scimitar 1.8.2 → 1.10.0

data/lib/scimitar/engine.rb

@@ -1,15 +1,38 @@
+require 'rails/engine'
+
 module Scimitar
   class Engine < ::Rails::Engine
     isolate_namespace Scimitar
 
+    config.autoload_once_paths = %W(
+      #{root}/app/controllers
+      #{root}/app/models
+    )
+
     Mime::Type.register 'application/scim+json', :scim
 
     ActionDispatch::Request.parameter_parsers[Mime::Type.lookup('application/scim+json').symbol] = lambda do |body|
       JSON.parse(body)
     end
 
+    # Return an Array of all supported default and custom resource classes.
+    # See also :add_custom_resource and :set_default_resources.
+    #
     def self.resources
-      default_resources + custom_resources
+      self.default_resources() + self.custom_resources()
+    end
+
+    # Returns a flat array of instances of all resource schema included in the
+    # resource classes returned by ::resources.
+    #
+    def self.schemas
+      self.resources().map(&:schemas).flatten.uniq.map(&:new)
+    end
+
+    # Returns the list of custom resources, if any.
+    #
+    def self.custom_resources
+      @custom_resources ||= []
     end
 
     # Can be used to add a new resource type which is not provided by the gem.
@@ -30,7 +53,7 @@ module Scimitar
     #     Scimitar::Engine.add_custom_resource Scim::Resources::ShinyResource
     #
     def self.add_custom_resource(resource)
-      custom_resources << resource
+      self.custom_resources() << resource
     end
 
     # Resets the resource list to default. This is really only intended for use
@@ -40,23 +63,45 @@ module Scimitar
       @custom_resources = []
     end
 
-    # Returns the list of custom resources, if any.
-    #
-    def self.custom_resources
-      @custom_resources ||= []
-    end
-
-    # Returns the default resources added in this gem:
+    # Returns the default resources added in this gem - by default, these are:
     #
     # * Scimitar::Resources::User
     # * Scimitar::Resources::Group
     #
+    # ...but if an implementation does not e.g. support Group, it can
+    # be overridden via ::set_default_resources to help with service
+    # auto-discovery.
+    #
     def self.default_resources
-      [ Resources::User, Resources::Group ]
+      @standard_default_resources = [ Resources::User, Resources::Group ]
+      @default_resources        ||= @standard_default_resources.dup()
     end
 
-    def self.schemas
-      resources.map(&:schemas).flatten.uniq.map(&:new)
+    # Override the resources returned by ::default_resources.
+    #
+    # +resource_array+:: An Array containing one or both of
+    #                    Scimitar::Resources::User and/or
+    #                    Scimitar::Resources::Group, and nothing else.
+    #
+    def self.set_default_resources(resource_array)
+      self.default_resources()
+      unrecognised_resources = resource_array - @standard_default_resources
+
+      if unrecognised_resources.any?
+        raise "Scimitar::Engine::set_default_resources: Only #{@standard_default_resources.map(&:name).join(', ')} are supported"
+      elsif resource_array.empty?
+        raise 'Scimitar::Engine::set_default_resources: At least one resource must be given'
+      end
+
+      @default_resources = resource_array
+    end
+
+    # Resets the default resource list. This is really only intended for use
+    # during testing, to avoid one test polluting another.
+    #
+    def self.reset_default_resources
+      self.default_resources()
+      @default_resources = @standard_default_resources
     end
 
   end

data/lib/scimitar/support/utilities.rb

@@ -46,6 +46,66 @@ module Scimitar
           hash[array.shift()] = self.dot_path(array, value)
         end
       end
+
+      # Schema ID-aware splitter handling ":" or "." separators. Adapted from
+      # contribution by @bettysteger and @MorrisFreeman in:
+      #
+      #   https://github.com/RIPAGlobal/scimitar/issues/48
+      #   https://github.com/RIPAGlobal/scimitar/pull/49
+      #
+      # +schemas::   Array of extension schemas, e.g. a SCIM resource class'
+      #              <tt>scim_resource_type.extended_schemas</tt> value. The
+      #              Array should be empty if there are no extensions.
+      #
+      # +path_str+:: Path String, e.g. <tt>"password"</tt>, <tt>"name.givenName"</tt>,
+      #              <tt>"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"</tt> (special case),
+      #              <tt>"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization"</tt>
+      #              (if given a Symbol, it'll be converted to a String).
+      #
+      # Returns an array of components, e.g. <tt>["password"]</tt>, <tt>["name",
+      # "givenName"]</tt>,
+      # <tt>["urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"]</tt> (special case),
+      # <tt>["urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "organization"]</tt>.
+      #
+      # The called-out special case is for a schema ID without any appended
+      # path components, which is returned as a single element ID to aid in
+      # traversal particularly of things like PATCH requests. There, a "value"
+      # attribute might have a key string that's simply a schema ID, with an
+      # object beneath that's got attribute-name pairs, possibly nested, in a
+      # path-free payload.
+      #
+      def self.path_str_to_array(schemas, path_str)
+        path_str   = path_str.to_s
+        components = []
+
+        # Note the ":" separating the schema ID (URN) from the attribute.
+        # The nature of JSON rendering / other payloads might lead you to
+        # expect a "." as with any complex types, but that's not the case;
+        # see https://tools.ietf.org/html/rfc7644#section-3.10, or
+        # https://tools.ietf.org/html/rfc7644#section-3.5.2 of which in
+        # particular, https://tools.ietf.org/html/rfc7644#page-35.
+        #
+        if path_str.include?(':')
+          lower_case_path_str = path_str.downcase()
+
+          schemas.each do |schema|
+            lower_case_schema_id       = schema.id.downcase()
+            attributes_after_schema_id = lower_case_path_str.split(lower_case_schema_id + ':').drop(1)
+
+            if attributes_after_schema_id.empty?
+              components += [schema.id] if lower_case_path_str == lower_case_schema_id
+            else
+              attributes_after_schema_id.each do |component|
+                components += [schema.id] + component.split('.')
+              end
+            end
+          end
+        end
+
+        components = path_str.split('.') if components.empty?
+        return components
+      end
+
     end
   end
 end

data/lib/scimitar/version.rb

@@ -3,11 +3,11 @@ module Scimitar
   # Gem version. If this changes, be sure to re-run "bundle install" or
   # "bundle update".
   #
-  VERSION = '1.8.2'
+  VERSION = '1.10.0'
 
   # Date for VERSION. If this changes, be sure to re-run "bundle install"
   # or "bundle update".
   #
-  DATE = '2024-03-27'
+  DATE = '2024-06-27'
 
 end

data/spec/apps/dummy/app/models/mock_user.rb

@@ -18,6 +18,7 @@ class MockUser < ActiveRecord::Base
     work_phone_number
     organization
     department
+    manager
     mock_groups
   }
 
@@ -48,6 +49,7 @@ class MockUser < ActiveRecord::Base
       externalId: :scim_uid,
       userName:   :username,
       password:   :password,
+      active:     :is_active,
       name:       {
         givenName:  :first_name,
         familyName: :last_name
@@ -80,8 +82,11 @@ class MockUser < ActiveRecord::Base
           }
         },
       ],
-      groups: [ # NB read-only, so no :find_with key
+      groups: [
         {
+          # Read-only, so no :find_with key. There's no 'class' specified here
+          # either, to help test the "/Schemas" endpoint's reflection code.
+          #
           list:  :mock_groups,
           using: {
             value:   :id,
@@ -89,13 +94,16 @@ class MockUser < ActiveRecord::Base
           }
         }
       ],
-      active: :is_active,
 
       # Custom extension schema - see configuration in
       # "spec/apps/dummy/config/initializers/scimitar.rb".
       #
       organization: :organization,
       department:   :department,
+      primaryEmail: :scim_primary_email,
+
+      manager:      :manager,
+
       userGroups: [
         {
           list:      :mock_groups,
@@ -124,9 +132,16 @@ class MockUser < ActiveRecord::Base
       'groups.value'      => { column: MockGroup.arel_table[:id] },
       'emails'            => { columns: [ :work_email_address, :home_email_address ] },
       'emails.value'      => { columns: [ :work_email_address, :home_email_address ] },
-      'emails.type'       => { ignore: true } # We can't filter on that; it'll just search all e-mails
+      'emails.type'       => { ignore: true }, # We can't filter on that; it'll just search all e-mails
+      'primaryEmail'      => { column: :scim_primary_email },
     }
   end
 
+  # Custom attribute reader
+  #
+  def scim_primary_email
+    work_email_address
+  end
+
   include Scimitar::Resources::Mixin
 end

data/spec/apps/dummy/config/initializers/scimitar.rb

@@ -40,10 +40,13 @@ Scimitar.engine_configuration = Scimitar::EngineConfiguration.new({
 
 module ScimSchemaExtensions
   module User
+
+    # This "looks like" part of the standard Enterprise extension.
+    #
     class Enterprise < Scimitar::Schema::Base
       def initialize(options = {})
         super(
-          name:            'ExtendedUser',
+          name:            'EnterpriseExtendedUser',
           description:     'Enterprise extension for a User',
           id:              self.class.id,
           scim_attributes: self.class.scim_attributes
@@ -57,7 +60,32 @@ module ScimSchemaExtensions
       def self.scim_attributes
         [
           Scimitar::Schema::Attribute.new(name: 'organization', type: 'string'),
-          Scimitar::Schema::Attribute.new(name: 'department',   type: 'string')
+          Scimitar::Schema::Attribute.new(name: 'department',   type: 'string'),
+          Scimitar::Schema::Attribute.new(name: 'primaryEmail', type: 'string'),
+        ]
+      end
+    end
+
+    # In https://github.com/RIPAGlobal/scimitar/issues/122 we learn that with
+    # more than one extension, things can go wrong - so now we test with two.
+    #
+    class Manager < Scimitar::Schema::Base
+      def initialize(options = {})
+        super(
+          name:            'ManagementExtendedUser',
+          description:     'Management extension for a User',
+          id:              self.class.id,
+          scim_attributes: self.class.scim_attributes
+        )
+      end
+
+      def self.id
+        'urn:ietf:params:scim:schemas:extension:manager:1.0:User'
+      end
+
+      def self.scim_attributes
+        [
+          Scimitar::Schema::Attribute.new(name: 'manager', type: 'string')
         ]
       end
     end
@@ -65,3 +93,4 @@ module ScimSchemaExtensions
 end
 
 Scimitar::Resources::User.extend_schema ScimSchemaExtensions::User::Enterprise
+Scimitar::Resources::User.extend_schema ScimSchemaExtensions::User::Manager

data/spec/apps/dummy/db/migrate/20210304014602_create_mock_users.rb

@@ -19,6 +19,7 @@ class CreateMockUsers < ActiveRecord::Migration[6.1]
       #
       t.text :organization
       t.text :department
+      t.text :manager
     end
   end
 end

data/spec/apps/dummy/db/schema.rb

@@ -42,6 +42,7 @@ ActiveRecord::Schema.define(version: 2021_03_08_044214) do
     t.text "work_phone_number"
     t.text "organization"
     t.text "department"
+    t.text "manager"
   end
 
   add_foreign_key "mock_groups_users", "mock_groups"