(feat) role support

This commit is contained in:
Hugo Renard 2022-03-23 17:14:04 +01:00
parent 59917cc25d
commit 55c7753c86
Signed by: hougo
GPG key ID: 3A285FD470209C59
4 changed files with 26 additions and 4 deletions

View file

@ -23,6 +23,9 @@ export class UserEndpoint extends ScimEndpoint implements IScimEndpoint {
const u = SCIMUser.fromPlain(ctx.content()); const u = SCIMUser.fromPlain(ctx.content());
if (ctx.id() === (await ctx.rc.getUserId())) { if (ctx.id() === (await ctx.rc.getUserId())) {
u.active = true; u.active = true;
if (!u.roles.find((x) => x.value === "admin")) {
u.roles.push({ value: "admin" });
}
} }
const o = await ctx.rc.user.update({ const o = await ctx.rc.user.update({
userId: ctx.id(), userId: ctx.id(),
@ -32,6 +35,7 @@ export class UserEndpoint extends ScimEndpoint implements IScimEndpoint {
username: u.userName, username: u.userName,
active: u.active, active: u.active,
verified: true, verified: true,
roles: u.roles.map((x) => x.value),
customFields: { customFields: {
scimExternalId: u.externalId, scimExternalId: u.externalId,
}, },

View file

@ -33,6 +33,7 @@ export class UsersEndpoint extends ScimEndpoint implements IScimEndpoint {
name: u.displayName || u.userName, name: u.displayName || u.userName,
username: u.userName, username: u.userName,
password: crypto.randomBytes(64).toString("base64").slice(0, 64), password: crypto.randomBytes(64).toString("base64").slice(0, 64),
roles: u.roles.map((x) => x.value),
verified: true, verified: true,
customFields: { customFields: {
scimExternalId: u.externalId, scimExternalId: u.externalId,

View file

@ -11,10 +11,16 @@ export interface ISCIMUserName {
familyName?: string; familyName?: string;
givenName?: string; givenName?: string;
} }
export interface ISCIMUserEmail { export interface ISCIMUserEmail {
value: string; value: string;
primary: boolean; primary: boolean;
} }
export interface ISCIMUserRole {
value: string;
}
export interface ISCIMListResponse { export interface ISCIMListResponse {
schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"]; schemas: ["urn:ietf:params:scim:api:messages:2.0:ListResponse"];
totalResults: 2; totalResults: 2;

View file

@ -1,5 +1,10 @@
import { IUser } from "../rc-sdk/RcSdkUser"; import { IUser } from "../rc-sdk/RcSdkUser";
import { ISCIMResource, ISCIMUserEmail, ISCIMUserName } from "./Interfaces"; import {
ISCIMResource,
ISCIMUserEmail,
ISCIMUserName,
ISCIMUserRole,
} from "./Interfaces";
import { SCIMMeta } from "./Meta"; import { SCIMMeta } from "./Meta";
export class SCIMUser implements ISCIMResource { export class SCIMUser implements ISCIMResource {
@ -12,13 +17,15 @@ export class SCIMUser implements ISCIMResource {
user.active = plain.active; user.active = plain.active;
user.name = plain.name; user.name = plain.name;
user.emails = plain.emails; user.emails = plain.emails;
user.setRoles(plain.roles);
return user; return user;
} }
public static fromRC(rc: IUser): SCIMUser { public static fromRC(rc: IUser): SCIMUser {
const user = new SCIMUser(); const user = new SCIMUser();
user.id = rc._id; user.id = rc._id;
user.setEmail(rc.emails[0].address); const email = rc.emails[0];
user.emails = [{ primary: true, value: email.address }];
user.displayName = rc.name; user.displayName = rc.name;
user.userName = rc.username; user.userName = rc.username;
user.meta.created = new Date(rc.createdAt); user.meta.created = new Date(rc.createdAt);
@ -38,6 +45,7 @@ export class SCIMUser implements ISCIMResource {
public active: boolean; public active: boolean;
public name: ISCIMUserName = {}; public name: ISCIMUserName = {};
public emails: Array<ISCIMUserEmail> = []; public emails: Array<ISCIMUserEmail> = [];
public roles: Array<ISCIMUserRole> = [{ value: "user" }];
constructor() { constructor() {
this.meta = new SCIMMeta("User", () => this.id); this.meta = new SCIMMeta("User", () => this.id);
@ -50,7 +58,10 @@ export class SCIMUser implements ISCIMResource {
return ""; return "";
} }
public setEmail(email: string) { public setRoles(roles: Array<ISCIMUserRole>) {
this.emails = [{ primary: true, value: email }]; this.roles = roles;
if (!roles.find((x) => x.value === "user")) {
this.roles.push({ value: "user" });
}
} }
} }