def test_no_active(self): result = serialize( self._get_org_members()[0], self.user_2, OrganizationMemberSCIMSerializer(), ) assert "active" not in result
def test_simple(self): result = serialize( self._get_org_members()[0], self.user_2, OrganizationMemberSCIMSerializer(expand=["active"]), ) assert "active" in result
def post(self, request, organization): # TODO: confirm mixed case emails get converted to lowercase serializer = OrganizationMemberSerializer( data={ "email": request.data.get("userName"), "role": roles.get(organization.default_role).id, }, context={ "organization": organization, "allowed_roles": [roles.get(organization.default_role)], "allow_existing_invite_request": True, }, ) if not serializer.is_valid(): if "email" in serializer.errors and any( ("is already a member" in error) for error in serializer.errors["email"]): # we include conflict logic in the serializer, check to see if that was # our error and if so, return a 409 so the scim IDP knows how to handle raise ConflictError(detail=SCIM_409_USER_EXISTS) return Response(serializer.errors, status=400) result = serializer.validated_data with transaction.atomic(): member = OrganizationMember( organization=organization, email=result["email"], role=result["role"], inviter=request.user, ) self.create_audit_entry( request=request, organization_id=organization.id, target_object=member.id, data=member.get_audit_log_data(), event=AuditLogEntryEvent.MEMBER_INVITE if settings.SENTRY_ENABLE_INVITES else AuditLogEntryEvent.MEMBER_ADD, ) # TODO: are invite tokens needed for SAML orgs? if settings.SENTRY_ENABLE_INVITES: member.token = member.generate_token() member.save() if settings.SENTRY_ENABLE_INVITES and result.get("sendInvite"): member.send_invite_email() member_invited.send_robust( member=member, user=request.user, sender=self, referrer=request.data.get("referrer"), ) context = serialize(member, serializer=OrganizationMemberSCIMSerializer()) return Response(context, status=201)
def _scim_member_serializer_with_expansion(organization): """ For our Azure SCIM integration, we don't want to return the `active` flag since we don't support soft deletes. Other integrations don't care about this and rely on the behavior of setting "active" to false to delete a member. """ auth_provider = AuthProvider.objects.get(organization=organization) expand = ["active"] if auth_provider.provider == ACTIVE_DIRECTORY_PROVIDER_NAME: expand = [] return OrganizationMemberSCIMSerializer(expand=expand)
def patch(self, request, organization, member): operations = request.data.get("Operations", []) if len(operations) > 100: return Response(SCIM_400_TOO_MANY_PATCH_OPS_ERROR, status=400) for operation in operations: # we only support setting active to False which deletes the orgmember if self._should_delete_member(operation): self._delete_member(request, organization, member) return Response(status=204) else: return Response(SCIM_400_INVALID_PATCH, status=400) context = serialize(member, serializer=OrganizationMemberSCIMSerializer()) return Response(context)
def get(self, request, organization, member): context = serialize(member, serializer=OrganizationMemberSCIMSerializer()) return Response(context)
def on_results(results): results = serialize(results, None, OrganizationMemberSCIMSerializer()) return self.list_api_format(request, queryset.count(), results)