search

jelhub / scimgateway

Using SCIM protocol as a gateway for user provisioning to other endpoints
MIT License
176 stars 57 forks source link

Cannot distinguish PATCH/add and PUT in modifyGroups #106

Closed christinedraper closed 1 year ago

christinedraper commented 1 year ago

In modifyGroups, we need to handle the caller using either PATCH to add a member, or PUT to replace all the members.

If the request is:

PATCH {{basePath}}/Groups/mygroup
Content-Type: application/json
Authorization: {{authz}}

{ "Operations" : [
  {
    "op": "add",
    "path": "members",
    "value": [{
        "value": "someuser"
      }]
  }
]}

My plugin incrementally adds someuser into the list of members.

If the request is:

PUT {{basePath}}/Groups//mygroup
Content-Type: application/json
Authorization: {{authz}}

{
  "members": [{
    "value": "someuser"
  }]
}

The plugin should replace all members in mygroup with the provided list. But the parameter passed to modifyGroup looks identical in both cases:

[
  {
    "value": "someuser"
  }
]

Am I missing something?

jelhub commented 1 year ago

Seems your getGroups do not return what is expected. Please verify http(s)://host:port/Groups/mygroup

You may test using default plugin-loki

1. http://localhost:8880/Groups/Admins
=> only bjensen is member

2. PUT http://localhost:8880/Groups/Admins
{
  "schemas":[
    "urn:ietf:params:scim:schemas:core:2.0:Group"
  ],
  "id": "not_changed",
  "displayName":"OK_to_change",
  "members":[
    {
       "value":"jsmith"
    }
  ]
}

3. http://localhost:8880/Groups/Admins
=> now, only jsmith is member and displayName also changed
christinedraper commented 1 year ago

Thank you for that pointer and sorry for bothering you with user error.