Set a default value for User attribute

[santilorenzo]

I would like to set a default value for an attribute before the User entity is created. In my application Users and Groups are scoped under an Account entity, so I need to set the account_id for both of them before they are stored in the database. After some tests, I saw that the createFromSCIM method takes only the attributes in the request so if I don't send the account_id, it isn't filled. I want to make this transparent from the outside, the account_id should be the one that belongs to the authenticated user. Is this something I could set in the SCIMConfig or do I need to act on the User and Group eloquent models?

[arietimmerman]

Setting defaults with Eloquent is the way to go. See https://laravel.com/docs/9.x/eloquent#default-attribute-values

[santilorenzo]

@arietimmerman I'm not sure that could solve my problem. That should be something like:

protected $attributes = [
    'account_id' => Auth::check() ? Auth::user()->account_id : null
];

which is incorrect because the expression must be constant. I'll try to implement the creating(User $user) method in a UserObserver and see if I can get what I want. Thanks

[arietimmerman]

Ah I see. Perhaps you are looking for the possibilities of the MeController. The SCIM specs define a /Me endpoint which is also implemented (but not so well documented) by this module.

https://github.com/arietimmerman/laravel-scim-server/blob/d4be44ff0294c5c65ae4eb60138b83a3c4620812/src/Http/Controllers/MeController.php

[santilorenzo]

I'm not sure about this either. All I want is to open our APIs to the public and give our users the possibility to sync users and groups via SCIM. Our software is structured in accounts that have separate data, including users and groups. So cannot exist a user that doesn't belong to an Account. I want to force the account_id to be the same as the one that the user making the request via SCIM has. I'm very new to the subject, so probably I'm missing something.

[arietimmerman]

Specific use cases would be helpful here, but you may also want to check out the PolicyDecisionPoint class.

This would allow you to enforce what you are describing. Perhaps you should leverage the /Me endpoints, but perhaps it is better to use the regular /Users endpoints. It all depends.

[besanek]

@santilorenzo Now you can use factory for this usecase. See #49

[santilorenzo]

@besanek awesome! Thank you for the contribution, that is exactly what I needed.