scimitar 2.7.2 → 2.7.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6898633f866963ccaacd5f16120a957f698e2e1aacd51b985c483616fe5c49d5
-  data.tar.gz: d24f2017fab7ae3432c21d5eacb281fa8cd1ac3b43a25756ccbf105a426bf85f
+  metadata.gz: 7524696efa05186edcbba9876a3309d3c8a8d51772e3ac0a009a9e83d8f25d16
+  data.tar.gz: e6cad46dc8754981f1d85cc9bcc98f73f9edddfa0d0386497b710acd11ad666c
 SHA512:
-  metadata.gz: cefe2b8fb441822a751ba93d54b43dc6e75281cc707095f3880c9927d413d310dbcb0676405499f46e641cb767a6d50d3d03b9a0d1b6d1218fbd59e3c036caba
-  data.tar.gz: 34bc849312df18601c49df4f7e9019ed258b74bb84a002309a5d33b8119c4776edfb1e7cbacdcebbc92533b9cf63586c33631ac505ca1bb17bc859a9d1a65078
+  metadata.gz: d040bbf693140f5e62dea569d02d977cb5fd966d2464c0a722bea449428de097901471a2f4b0c2380cf935c424195336d7eed4f469a8ebd019d4277dbe90c629
+  data.tar.gz: 15616cedc7fffc3df69dcc1b2f35e9bd3c5408e12f8cccd536d724ce2925c72e4aa9a8f63732135ba3a71d23438dc02e8835978ff37977722cd23cab63c1ee28

data/app/models/scimitar/resources/mixin.rb

@@ -483,26 +483,14 @@ module Scimitar
               ci_scim_hash = { 'root' => ci_scim_hash }.with_indifferent_case_insensitive_access()
             end
 
-            # Handle extension schema. Contributed by @bettysteger and
-            # @MorrisFreeman via:
+            # Split the path into an array of path components, in a way
+            # which is aware of extension schemas. See documentation of
+            # Scimitar::Support::Utilities.path_str_to_array for details.
             #
-            #   https://github.com/RIPAGlobal/scimitar/issues/48
-            #   https://github.com/RIPAGlobal/scimitar/pull/49
-            #
-            # Note the ":" separating the schema ID (URN) from the attribute.
-            # The nature of JSON rendering / other payloads might lead you to
-            # expect a "." as with any complex types, but that's not the case;
-            # see https://tools.ietf.org/html/rfc7644#section-3.10, or
-            # https://tools.ietf.org/html/rfc7644#section-3.5.2 of which in
-            # particular, https://tools.ietf.org/html/rfc7644#page-35.
-            #
-            paths = []
-            self.class.scim_resource_type.extended_schemas.each do |schema|
-              path_str.downcase.split(schema.id.downcase + ':').drop(1).each do |path|
-                paths += [schema.id] + path.split('.')
-              end
-            end
-            paths = path_str.split('.') if paths.empty?
+            paths = ::Scimitar::Support::Utilities.path_str_to_array(
+              self.class.scim_resource_type.extended_schemas,
+              path_str
+            )
 
             self.from_patch_backend!(
               nature:        nature,
@@ -740,9 +728,17 @@ module Scimitar
                   #   https://github.com/RIPAGlobal/scimitar/issues/48
                   #   https://github.com/RIPAGlobal/scimitar/pull/49
                   #
+                  # Note the shortcoming that attribute names within extensions
+                  # must be unique, as this mechanism basically just pulls out
+                  # extension attributes to the top level, losing what amounts
+                  # to the namespace that the extension schema ID provides.
+                  #
                   attribute_tree = []
                   resource_class.extended_schemas.each do |schema|
-                    attribute_tree << schema.id and break if schema.scim_attributes.any? { |attribute| attribute.name == scim_attribute.to_s }
+                    if schema.scim_attributes.any? { |attribute| attribute.name == scim_attribute.to_s }
+                      attribute_tree << schema.id
+                      break # NOTE EARLY LOOP EXIT
+                    end
                   end
                   attribute_tree << scim_attribute.to_s
 
@@ -950,7 +946,11 @@ module Scimitar
             end
 
             found_data_for_recursion.each do | found_data |
-              attr_map = with_attr_map[path_component.to_sym]
+              attr_map = if path_component.to_sym == :root
+                with_attr_map
+              else
+                with_attr_map[path_component.to_sym]
+              end
 
               # Static array mappings need us to find the right map entry that
               # corresponds to the SCIM data at hand and recurse back into the
@@ -1091,9 +1091,27 @@ module Scimitar
                     # at key 'members' with the above, rather than adding.
                     #
                     value.keys.each do | key |
+
+                      # Handle the Azure (Entra) case where keys might use
+                      # dotted paths - see:
+                      #
+                      #   https://github.com/RIPAGlobal/scimitar/issues/123
+                      #
+                      # ...along with keys containing schema IDs - see:
+                      #
+                      #   https://is.docs.wso2.com/en/next/apis/scim2-patch-operations/#add-user-attributes
+                      #
+                      # ...and scroll down to example 3 of "Complex singular
+                      # attributes".
+                      #
+                      subpaths = ::Scimitar::Support::Utilities.path_str_to_array(
+                        self.class.scim_resource_type.extended_schemas,
+                        key
+                      )
+
                       from_patch_backend!(
                         nature:        nature,
-                        path:          path + [key],
+                        path:          path + subpaths,
                         value:         value[key],
                         altering_hash: altering_hash,
                         with_attr_map: with_attr_map
@@ -1106,7 +1124,12 @@ module Scimitar
                 when 'replace'
                   if path_component == 'root'
                     dot_pathed_value = value.inject({}) do |hash, (k, v)|
-                      hash.deep_merge!(::Scimitar::Support::Utilities.dot_path(k.split('.'), v))
+                      subpaths = ::Scimitar::Support::Utilities.path_str_to_array(
+                        self.class.scim_resource_type.extended_schemas,
+                        k
+                      )
+
+                      hash.deep_merge!(::Scimitar::Support::Utilities.dot_path(subpaths, v))
                     end
 
                     altering_hash[path_component].deep_merge!(dot_pathed_value)

data/lib/scimitar/support/utilities.rb

@@ -46,6 +46,61 @@ module Scimitar
           hash[array.shift()] = self.dot_path(array, value)
         end
       end
+
+      # Schema ID-aware splitter handling ":" or "." separators. Adapted from
+      # contribution by @bettysteger and @MorrisFreeman in:
+      #
+      #   https://github.com/RIPAGlobal/scimitar/issues/48
+      #   https://github.com/RIPAGlobal/scimitar/pull/49
+      #
+      # +schemas::   Array of extension schemas, e.g. a SCIM resource class'
+      #              <tt>scim_resource_type.extended_schemas</tt> value. The
+      #              Array should be empty if there are no extensions.
+      #
+      # +path_str+:: Path string, e.g. <tt>"password"</tt>, <tt>"name.givenName"</tt>,
+      #              <tt>"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"</tt> (special case),
+      #              <tt>"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization"</tt>
+      #
+      # Returns an array of components, e.g. <tt>["password"]</tt>, <tt>["name",
+      # "givenName"]</tt>,
+      # <tt>["urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"]</tt> (special case),
+      # <tt>["urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "organization"]</tt>.
+      #
+      # The called-out special case is for a schema ID without any appended
+      # path components, which is returned as a single element ID to aid in
+      # traversal particularly of things like PATCH requests. There, a "value"
+      # attribute might have a key string that's simply a schema ID, with an
+      # object beneath that's got attribute-name pairs, possibly nested, in a
+      # path-free payload.
+      #
+      def self.path_str_to_array(schemas, path_str)
+        components = []
+
+        # Note the ":" separating the schema ID (URN) from the attribute.
+        # The nature of JSON rendering / other payloads might lead you to
+        # expect a "." as with any complex types, but that's not the case;
+        # see https://tools.ietf.org/html/rfc7644#section-3.10, or
+        # https://tools.ietf.org/html/rfc7644#section-3.5.2 of which in
+        # particular, https://tools.ietf.org/html/rfc7644#page-35.
+        #
+        if path_str.include?(':')
+          schemas.each do |schema|
+            attributes_after_schema_id = path_str.downcase.split(schema.id.downcase + ':').drop(1)
+
+            if attributes_after_schema_id.empty?
+              components += [schema.id]
+            else
+              attributes_after_schema_id.each do |component|
+                components += [schema.id] + component.split('.')
+              end
+            end
+          end
+        end
+
+        components = path_str.split('.') if components.empty?
+        return components
+      end
+
     end
   end
 end

data/lib/scimitar/version.rb

@@ -3,11 +3,11 @@ module Scimitar
   # Gem version. If this changes, be sure to re-run "bundle install" or
   # "bundle update".
   #
-  VERSION = '2.7.2'
+  VERSION = '2.7.3'
 
   # Date for VERSION. If this changes, be sure to re-run "bundle install"
   # or "bundle update".
   #
-  DATE = '2024-03-27'
+  DATE = '2024-06-11'
 
 end

data/spec/requests/active_record_backed_resources_controller_spec.rb

@@ -764,6 +764,106 @@ RSpec.describe Scimitar::ActiveRecordBackedResourcesController do
         expect(@u2.password).to eql('oldpassword')
       end
 
+      context 'which' do
+        shared_examples 'it handles not-to-spec in-value Azure/Entra dotted attribute paths' do | operation |
+          it "and performs operation" do
+            payload = {
+              Operations: [
+                {
+                  op: 'add',
+                  value: {
+                    'name.givenName'  => 'Foo!',
+                    'name.familyName' => 'Bar!',
+                    'name.formatted'  => 'Foo! Bar!' # Unrecognised; should be ignored
+                  },
+                },
+              ]
+            }
+
+            payload = spec_helper_hupcase(payload) if force_upper_case
+            patch "/Users/#{@u2.primary_key}", params: payload.merge(format: :scim)
+
+            expect(response.status                 ).to eql(200)
+            expect(response.headers['Content-Type']).to eql('application/scim+json; charset=utf-8')
+
+            @u2.reload
+            result = JSON.parse(response.body)
+
+            expect(@u2.first_name).to eql('Foo!')
+            expect(@u2.last_name ).to eql('Bar!')
+          end
+        end
+
+        it_behaves_like 'it handles not-to-spec in-value Azure/Entra dotted attribute paths', 'add'
+        it_behaves_like 'it handles not-to-spec in-value Azure/Entra dotted attribute paths', 'replace'
+
+        shared_examples 'it handles schema ID value keys without inline attributes' do | operation |
+          it "and performs operation" do
+            payload = {
+              Operations: [
+                {
+                  op: operation,
+                  value: {
+                    'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User': {
+                      'organization' => 'Foo Bar!',
+                      'department'   => 'Bar Foo!'
+                    },
+                  },
+                },
+              ]
+            }
+
+            @u2.update!(organization: 'Old org')
+            payload = spec_helper_hupcase(payload) if force_upper_case
+            patch "/Users/#{@u2.primary_key}", params: payload.merge(format: :scim)
+
+            expect(response.status                 ).to eql(200)
+            expect(response.headers['Content-Type']).to eql('application/scim+json; charset=utf-8')
+
+            @u2.reload
+            result = JSON.parse(response.body)
+
+            expect(@u2.organization).to eql('Foo Bar!')
+            expect(@u2.department  ).to eql('Bar Foo!')
+          end
+        end
+
+        it_behaves_like 'it handles schema ID value keys without inline attributes', 'add'
+        it_behaves_like 'it handles schema ID value keys without inline attributes', 'replace'
+
+        shared_examples 'it handles schema ID value keys with inline attributes' do
+          it "and performs operation" do
+            payload = {
+              Operations: [
+                {
+                  op: 'add',
+                  value: {
+                    'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization' => 'Foo Bar!',
+                    'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department'   => 'Bar Foo!'
+                  },
+                },
+              ]
+            }
+
+            @u2.update!(organization: 'Old org')
+            payload = spec_helper_hupcase(payload) if force_upper_case
+            patch "/Users/#{@u2.primary_key}", params: payload.merge(format: :scim)
+
+            expect(response.status                 ).to eql(200)
+            expect(response.headers['Content-Type']).to eql('application/scim+json; charset=utf-8')
+
+            @u2.reload
+            result = JSON.parse(response.body)
+
+            expect(@u2.organization).to eql('Foo Bar!')
+            expect(@u2.department  ).to eql('Bar Foo!')
+          end
+        end
+
+        it_behaves_like 'it handles schema ID value keys with inline attributes', 'add'
+        it_behaves_like 'it handles schema ID value keys with inline attributes', 'replace'
+      end
+
       it 'which patches "returned: \'never\'" fields' do
         payload = {
           Operations: [

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: scimitar
 version: !ruby/object:Gem::Version
-  version: 2.7.2
+  version: 2.7.3
 platform: ruby
 authors:
 - RIPA Global
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-27 00:00:00.000000000 Z
+date: 2024-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails