logger = $container->get(LoggerInterface::class); $this->repository = $container->get('GroupRepository'); $this->groupManager = $container->get(IGroupManager::class); $this->request = $container->get(IRequest::class); } public function getAll(string $filter = ''): SCIMListResponse { $this->logger->info("Reading all groups"); $baseUrl = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . Util::SCIM_APP_URL_PATH; $groups = $this->repository->getAll($filter); $scimGroups = []; if (!empty($groups)) { foreach ($groups as $group) { $scimGroups[] = $group->toSCIM(false, $baseUrl); } } return new SCIMListResponse($scimGroups); } public function getOneById(string $id): SCIMJSONResponse { $this->logger->info("Reading group with ID: " . $id); $baseUrl = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . Util::SCIM_APP_URL_PATH; $group = $this->repository->getOneById($id); if (!isset($group) || empty($group)) { $this->logger->error("Group with ID " . $id . " not found"); return new SCIMErrorResponse(['message' => 'Group not found'], 404); } return new SCIMJSONResponse($group->toSCIM(false, $baseUrl)); } public function create(string $displayName = '', array $members = []): SCIMJSONResponse { $id = urlencode($displayName); // Validate name if (empty($id)) { $this->logger->error('Group name not supplied', ['app' => 'provisioning_api']); return new SCIMErrorResponse(['message' => 'Invalid group name'], 400); } // Check if it exists if ($this->groupManager->groupExists($id)) { $this->logger->error("Group to be created already exists"); return new SCIMErrorResponse(['message' => 'Group exists'], 409); } try { $this->logger->info("Creating group with displayName: " . $displayName); $baseUrl = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . Util::SCIM_APP_URL_PATH; $data = [ 'displayName' => $displayName, 'members' => $members ]; $createdGroup = $this->repository->create($data); if (isset($createdGroup) && !empty($createdGroup)) { return new SCIMJSONResponse($createdGroup->toSCIM(false, $baseUrl), 201); } else { $this->logger->error("Creating group failed"); return new SCIMErrorResponse(['message' => 'Creating group failed'], 400); } } catch (Exception $e) { $this->logger->warning('Failed createGroup attempt with SCIMException exception.', ['app' => 'SCIMServiceProvider']); throw $e; } } public function update(string $id, string $displayName = '', array $members = []): SCIMJSONResponse { $this->logger->info("Updating group with ID: " . $id); $baseUrl = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . Util::SCIM_APP_URL_PATH; $group = $this->repository->getOneById($id); if (!isset($group) || empty($group)) { $this->logger->error("Group with ID " . $id . " not found for update"); return new SCIMErrorResponse(['message' => 'Group not found'], 404); } $data = [ 'displayName' => $displayName, 'members' => $members ]; $updatedGroup = $this->repository->update($id, $data); if (isset($updatedGroup) && !empty($updatedGroup)) { return new SCIMJSONResponse($updatedGroup->toSCIM(false, $baseUrl)); } else { $this->logger->error("Updating group with ID " . $id . " failed"); return new SCIMErrorResponse(['message' => 'Updating group failed'], 400); } } public function destroy(string $id): Response { $this->logger->info("Deleting group with ID: " . $id); if ($id === 'admin') { // Cannot delete admin group $this->logger->error("Deleting admin group is not allowed"); return new SCIMErrorResponse(['message' => 'Can\'t delete admin group'], 403); } $deleteRes = $this->repository->delete($id); if ($deleteRes) { $response = new Response(); $response->setStatus(204); return $response; } else { $this->logger->error("Deletion of group with ID " . $id . " failed"); return new SCIMErrorResponse(['message' => 'Couldn\'t delete group'], 503); } } }