Esempio n. 1
0
    def test_simple_with_members(self):
        user = self.create_user(username="******")
        user2 = self.create_user(username="******")
        organization = self.create_organization(owner=user)
        team = self.create_team(organization=organization,
                                members=[user, user2])
        self.create_team(organization=organization, members=[user, user2])
        # create a 2nd team to confirm we aren't duping data

        result = serialize(team, user, TeamSCIMSerializer(expand=["members"]))
        assert result == {
            "displayName":
            team.name,
            "id":
            str(team.id),
            "members": [
                {
                    "display": user.email,
                    "value": str(team.member_set[0].id)
                },
                {
                    "display": user2.email,
                    "value": str(team.member_set[1].id)
                },
            ],
            "meta": {
                "resourceType": "Group"
            },
            "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
        }
Esempio n. 2
0
 def on_results(results):
     results = serialize(
         results,
         None,
         TeamSCIMSerializer(expand=_team_expand(query_params["excluded_attributes"])),
     )
     return self.list_api_format(results, queryset.count(), query_params["start_index"])
Esempio n. 3
0
    def get(self, request: Request, organization, team) -> Response:
        query_params = self.get_query_parameters(request)

        context = serialize(
            team,
            serializer=TeamSCIMSerializer(expand=_team_expand(query_params["excluded_attributes"])),
        )
        return Response(context)
Esempio n. 4
0
    def patch(self, request, organization, team):
        """
        A SCIM Group PATCH request takes a series of operations to perform on a team.
        It does them sequentially and if any of them fail no operations should go through.
        The operations are add members, remove members, replace members, and rename team.
        """
        operations = request.data.get("Operations", [])
        if len(operations) > 100:
            return Response(SCIM_400_TOO_MANY_PATCH_OPS_ERROR, status=400)
        try:
            with transaction.atomic():
                for operation in operations:
                    op = operation["op"].lower()
                    if op == TeamPatchOps.ADD and operation[
                            "path"] == "members":
                        self._add_members_operation(request, operation, team)
                    elif op == TeamPatchOps.REMOVE and "members" in operation[
                            "path"]:
                        # the members op contains a filter string like so:
                        # members[userName eq "*****@*****.**"]
                        self._remove_members_operation(request, operation,
                                                       team)
                    elif op == TeamPatchOps.REPLACE:
                        path = operation.get("path")

                        if path == "members":
                            # delete all the current team members
                            # and replace with the ones in the operation list
                            with transaction.atomic():
                                queryset = OrganizationMemberTeam.objects.filter(
                                    team_id=team.id)
                                queryset.delete()
                                self._add_members_operation(
                                    request, operation, team)
                        # azure and okta handle team name change operation differently
                        elif path is None:
                            # for okta
                            self._rename_team_operation(
                                request, operation["value"]["displayName"],
                                team)
                        elif path == "displayName":
                            # for azure
                            self._rename_team_operation(
                                request, operation["value"], team)
                        else:
                            return Response(SCIM_400_UNSUPPORTED_ATTRIBUTE,
                                            status=400)

        except OrganizationMember.DoesNotExist:
            raise ResourceDoesNotExist(detail=SCIM_404_USER_RES)
        except IntegrityError as e:
            sentry_sdk.capture_exception(e)
            return Response(SCIM_400_INTEGRITY_ERROR, status=400)

        context = serialize(team, serializer=TeamSCIMSerializer())
        return Response(context)
Esempio n. 5
0
    def get(self, request: Request, organization, team) -> Response:
        """
        Query an individual team with a SCIM Group GET Request.
        - Note that the members field will only contain up to 10000 members.
        """
        query_params = self.get_query_parameters(request)

        context = serialize(
            team,
            serializer=TeamSCIMSerializer(expand=_team_expand(query_params["excluded_attributes"])),
        )
        return Response(context)
Esempio n. 6
0
 def test_excluded_members(self):
     user = self.create_user(username="******")
     organization = self.create_organization(owner=user)
     team = self.create_team(organization=organization, members=[user])
     result = serialize(team, user, TeamSCIMSerializer())
     assert result == {
         "displayName": team.slug,
         "id": str(team.id),
         "members": None,
         "meta": {"resourceType": "Group"},
         "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
     }
Esempio n. 7
0
 def on_results(results):
     results = serialize(results, None,
                         TeamSCIMSerializer(expand=expand))
     return self.list_api_format(request, queryset.count(), results)
Esempio n. 8
0
 def team_serializer_for_post(self):
     return TeamSCIMSerializer(expand=["members"])
Esempio n. 9
0
 def get(self, request, organization, team):
     context = serialize(team,
                         serializer=TeamSCIMSerializer(expand=["members"]))
     return Response(context)