scimitar 2.3.0 → 2.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/app/models/scimitar/resources/mixin.rb +108 -3
  3. data/lib/scimitar/version.rb +2 -2
  4. data/spec/apps/dummy/app/models/mock_user.rb +9 -1
  5. data/spec/apps/dummy/config/initializers/scimitar.rb +37 -0
  6. data/spec/apps/dummy/config/routes.rb +1 -0
  7. data/spec/apps/dummy/db/migrate/20210304014602_create_mock_users.rb +8 -0
  8. data/spec/apps/dummy/db/schema.rb +2 -0
  9. data/spec/controllers/scimitar/schemas_controller_spec.rb +2 -2
  10. data/spec/models/scimitar/resources/base_spec.rb +161 -66
  11. data/spec/models/scimitar/resources/mixin_spec.rb +673 -5
  12. data/spec/requests/active_record_backed_resources_controller_spec.rb +136 -0
  13. metadata +10 -10
data/spec/requests/active_record_backed_resources_controller_spec.rb CHANGED
@@ -691,6 +691,142 @@ RSpec.describe Scimitar::ActiveRecordBackedResourcesController do
691
691
  result = JSON.parse(response.body)
692
692
  expect(result['status']).to eql('404')
693
693
  end
694
+
695
+ context 'when removing users from groups' do
696
+ before :each do
697
+ @g1.mock_users << @u1
698
+ @g1.mock_users << @u2
699
+ @g1.mock_users << @u3
700
+
701
+ # (Self-check) Verify group representation
702
+ #
703
+ get "/Groups/#{@g1.id}", params: { format: :scim }
704
+
705
+ expect(response.status).to eql(200)
706
+ result = JSON.parse(response.body)
707
+
708
+ expect(result['members'].map { |m| m['value'] }.sort()).to eql(MockUser.pluck(:primary_key).sort())
709
+ end
710
+
711
+ it 'can remove all users' do
712
+ expect {
713
+ expect {
714
+ patch "/Groups/#{@g1.id}", params: {
715
+ format: :scim,
716
+ Operations: [
717
+ {
718
+ op: 'remove',
719
+ path: 'members'
720
+ }
721
+ ]
722
+ }
723
+ }.to_not change { MockUser.count }
724
+ }.to_not change { MockGroup.count }
725
+
726
+ get "/Groups/#{@g1.id}", params: { format: :scim }
727
+
728
+ expect(response.status).to eql(200)
729
+ result = JSON.parse(response.body)
730
+
731
+ expect(result['members']).to be_empty
732
+ expect(@g1.reload().mock_users).to be_empty
733
+ end
734
+
735
+ # Define via 'let':
736
+ #
737
+ # * Hash 'payload', to send via 'patch'
738
+ # * MockUser 'removed_user', which is the user that should be removed
739
+ #
740
+ shared_examples 'a user remover' do
741
+ it 'which removes the identified user' do
742
+ expect {
743
+ expect {
744
+ patch "/Groups/#{@g1.id}", params: payload()
745
+ }.to_not change { MockUser.count }
746
+ }.to_not change { MockGroup.count }
747
+
748
+ expected_remaining_user_ids = MockUser
749
+ .where.not(primary_key: removed_user().id)
750
+ .pluck(:primary_key)
751
+ .sort()
752
+
753
+ get "/Groups/#{@g1.id}", params: { format: :scim }
754
+
755
+ expect(response.status).to eql(200)
756
+ result = JSON.parse(response.body)
757
+
758
+ expect(result['members'].map { |m| m['value'] }.sort()).to eql(expected_remaining_user_ids)
759
+ expect(@g1.reload().mock_users.map(&:primary_key).sort()).to eql(expected_remaining_user_ids)
760
+ end
761
+ end
762
+
763
+ # https://tools.ietf.org/html/rfc7644#section-3.5.2.2
764
+ #
765
+ context 'and using an RFC-compliant payload' do
766
+ let(:removed_user) { @u2 }
767
+ let(:payload) do
768
+ {
769
+ format: :scim,
770
+ Operations: [
771
+ {
772
+ op: 'remove',
773
+ path: "members[value eq \"#{removed_user().primary_key}\"]",
774
+ }
775
+ ]
776
+ }
777
+ end
778
+
779
+ it_behaves_like 'a user remover'
780
+ end # context 'and using an RFC-compliant payload' do
781
+
782
+ # https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#update-group-remove-members
783
+ #
784
+ context 'and using a Microsoft variant payload' do
785
+ let(:removed_user) { @u2 }
786
+ let(:payload) do
787
+ {
788
+ format: :scim,
789
+ Operations: [
790
+ {
791
+ op: 'remove',
792
+ path: 'members',
793
+ value: [{
794
+ '$ref' => nil,
795
+ 'value' => removed_user().primary_key
796
+ }]
797
+ }
798
+ ]
799
+ }
800
+ end
801
+
802
+ it_behaves_like 'a user remover'
803
+ end # context 'and using a Microsoft variant payload' do
804
+
805
+ # https://help.salesforce.com/s/articleView?id=sf.identity_scim_manage_groups.htm&type=5
806
+ #
807
+ context 'and using a Salesforce variant payload' do
808
+ let(:removed_user) { @u2 }
809
+ let(:payload) do
810
+ {
811
+ format: :scim,
812
+ Operations: [
813
+ {
814
+ op: 'remove',
815
+ path: 'members',
816
+ value: {
817
+ 'members' => [{
818
+ '$ref' => nil,
819
+ 'value' => removed_user().primary_key
820
+ }]
821
+ }
822
+ }
823
+ ]
824
+ }
825
+ end
826
+
827
+ it_behaves_like 'a user remover'
828
+ end # context 'and using a Salesforce variant payload' do
829
+ end # "context 'when removing users from groups' do"
694
830
  end # "context '#update' do"
695
831
 
696
832
  # ===========================================================================
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: scimitar
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.0
4
+ version: 2.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - RIPA Global
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2023-01-17 00:00:00.000000000 Z
12
+ date: 2023-03-02 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -45,14 +45,14 @@ dependencies:
45
45
  requirements:
46
46
  - - "~>"
47
47
  - !ruby/object:Gem::Version
48
- version: '1.3'
48
+ version: '1.4'
49
49
  type: :development
50
50
  prerelease: false
51
51
  version_requirements: !ruby/object:Gem::Requirement
52
52
  requirements:
53
53
  - - "~>"
54
54
  - !ruby/object:Gem::Version
55
- version: '1.3'
55
+ version: '1.4'
56
56
  - !ruby/object:Gem::Dependency
57
57
  name: simplecov-rcov
58
58
  requirement: !ruby/object:Gem::Requirement
@@ -73,28 +73,28 @@ dependencies:
73
73
  requirements:
74
74
  - - "~>"
75
75
  - !ruby/object:Gem::Version
76
- version: '6.4'
76
+ version: '6.5'
77
77
  type: :development
78
78
  prerelease: false
79
79
  version_requirements: !ruby/object:Gem::Requirement
80
80
  requirements:
81
81
  - - "~>"
82
82
  - !ruby/object:Gem::Version
83
- version: '6.4'
83
+ version: '6.5'
84
84
  - !ruby/object:Gem::Dependency
85
85
  name: rspec-rails
86
86
  requirement: !ruby/object:Gem::Requirement
87
87
  requirements:
88
88
  - - "~>"
89
89
  - !ruby/object:Gem::Version
90
- version: '5.1'
90
+ version: '6.0'
91
91
  type: :development
92
92
  prerelease: false
93
93
  version_requirements: !ruby/object:Gem::Requirement
94
94
  requirements:
95
95
  - - "~>"
96
96
  - !ruby/object:Gem::Version
97
- version: '5.1'
97
+ version: '6.0'
98
98
  - !ruby/object:Gem::Dependency
99
99
  name: byebug
100
100
  requirement: !ruby/object:Gem::Requirement
@@ -115,14 +115,14 @@ dependencies:
115
115
  requirements:
116
116
  - - "~>"
117
117
  - !ruby/object:Gem::Version
118
- version: '1.2'
118
+ version: '1.3'
119
119
  type: :development
120
120
  prerelease: false
121
121
  version_requirements: !ruby/object:Gem::Requirement
122
122
  requirements:
123
123
  - - "~>"
124
124
  - !ruby/object:Gem::Version
125
- version: '1.2'
125
+ version: '1.3'
126
126
  description: SCIM v2 support for Users and Groups in Ruby On Rails
127
127
  email:
128
128
  - dev@ripaglobal.com