trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/SCIM: patch group name (#5564) 

* providers/scim: patch name when group put fails

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-raise ResourceMissing in group update to trigger recreation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-05-10 12:29:39 +02:00 committed by GitHub
parent 639a5c429c
commit 1c04dc0986
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
authentik/providers/scim/clients/group.py
View File

@ -117,20 +117,25 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
exclude_unset=True, exclude_unset=True,
), ),
) )
except ResourceMissing:
# Resource missing is handled by self.write, which will re-create the group
raise
except SCIMRequestException: except SCIMRequestException:
# Some providers don't support PUT on groups, so this is mainly a fix for the initial # Some providers don't support PUT on groups, so this is mainly a fix for the initial
# sync, send patch add requests for all the users the group currently has # sync, send patch add requests for all the users the group currently has
# TODO: send patch request for group name
users = list(group.users.order_by("id").values_list("id", flat=True)) users = list(group.users.order_by("id").values_list("id", flat=True))
return self._patch_add_users(group, users) self._patch_add_users(group, users)
# Also update the group name
def _patch( return self._patch(
self, scim_group.id,
group_id: str, PatchOperation(
*ops: PatchOperation, op=PatchOp.replace,
): value={
req = PatchRequest(Operations=ops) "id": connection.id,
self._request("PATCH", f"/Groups/{group_id}", data=req.json()) "displayName": group.name,
},
),
)
def update_group(self, group: Group, action: PatchOp, users_set: set[int]): def update_group(self, group: Group, action: PatchOp, users_set: set[int]):
"""Update a group, either using PUT to replace it or PATCH if supported""" """Update a group, either using PUT to replace it or PATCH if supported"""
@ -151,6 +156,14 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
return self._patch_remove_users(group, users_set) return self._patch_remove_users(group, users_set)
raise exc raise exc
def _patch(
self,
group_id: str,
*ops: PatchOperation,
):
req = PatchRequest(Operations=ops)
self._request("PATCH", f"/Groups/{group_id}", data=req.json())
def _patch_add_users(self, group: Group, users_set: set[int]): def _patch_add_users(self, group: Group, users_set: set[int]):
"""Add users in users_set to group""" """Add users in users_set to group"""
if len(users_set) < 1: if len(users_set) < 1: