require 'scimitar'
 
 module Dummy
   class Application < Rails::Application
+    config.load_defaults 7.0
   end
 end
 

data/spec/apps/dummy/config/environments/test.rb

@@ -1,15 +1,38 @@
+require 'active_support/core_ext/integer/time'
+
 Rails.application.configure do
   config.cache_classes = true
   config.eager_load = false
-  config.serve_static_files = true
-  config.static_cache_control = 'public, max-age=3600'
-  config.consider_all_requests_local = true
 
-  config.action_dispatch.show_exceptions = false
+  # Configure public file server for tests with Cache-Control for performance.
+  config.public_file_server.enabled = true
+  config.public_file_server.headers = {
+    'Cache-Control' => "public, max-age=#{1.hour.to_i}"
+  }
 
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
+  config.cache_store = :null_store
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
   config.action_controller.allow_forgery_protection = false
 
-  config.active_support.test_order = :random
+  # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
+
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
+  # Raises error for missing translations.
+  config.i18n.raise_on_missing_translations = true
+
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
 end

data/spec/apps/dummy/config/initializers/scimitar.rb

@@ -1,67 +1,16 @@
 # Test app configuration.
 #
-# Note that as a result of https://github.com/RIPAGlobal/scimitar/issues/48,
-# tests include a custom extension of the core User schema. A shortcoming of
-# some of the code from which Scimitar was originally built is that those
-# extensions are done with class-level ivars, so it is largely impossible (or
-# at least, impractical in tests) to avoid polluting the core class itself
-# with the extension.
-#
-# All related schema tests are written with this in mind.
-#
-# Further, https://github.com/RIPAGlobal/scimitar/pull/54 fixed warning
-# messages in a way that worked on Rails 6+ but, for V1 Scimitar, it would
-# break existing working setups that didn't use the +to_prepare+ wrapper. Their
-# application configuration would be written *first* but then *overwritten* by
-# the default +to_prepare+ block in Scimitar itself, since that runs later. The
-# file below does *not* use +to_prepare+ in order to test the workaround that
-# was produced; it should work on all Ruby versions as-is.
-#
-Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
-
-  application_controller_mixin: Module.new do
-    def self.included(base)
-      base.class_eval do
-        def test_hook; end
-        before_action :test_hook
+Rails.application.config.to_prepare do
+  Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
+
+    application_controller_mixin: Module.new do
+      def self.included(base)
+        base.class_eval do
+          def test_hook; end
+          before_action :test_hook
+        end
       end
     end
 
-    def scim_schemas_url(options)
-      super(test: 1, **options)
-    end
-
-    def scim_resource_type_url(options)
-      super(test: 1, **options)
-    end
-  end
-
-})
-
-module ScimSchemaExtensions
-  module User
-    class Enterprise < Scimitar::Schema::Base
-      def initialize(options = {})
-        super(
-          name:            'ExtendedUser',
-          description:     'Enterprise extension for a User',
-          id:              self.class.id,
-          scim_attributes: self.class.scim_attributes
-        )
-      end
-
-      def self.id
-        'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User'
-      end
-
-      def self.scim_attributes
-        [
-          Scimitar::Schema::Attribute.new(name: 'organization', type: 'string'),
-          Scimitar::Schema::Attribute.new(name: 'department',   type: 'string')
-        ]
-      end
-    end
-  end
+  })
 end
-
-Scimitar::Resources::User.extend_schema ScimSchemaExtensions::User::Enterprise

data/spec/apps/dummy/config/routes.rb

@@ -6,38 +6,17 @@
 Rails.application.routes.draw do
   mount Scimitar::Engine, at: '/'
 
-  get    'Users',      to: 'mock_users#index'
-  get    'Users/:id',  to: 'mock_users#show'
-  post   'Users',      to: 'mock_users#create'
-  put    'Users/:id',  to: 'mock_users#replace'
-  patch  'Users/:id',  to: 'mock_users#update'
-  delete 'Users/:id',  to: 'mock_users#destroy'
+  get    'Users',     to: 'mock_users#index'
+  get    'Users/:id', to: 'mock_users#show'
+  post   'Users',     to: 'mock_users#create'
+  put    'Users/:id', to: 'mock_users#replace'
+  patch  'Users/:id', to: 'mock_users#update'
+  delete 'Users/:id', to: 'mock_users#destroy'
 
-  get    'Groups',     to: 'mock_groups#index'
-  get    'Groups/:id', to: 'mock_groups#show'
-  patch  'Groups/:id', to: 'mock_groups#update'
-
-  # For testing blocks passed to ActiveRecordBackedResourcesController#create,
-  # #update, #replace and #destroy.
+  # For testing blocks passed to ActiveRecordBackedResourcesController#destroy
   #
-  post   'CustomCreateUsers',      to: 'custom_create_mock_users#create'
-  patch  'CustomUpdateUsers/:id',  to: 'custom_update_mock_users#update'
-  put    'CustomReplaceUsers/:id', to: 'custom_replace_mock_users#replace'
   delete 'CustomDestroyUsers/:id', to: 'custom_destroy_mock_users#destroy'
 
-  # Needed because the auto-render of most of the above includes a 'url_for'
-  # call for a 'show' action, so we must include routes (implemented in the
-  # base class) for the "show" endpoint.
-  #
-  get  'CustomCreateUsers/:id',  to: 'custom_create_mock_users#show'
-  get  'CustomUpdateUsers/:id',  to: 'custom_update_mock_users#show'
-  get  'CustomReplaceUsers/:id', to: 'custom_replace_mock_users#show'
-
-  # For testing blocks passed to ActiveRecordBackedResourcesController#save!
-  #
-  post 'CustomSaveUsers',     to: 'custom_save_mock_users#create'
-  get  'CustomSaveUsers/:id', to: 'custom_save_mock_users#show'
-
   # For testing environment inside Scimitar::ApplicationController subclasses.
   #
   get  'CustomRequestVerifiers', to: 'custom_request_verifiers#index'