scimitar 2.9.0 → 2.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.txt +1 -1
- data/README.md +2 -2
- data/app/controllers/scimitar/application_controller.rb +4 -5
- data/app/controllers/scimitar/resource_types_controller.rb +7 -1
- data/app/controllers/scimitar/schemas_controller.rb +1 -1
- data/app/models/scimitar/lists/query_parser.rb +10 -10
- data/app/models/scimitar/resource_type.rb +4 -6
- data/app/models/scimitar/resources/base.rb +1 -1
- data/app/models/scimitar/resources/mixin.rb +6 -6
- data/app/models/scimitar/schema/base.rb +1 -1
- data/lib/scimitar/engine.rb +2 -2
- data/lib/scimitar/version.rb +2 -2
- data/spec/controllers/scimitar/resource_types_controller_spec.rb +8 -4
- data/spec/models/scimitar/resources/mixin_spec.rb +1 -1
- data/spec/requests/engine_spec.rb +6 -6
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f2e3306d8e05674efa4a53f63e833304623187a3191ecd6ef5685ac03a3ae8a7
|
|
4
|
+
data.tar.gz: 346c86fe3728208d6e4afb6a2d684a2b46de6326549d1b5d3b1e96622f220dd4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 723b88d08085f32e36caca03eceeee22c6653fb9b8fcbe94aa7c35aa6ae37f1de59fef29201ea42a00b4ec01540c3d77375c5d55ea07be4cee1447cdb3cc5e9f
|
|
7
|
+
data.tar.gz: 00e7ced581373571d0f086a0df9f18334b7b73ae6078ecd095edbfd2b5d7f5c6181515074bbbd49be3c8819531dbad9affa782a7f5087dec7d51a371c79646ea
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -321,7 +321,7 @@ end
|
|
|
321
321
|
|
|
322
322
|
#### Other source types
|
|
323
323
|
|
|
324
|
-
If you do _not_ use ActiveRecord to store data, or if you have very esoteric read-write requirements, you can subclass [`
|
|
324
|
+
If you do _not_ use ActiveRecord to store data, or if you have very esoteric read-write requirements, you can subclass [`Scimitar::ResourcesController`](https://www.rubydoc.info/gems/scimitar/Scimitar/ResourcesController) in a manner similar to this:
|
|
325
325
|
|
|
326
326
|
```ruby
|
|
327
327
|
class UsersController < Scimitar::ResourcesController
|
|
@@ -594,7 +594,7 @@ By default, Scimitar advertises (via things like [the `/Schemas` endpoint](https
|
|
|
594
594
|
|
|
595
595
|
```ruby
|
|
596
596
|
Rails.application.config.to_prepare do
|
|
597
|
-
Scimitar::Engine
|
|
597
|
+
Scimitar::Engine.set_default_resources([Scimitar::Resources::User])
|
|
598
598
|
# ...other Scimitar configuration / initialisation code...
|
|
599
599
|
end
|
|
600
600
|
```
|
|
@@ -9,10 +9,6 @@ module Scimitar
|
|
|
9
9
|
before_action :add_mandatory_response_headers
|
|
10
10
|
before_action :authenticate
|
|
11
11
|
|
|
12
|
-
if Scimitar.engine_configuration.application_controller_mixin
|
|
13
|
-
include Scimitar.engine_configuration.application_controller_mixin
|
|
14
|
-
end
|
|
15
|
-
|
|
16
12
|
# =========================================================================
|
|
17
13
|
# PROTECTED INSTANCE METHODS
|
|
18
14
|
# =========================================================================
|
|
@@ -47,7 +43,7 @@ module Scimitar
|
|
|
47
43
|
#
|
|
48
44
|
# *exception+:: If a Ruby exception was the reason this method is being
|
|
49
45
|
# called, pass it here. Any configured exception reporting
|
|
50
|
-
# mechanism will be
|
|
46
|
+
# mechanism will be invoked with the given parameter.
|
|
51
47
|
# Otherwise, the +error_response+ value is reported.
|
|
52
48
|
#
|
|
53
49
|
def handle_scim_error(error_response, exception = error_response)
|
|
@@ -153,5 +149,8 @@ module Scimitar
|
|
|
153
149
|
return result
|
|
154
150
|
end
|
|
155
151
|
|
|
152
|
+
if Scimitar.engine_configuration.application_controller_mixin
|
|
153
|
+
include Scimitar.engine_configuration.application_controller_mixin
|
|
154
|
+
end
|
|
156
155
|
end
|
|
157
156
|
end
|
|
@@ -5,7 +5,13 @@ module Scimitar
|
|
|
5
5
|
resource.resource_type(scim_resource_type_url(name: resource.resource_type_id))
|
|
6
6
|
end
|
|
7
7
|
|
|
8
|
-
render json:
|
|
8
|
+
render json: {
|
|
9
|
+
schemas: [
|
|
10
|
+
'urn:ietf:params:scim:api:messages:2.0:ListResponse'
|
|
11
|
+
],
|
|
12
|
+
totalResults: resource_types.size,
|
|
13
|
+
Resources: resource_types
|
|
14
|
+
}
|
|
9
15
|
end
|
|
10
16
|
|
|
11
17
|
def show
|
|
@@ -201,7 +201,7 @@ module Scimitar
|
|
|
201
201
|
if mapped_multivalue_attribute.is_a?(Array)
|
|
202
202
|
|
|
203
203
|
# A single-entry array with "list using" semantics, for a
|
|
204
|
-
# collection of an
|
|
204
|
+
# collection of an arbitrary number of same-class items - e.g.
|
|
205
205
|
# Groups to which a User belongs.
|
|
206
206
|
#
|
|
207
207
|
# If this is an up-to-date mapping, there's a "class" entry that
|
|
@@ -342,14 +342,14 @@ module Scimitar
|
|
|
342
342
|
skip_next_component = false
|
|
343
343
|
|
|
344
344
|
components.each.with_index do | component, index |
|
|
345
|
-
if skip_next_component
|
|
345
|
+
if skip_next_component
|
|
346
346
|
skip_next_component = false
|
|
347
347
|
next
|
|
348
348
|
end
|
|
349
349
|
|
|
350
350
|
downcased = component.downcase.strip
|
|
351
351
|
|
|
352
|
-
if
|
|
352
|
+
if expecting_attribute
|
|
353
353
|
if downcased.match?(/[^\\]\[/) # Not backslash then literal '['
|
|
354
354
|
attribute_prefix = component.match(/(.*?[^\\])\[/ )[1] # Everything before no-backslash-then-literal (unescaped) '['
|
|
355
355
|
first_attribute_inside = component.match( /[^\\]\[(.*)/)[1] # Everything after no-backslash-then-literal (unescaped) '['
|
|
@@ -362,7 +362,7 @@ module Scimitar
|
|
|
362
362
|
expecting_attribute = false
|
|
363
363
|
expecting_operator = true
|
|
364
364
|
|
|
365
|
-
elsif
|
|
365
|
+
elsif expecting_operator
|
|
366
366
|
rewritten << component
|
|
367
367
|
if BINARY_OPERATORS.include?(downcased)
|
|
368
368
|
expecting_operator = false
|
|
@@ -374,7 +374,7 @@ module Scimitar
|
|
|
374
374
|
raise 'Expected operator'
|
|
375
375
|
end
|
|
376
376
|
|
|
377
|
-
elsif
|
|
377
|
+
elsif expecting_value
|
|
378
378
|
matches = downcased.match(/([^\\])\](.*)/) # Contains no-backslash-then-literal (unescaped) ']'; also capture anything after
|
|
379
379
|
unless matches.nil? # Contains no-backslash-then-literal (unescaped) ']'
|
|
380
380
|
character_before_closing_bracket = matches[1]
|
|
@@ -395,7 +395,7 @@ module Scimitar
|
|
|
395
395
|
# So - NOTE RECURSION AND EARLY EXIT POSSIBILITY HEREIN.
|
|
396
396
|
#
|
|
397
397
|
if (
|
|
398
|
-
!
|
|
398
|
+
!attribute_prefix.nil? &&
|
|
399
399
|
OPERATORS.key?(components[index + 1]&.downcase) &&
|
|
400
400
|
characters_after_closing_bracket.match?(/^\.#{ATTRNAME}$/)
|
|
401
401
|
)
|
|
@@ -437,7 +437,7 @@ module Scimitar
|
|
|
437
437
|
if downcased.start_with?('"')
|
|
438
438
|
expecting_closing_quote = true
|
|
439
439
|
downcased = downcased[1..-1] # Strip off opening '"' to avoid false-positive on 'contains closing quote' check below
|
|
440
|
-
elsif expecting_closing_quote
|
|
440
|
+
elsif !expecting_closing_quote # If not expecting a closing quote, then the component must be the entire no-spaces value
|
|
441
441
|
expecting_value = false
|
|
442
442
|
expecting_logic_word = true
|
|
443
443
|
end
|
|
@@ -450,7 +450,7 @@ module Scimitar
|
|
|
450
450
|
end
|
|
451
451
|
end
|
|
452
452
|
|
|
453
|
-
elsif
|
|
453
|
+
elsif expecting_logic_word
|
|
454
454
|
if downcased == 'and' || downcased == 'or'
|
|
455
455
|
rewritten << component
|
|
456
456
|
next_downcased_component = components[index + 1].downcase.strip
|
|
@@ -586,11 +586,11 @@ module Scimitar
|
|
|
586
586
|
|
|
587
587
|
# Recursively process an expression tree. Calls itself with nested tree
|
|
588
588
|
# fragments. Each inner expression fragment calculates on the given
|
|
589
|
-
# base scope, with
|
|
589
|
+
# base scope, with aggregation at each level into a wider query using
|
|
590
590
|
# AND or OR depending on the expression tree contents.
|
|
591
591
|
#
|
|
592
592
|
# +base_scope+:: Base scope (ActiveRecord::Relation, e.g. User.all
|
|
593
|
-
# -
|
|
593
|
+
# - never changes during recursion).
|
|
594
594
|
#
|
|
595
595
|
# +expression_tree+:: Top-level expression tree or fragments inside if
|
|
596
596
|
# self-calling recursively.
|
|
@@ -748,7 +748,7 @@ module Scimitar
|
|
|
748
748
|
|
|
749
749
|
# Returns the mapped-to-your-domain column name(s) that a filter string
|
|
750
750
|
# is operating upon, in an Array. If empty, the attribute is to be
|
|
751
|
-
# ignored. Raises an exception if
|
|
751
|
+
# ignored. Raises an exception if entirely unmapped (thus unsupported).
|
|
752
752
|
#
|
|
753
753
|
# Note plural - the return value is always an array any of which should
|
|
754
754
|
# be used (implicit 'OR').
|
|
@@ -17,12 +17,10 @@ module Scimitar
|
|
|
17
17
|
|
|
18
18
|
def as_json(options = {})
|
|
19
19
|
without_extensions = super(except: 'schemaExtensions')
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
without_extensions
|
|
25
|
-
end
|
|
20
|
+
return without_extensions unless schemaExtensions.present? # NOTE EARLY EXIT
|
|
21
|
+
|
|
22
|
+
extensions = schemaExtensions.map{|extension| {"schema" => extension, "required" => false}}
|
|
23
|
+
without_extensions.merge('schemaExtensions' => extensions)
|
|
26
24
|
end
|
|
27
25
|
|
|
28
26
|
end
|
|
@@ -158,7 +158,7 @@ module Scimitar
|
|
|
158
158
|
hash.with_indifferent_access.each_pair do |attr_name, attr_value|
|
|
159
159
|
scim_attribute = self.class.complex_scim_attributes[attr_name].try(:first)
|
|
160
160
|
|
|
161
|
-
if scim_attribute
|
|
161
|
+
if scim_attribute&.complexType
|
|
162
162
|
if scim_attribute.multiValued
|
|
163
163
|
self.send("#{attr_name}=", attr_value&.map {|attr_for_each_item| complex_type_from_hash(scim_attribute, attr_for_each_item)})
|
|
164
164
|
else
|
|
@@ -473,7 +473,7 @@ module Scimitar
|
|
|
473
473
|
path_str = operation['path' ]
|
|
474
474
|
value = operation['value']
|
|
475
475
|
|
|
476
|
-
unless [
|
|
476
|
+
unless %w[add remove replace].include?(nature)
|
|
477
477
|
raise Scimitar::InvalidSyntaxError.new("Unrecognised PATCH \"op\" value of \"#{nature}\"")
|
|
478
478
|
end
|
|
479
479
|
|
|
@@ -613,7 +613,7 @@ module Scimitar
|
|
|
613
613
|
built_dynamic_list = false
|
|
614
614
|
mapped_array = attrs_map_or_leaf_value.map do |value|
|
|
615
615
|
if ! value.is_a?(Hash)
|
|
616
|
-
raise 'Bad attribute map: Array contains
|
|
616
|
+
raise 'Bad attribute map: Array contains something other than mapping Hash(es)'
|
|
617
617
|
|
|
618
618
|
elsif value.key?(:match) # Static map
|
|
619
619
|
static_hash = { value[:match] => value[:with] }
|
|
@@ -741,7 +741,7 @@ module Scimitar
|
|
|
741
741
|
# +path+:: Array of SCIM attribute names giving a
|
|
742
742
|
# path into the SCIM schema where
|
|
743
743
|
# iteration has reached. Used to find the
|
|
744
|
-
# schema attribute
|
|
744
|
+
# schema attribute definition and check
|
|
745
745
|
# mutability before writing.
|
|
746
746
|
#
|
|
747
747
|
def from_scim_backend!(
|
|
@@ -1088,7 +1088,7 @@ module Scimitar
|
|
|
1088
1088
|
# associated collection or clearing a local model attribute
|
|
1089
1089
|
# directly to "nil").
|
|
1090
1090
|
#
|
|
1091
|
-
|
|
1091
|
+
unless handled
|
|
1092
1092
|
current_data_at_path[matched_index] = nil
|
|
1093
1093
|
compact_after = true
|
|
1094
1094
|
end
|
|
@@ -1290,7 +1290,7 @@ module Scimitar
|
|
|
1290
1290
|
end
|
|
1291
1291
|
end
|
|
1292
1292
|
|
|
1293
|
-
|
|
1293
|
+
unless handled
|
|
1294
1294
|
altering_hash[path_component] = []
|
|
1295
1295
|
end
|
|
1296
1296
|
|
|
@@ -1445,7 +1445,7 @@ module Scimitar
|
|
|
1445
1445
|
# { value: :work_email }
|
|
1446
1446
|
#
|
|
1447
1447
|
# If there was a SCIM entry with a type of something unrecognised,
|
|
1448
|
-
# such as '
|
|
1448
|
+
# such as 'holiday', then +nil+ would be returned since there is no
|
|
1449
1449
|
# matching attribute map entry.
|
|
1450
1450
|
#
|
|
1451
1451
|
# Note that the <tt>:with_attr_map</tt> array can contain dynamic
|
|
@@ -36,7 +36,7 @@ module Scimitar
|
|
|
36
36
|
scim_attributes.map { |scim_attribute| scim_attribute.clone }
|
|
37
37
|
end
|
|
38
38
|
|
|
39
|
-
# Find a given attribute this schema, travelling down a path to any
|
|
39
|
+
# Find a given attribute of this schema, travelling down a path to any
|
|
40
40
|
# sub-attributes within. Given that callers might be dealing with paths
|
|
41
41
|
# into actual SCIM data, array indices for multi-value attributes are
|
|
42
42
|
# allowed (as integers) and simply skipped - only the names are of
|
data/lib/scimitar/engine.rb
CHANGED
|
@@ -88,9 +88,9 @@ module Scimitar
|
|
|
88
88
|
unrecognised_resources = resource_array - @standard_default_resources
|
|
89
89
|
|
|
90
90
|
if unrecognised_resources.any?
|
|
91
|
-
raise "Scimitar::Engine
|
|
91
|
+
raise "Scimitar::Engine.set_default_resources: Only #{@standard_default_resources.map(&:name).join(', ')} are supported"
|
|
92
92
|
elsif resource_array.empty?
|
|
93
|
-
raise 'Scimitar::Engine
|
|
93
|
+
raise 'Scimitar::Engine.set_default_resources: At least one resource must be given'
|
|
94
94
|
end
|
|
95
95
|
|
|
96
96
|
@default_resources = resource_array
|
data/lib/scimitar/version.rb
CHANGED
|
@@ -3,11 +3,11 @@ module Scimitar
|
|
|
3
3
|
# Gem version. If this changes, be sure to re-run "bundle install" or
|
|
4
4
|
# "bundle update".
|
|
5
5
|
#
|
|
6
|
-
VERSION = '2.
|
|
6
|
+
VERSION = '2.10.0'
|
|
7
7
|
|
|
8
8
|
# Date for VERSION. If this changes, be sure to re-run "bundle install"
|
|
9
9
|
# or "bundle update".
|
|
10
10
|
#
|
|
11
|
-
DATE = '2024-
|
|
11
|
+
DATE = '2024-10-22'
|
|
12
12
|
|
|
13
13
|
end
|
|
@@ -9,11 +9,15 @@ RSpec.describe Scimitar::ResourceTypesController do
|
|
|
9
9
|
it 'renders the resource type for user' do
|
|
10
10
|
get :index, format: :scim
|
|
11
11
|
response_hash = JSON.parse(response.body)
|
|
12
|
-
expected_response =
|
|
13
|
-
|
|
14
|
-
|
|
12
|
+
expected_response = {
|
|
13
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:ListResponse'],
|
|
14
|
+
totalResults: 2,
|
|
15
|
+
Resources: [
|
|
16
|
+
Scimitar::Resources::User.resource_type(scim_resource_type_url(name: 'User', test: 1)),
|
|
17
|
+
Scimitar::Resources::Group.resource_type(scim_resource_type_url(name: 'Group', test: 1))
|
|
18
|
+
]
|
|
19
|
+
}.to_json
|
|
15
20
|
|
|
16
|
-
response_hash = JSON.parse(response.body)
|
|
17
21
|
expect(response_hash).to eql(JSON.parse(expected_response))
|
|
18
22
|
end
|
|
19
23
|
|
|
@@ -555,7 +555,7 @@ RSpec.describe Scimitar::Resources::Mixin do
|
|
|
555
555
|
|
|
556
556
|
expect do
|
|
557
557
|
scim = instance.to_scim(location: 'https://test.com/static_map_test')
|
|
558
|
-
end.to raise_error(RuntimeError) { |e| expect(e.message).to include('Array contains
|
|
558
|
+
end.to raise_error(RuntimeError) { |e| expect(e.message).to include('Array contains something other than mapping Hash(es)') }
|
|
559
559
|
end
|
|
560
560
|
|
|
561
561
|
it 'complains about bad Hash entries in mapping Arrays' do
|
|
@@ -78,26 +78,26 @@ RSpec.describe Scimitar::Engine do
|
|
|
78
78
|
end
|
|
79
79
|
|
|
80
80
|
it 'notes changes to defaults' do
|
|
81
|
-
Scimitar::Engine
|
|
81
|
+
Scimitar::Engine.set_default_resources([Scimitar::Resources::User])
|
|
82
82
|
expect(Scimitar::Engine.resources()).to match_array([Scimitar::Resources::User])
|
|
83
83
|
end
|
|
84
84
|
|
|
85
85
|
it 'notes changes to defaults with custom resources added' do
|
|
86
|
-
Scimitar::Engine
|
|
86
|
+
Scimitar::Engine.set_default_resources([Scimitar::Resources::User])
|
|
87
87
|
Scimitar::Engine.add_custom_resource(@license_resource)
|
|
88
88
|
expect(Scimitar::Engine.resources()).to match_array([Scimitar::Resources::User, @license_resource])
|
|
89
89
|
end
|
|
90
90
|
|
|
91
91
|
it 'rejects bad defaults' do
|
|
92
92
|
expect {
|
|
93
|
-
Scimitar::Engine
|
|
94
|
-
}.to raise_error('Scimitar::Engine
|
|
93
|
+
Scimitar::Engine.set_default_resources([@license_resource])
|
|
94
|
+
}.to raise_error('Scimitar::Engine.set_default_resources: Only Scimitar::Resources::User, Scimitar::Resources::Group are supported')
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
it 'rejects empty defaults' do
|
|
98
98
|
expect {
|
|
99
|
-
Scimitar::Engine
|
|
100
|
-
}.to raise_error('Scimitar::Engine
|
|
99
|
+
Scimitar::Engine.set_default_resources([])
|
|
100
|
+
}.to raise_error('Scimitar::Engine.set_default_resources: At least one resource must be given')
|
|
101
101
|
end
|
|
102
102
|
end # "context '::resources, :add_custom_resource, ::set_default_resources' do"
|
|
103
103
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scimitar
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- RIPA Global
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2024-
|
|
12
|
+
date: 2024-10-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -101,14 +101,14 @@ dependencies:
|
|
|
101
101
|
requirements:
|
|
102
102
|
- - "~>"
|
|
103
103
|
- !ruby/object:Gem::Version
|
|
104
|
-
version: '
|
|
104
|
+
version: '7.0'
|
|
105
105
|
type: :development
|
|
106
106
|
prerelease: false
|
|
107
107
|
version_requirements: !ruby/object:Gem::Requirement
|
|
108
108
|
requirements:
|
|
109
109
|
- - "~>"
|
|
110
110
|
- !ruby/object:Gem::Version
|
|
111
|
-
version: '
|
|
111
|
+
version: '7.0'
|
|
112
112
|
- !ruby/object:Gem::Dependency
|
|
113
113
|
name: doggo
|
|
114
114
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -267,7 +267,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
267
267
|
- !ruby/object:Gem::Version
|
|
268
268
|
version: '0'
|
|
269
269
|
requirements: []
|
|
270
|
-
rubygems_version: 3.5.
|
|
270
|
+
rubygems_version: 3.5.16
|
|
271
271
|
signing_key:
|
|
272
272
|
specification_version: 4
|
|
273
273
|
summary: SCIM v2 for Rails
|