libre.sh/discourse-scim
1
0
Fork 0
Code Issues Pull requests Releases Packages Activity Actions
discourse-scim/plugin.rb

155 lines
3.8 KiB
Ruby
Raw Normal View History

Initial commit
2024-10-06 17:39:16 +00:00
# frozen_string_literal: true
# name: discourse-scim-plugin
# about: A plugin to add SCIM endpoints to discourse
# version: 0.0.1
# authors: Peter Bouda
# url: https://github.com/pbouda/discourse-scim-plugin
gem 'marcel', '1.0.0', {require: false }
gem 'activestorage', '7.1.4', {require: false }
gem 'actiontext', '7.1.4', {require: false }
gem 'actionmailbox', '7.1.4', {require: false }
gem 'websocket-extensions', '0.1.0', {require: false }
gem 'websocket-driver', '0.6.1', {require: false }
gem 'actioncable', '7.1.4', {require: false }
gem 'rails', '7.1.4', {require: false }
gem 'scimitar', '2.9.0', {require: false }
require "scimitar"
DEV: Add support for groups in SCIM
2024-10-08 07:42:35 +00:00
enabled_site_setting :scim_enabled
DEV: Check for authorization based on token
2024-10-08 09:39:50 +00:00
add_api_key_scope(
:scim,
{
access_scim_endpoints: {
actions: %w[scim_v2/users#index scim_v2/users#show scim_v2/users#create
scim_v2/users#replace scim_v2/users#update scim_v2/users#destroy
scim_v2/groups#index scim_v2/groups#show scim_v2/groups#create
scim_v2/groups#update],
},
},
)
Initial commit
2024-10-06 17:39:16 +00:00
module ::DiscourseScimPlugin
PLUGIN_NAME = "scim"
require_relative "lib/discourse_scim_plugin/engine"
DEV: Modify User model for SCIM
2024-10-07 10:22:23 +00:00
end
after_initialize do
class ::User
def self.scim_resource_type
Scimitar::Resources::User
end
def self.scim_attributes_map
{
id: :id,
userName: :username,
displayName: :name,
name: {
formatted: :name
},
emails: [
{
match: "type",
with: "work",
using: {
value: :email,
primary: true
}
}
],
DEV: Add support for groups in SCIM
2024-10-08 07:42:35 +00:00
groups: [
{
list: :groups,
using: {
value: :id,
display: :name
}
}
],
DEV: Modify User model for SCIM
2024-10-07 10:22:23 +00:00
active: :active
}
end
def self.scim_timestamps_map
{
created: :created_at,
lastModified: :updated_at
}
end
def self.scim_mutable_attributes
nil
end
def self.scim_queryable_attributes
{
displayName: { column: :name },
userName: { column: :username },
DEV: Add support for groups in SCIM
2024-10-08 07:42:35 +00:00
emails: { column: :emails },
groups: { column: Group.arel_table[:id] },
"groups.value" => { column: Group.arel_table[:id] }
}
end
include Scimitar::Resources::Mixin
end
class ::Group
def scim_users_and_groups
self.users.to_a + self.associated_groups.to_a
end
def scim_users_and_groups=(mixed_array)
self.users = mixed_array.select { |item| item.is_a?(User) }
self.associated_groups = mixed_array.select { |item| item.is_a?(Group) }
end
def self.scim_resource_type
Scimitar::Resources::Group
end
def self.scim_attributes_map
{
id: :id,
displayName: :name,
members: [ # NB read-write, though individual items' attributes are immutable
list: :scim_users_and_groups, # See adapter accessors, earlier in this file
using: {
value: :id
},
find_with: -> (scim_list_entry) {
id = scim_list_entry['value']
type = scim_list_entry['type' ] || 'User' # Some online examples omit 'type' and believe 'User' will be assumed
case type.downcase
when 'user'
User.find_by_id(id)
when 'group'
Group.find_by_id(id)
else
raise Scimitar::InvalidSyntaxError.new("Unrecognised type #{type.inspect}")
end
}
]
}
end
def self.scim_mutable_attributes
nil
end
def self.scim_queryable_attributes
{
displayName: :name
DEV: Modify User model for SCIM
2024-10-07 10:22:23 +00:00
}
end
include Scimitar::Resources::Mixin
end
Initial commit
2024-10-06 17:39:16 +00:00
end
Reference in a new issue Copy permalink