wso2 / charon

123 stars 165 forks source link

Compare attribute URIs before removing readonly attributes #366

Closed piraveena closed 2 years ago

piraveena commented 2 years ago

Purpose

Resolves https://github.com/wso2/product-is/issues/9548

Analysis When remove the read-only sub-attributes https://github.com/wso2/charon/blob/v3.4.23/modules/charon-core/src/main/java/org/wso2/charon3/core/schema/AbstractValidator.java#L383, we remove them based on the attribute name. Because, internally we use attribute names to identify the attributes. When sub attributes have same name(Eg: value (PendingEmails.value and manager.value have the same attribute name), it remove the different attribute. It loops through and checks for PendingEmails.value read_only attribute, it deletes the manager.value.

If we change the attribute names to unique, it will change the payload. So when we remove the reanoly- attributes, we compare the attribute URI and do the deletion since attribute URI is unique.

After the fix

Sample request

curl --location --request POST 'https://localhost:9443/scim2/Users' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--data-raw '{
    "schemas": [],
    "name": {
        "familyName": "user25_family",
        "givenName": "user25"
    },
    "userName": "user25",
    "password": "user25",
    "emails": [
        {
            "primary": true,
            "value": "user25@wso2.com",
            "type": "home"
        },
        {
            "value": "user2@wso2.com",
            "type": "work"
        }
    ],
    "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
        "employeeNumber": "123A",
        "manager": {
            "value": "Johann"
        },
        "wallet": {
            "private": "test2"
        },
        "vehicle": {
            "private": "test1"
        }
    }
}'

Sample response:

{
    "emails": [
        {
            "type": "work",
            "value": "user2@wso2.com"
        },
        {
            "type": "home",
            "value": "user25@wso2.com"
        }
    ],
    "meta": {
        "created": "2022-04-19T03:39:32.853Z",
        "location": "https://localhost:9443/scim2/Users/78eed492-64b2-4772-b846-1eafe53ea1e0",
        "lastModified": "2022-04-19T03:39:32.853Z",
        "resourceType": "User"
    },
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User",
        "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
        "urn:scim:wso2:schema"
    ],
    "roles": [
        {
            "display": "everyone"
        }
    ],
    "name": {
        "givenName": "user25",
        "familyName": "user25_family"
    },
    "id": "78eed492-64b2-4772-b846-1eafe53ea1e0",
    "userName": "user25",
    "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
        "wallet": {
            "private": "test2"
        },
        "manager": {
            "value": "Johann"
        },
        "vehicle": {
            "private": "test1"
        },
        "employeeNumber": "123A"
    }
}

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type “Sent” when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type “N/A” and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

Security checks

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

piraveena commented 2 years ago

Builder got failed with the below testcases https://jenkins-support-all.wso2.com/jenkins/job/DEV_PR_BUILDER/1608/

Test Result (2 failures / +2)org.wso2.identity.integration.test.rest.api.user.approval.v1.UserMeApprovalTest.testListTasksWhenEmptyorg.wso2.identity.integration.test.rest.api.user.approval.v1.UserMeApprovalTest.testListTasksWhenAvailable
--
 (2 failures / +2)
[org.wso2.identity.integration.test.rest.api.user.approval.v1.UserMeApprovalTest.testListTasksWhenEmpty](https://jenkins-support-all.wso2.com/jenkins/job/DEV_PR_BUILDER/org.wso2.is$org.wso2.carbon.identity.integration.backend.test/1608/testReport/junit/org.wso2.identity.integration.test.rest.api.user.approval.v1/UserMeApprovalTest/testListTasksWhenEmpty/)
[org.wso2.identity.integration.test.rest.api.user.approval.v1.UserMeApprovalTest.testListTasksWhenAvailable](https://jenkins-support-all.wso2.com/jenkins/job/DEV_PR_BUILDER/org.wso2.is$org.wso2.carbon.identity.integration.backend.test/1608/testReport/junit/org.wso2.identity.integration.test.rest.api.user.approval.v1/UserMeApprovalTest/testListTasksWhenAvailable/)

These two are intermittent test failures. Hence merging this