Rebase fix + check GRIST_SCIM_USER

This commit is contained in:
fflorent 2024-09-06 19:11:13 +02:00
parent 9c81ddbba9
commit 4ba322d1cb
2 changed files with 20 additions and 4 deletions

View File

@ -64,7 +64,7 @@ const buildScimRouterv2 = (dbManager: HomeDBManager, installAdmin: InstallAdmin)
const newUser = await dbManager.getUserByLoginWithRetry(userProfileToInsert.email, {
profile: userProfileToInsert
});
return toSCIMMYUser(newUser!);
return toSCIMMYUser(newUser);
} catch (ex) {
if (ex instanceof ApiError) {
if (ex.status === 409) {

View File

@ -18,6 +18,7 @@ function scimConfigForUser(user: string) {
const chimpy = scimConfigForUser('Chimpy');
const kiwi = scimConfigForUser('Kiwi');
const charon = scimConfigForUser('Charon');
const anon = scimConfigForUser('Anonymous');
const USER_CONFIG_BY_NAME = {
@ -36,9 +37,12 @@ describe('Scim', () => {
const scimUrl = (path: string) => (homeUrl + '/api/scim/v2' + path);
testUtils.setTmpLogLevel('error');
before(async function () {
oldEnv = new testUtils.EnvironmentSnapshot();
process.env.GRIST_DEFAULT_EMAIL = 'chimpy@getgrist.com';
process.env.GRIST_SCIM_EMAIL = 'charon@getgrist.com';
process.env.TYPEORM_DATABASE = ':memory:';
server = new TestServer(this);
homeUrl = await server.start();
@ -216,6 +220,11 @@ describe('Scim', () => {
assert.isBelow(indexOfKiwi, indexOfChimpy, 'kiwi should come before chimpy');
});
it('should also allow access for user Charon (the one refered in GRIST_SCIM_EMAIL)', async function () {
const res = await axios.post(scimUrl('/Users/.search'), searchExample, charon);
assert.equal(res.status, 200);
});
it('should filter the users by userName', async function () {
const res = await axios.post(scimUrl('/Users/.search'), {
schemas: [SEARCH_SCHEMA],
@ -263,6 +272,13 @@ describe('Scim', () => {
});
});
it('should also allow user Charon to create a user (the one refered in GRIST_SCIM_EMAIL)', async function () {
await withUserName('new.user.by.charon', async (userName) => {
const res = await axios.post(scimUrl('/Users'), toSCIMUserWithoutId(userName), charon);
assert.equal(res.status, 201);
});
});
it('should reject when passed email differs from username', async function () {
await withUserName('username', async (userName) => {
const res = await axios.post(scimUrl('/Users'), {
@ -470,8 +486,6 @@ describe('Scim', () => {
beforeEach(async function () {
usersToCleanupEmails = [];
usersToCleanupEmails.push('bulk-user1@getgrist.com');
usersToCleanupEmails.push('bulk-user2@getgrist.com');
});
afterEach(async function () {
@ -501,6 +515,8 @@ describe('Scim', () => {
],
}, chimpy);
assert.equal(res.status, 200);
const newUserID = await getOrCreateUserId('bulk-user3');
assert.deepEqual(res.data, {
schemas: [ "urn:ietf:params:scim:api:messages:2.0:BulkResponse" ],
Operations: [
@ -519,7 +535,7 @@ describe('Scim', () => {
}, {
method: "POST",
bulkId: "1",
location: "/api/scim/v2/Users/26",
location: "/api/scim/v2/Users/" + newUserID,
status: "201"
}, {
method: "POST",