Support for Querying Resources Using HTTP POST (limosa-io#97)

arietimmerman · web-flow · commit d634f0fd7a43 · 2024-10-30T16:28:45.000+01:00
diff --git a/src/Http/Controllers/ResourceController.php b/src/Http/Controllers/ResourceController.php
@@ -15,6 +15,7 @@
 use ArieTimmerman\Laravel\SCIMServer\Events\Patch;
 use ArieTimmerman\Laravel\SCIMServer\Parser\Parser as ParserParser;
 use ArieTimmerman\Laravel\SCIMServer\PolicyDecisionPoint;
+use ArieTimmerman\Laravel\SCIMServer\Tests\Model\User;
 use Illuminate\Contracts\Pagination\CursorPaginator;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Validator;
@@ -274,14 +275,20 @@ function (Builder $query) use ($filter, $resourceType) {
         }
 
         // TODO: splitting the attributes parameters by dot and comma is not correct, but works in most cases
-        $attributes = $request->input('attributes') ? preg_split('/[,.]/', $request->input('attributes')) : [];
+        // if body contains attributes and this is an array, use that, else use existing
+        if($request->json('attributes') && is_array($request->json('attributes'))){
+            $attributes = $request->json('attributes');
+        } else {
+            $attributes = $request->input('attributes') ? preg_split('/[,.]/', $request->input('attributes')) : [];
+        }
 
         if (!empty($attributes)) {
             $attributes[] = 'id';
             $attributes[] = 'meta';
             $attributes[] = 'schemas';
         }
 
+        // TODO: implement excludedAttributes
         $excludedAttributes = [];
 
         return new ListResponse(
@@ -295,4 +302,19 @@ function (Builder $query) use ($filter, $resourceType) {
             ($resourceObjects instanceof CursorPaginator) ? $resourceObjects->previousCursor()?->encode() : null
         );
     }
+
+    public function search(Request $request, PolicyDecisionPoint $pdp, ResourceType $resourceType){
+
+        $input = $request->json()->all();
+
+        // ensure request post body is a scim SearchRequest
+        if (!is_array($input) || !isset($input['schemas']) || !in_array("urn:ietf:params:scim:api:messages:2.0:SearchRequest", $input['schemas'])) {
+            throw (new SCIMException('Invalid schema. MUST be "urn:ietf:params:scim:api:messages:2.0:SearchRequest"'))->setCode(400);
+        }
+
+        // ensure $request->input reads from payload/post only, not query parameters
+        $request->replace($request->json()->all());
+
+        return $this->index($request, $pdp, $resourceType);
+    }
 }
diff --git a/src/RouteProvider.php b/src/RouteProvider.php
@@ -78,7 +78,7 @@ private static function allRoutes(array $options = [])
         // TODO: Use the attributes parameters ?attributes=userName, excludedAttributes=asdg,asdg (respect "returned" settings "always")
         Route::get('/{resourceType}/{resourceObject}', '\ArieTimmerman\Laravel\SCIMServer\Http\Controllers\ResourceController@show')->name('scim.resource');
         Route::get("/{resourceType}", '\ArieTimmerman\Laravel\SCIMServer\Http\Controllers\ResourceController@index')->name('scim.resources');
-
+        Route::post("/{resourceType}/.search", '\ArieTimmerman\Laravel\SCIMServer\Http\Controllers\ResourceController@search');
         Route::post("/{resourceType}", '\ArieTimmerman\Laravel\SCIMServer\Http\Controllers\ResourceController@create');
 
         Route::put("/{resourceType}/{resourceObject}", '\ArieTimmerman\Laravel\SCIMServer\Http\Controllers\ResourceController@replace');
diff --git a/tests/BasicTest.php b/tests/BasicTest.php
@@ -56,6 +56,41 @@ public function testGetAttributes()
                 ]
             ]
         ]);
+
+        foreach ($response->json('Resources') as $resource) {
+            $this->assertArrayNotHasKey('emails', $resource['urn:ietf:params:scim:schemas:core:2.0:User']);
+        }
+    }
+
+    public function testGetAttributesSearch()
+    {
+        $response = $this->postJson(
+            '/scim/v2/Users/.search',
+            [
+                'schemas' => ['urn:ietf:params:scim:api:messages:2.0:SearchRequest'],
+                'attributes' => [
+                    'userName',
+                    'name.formatted',
+                    'groups'
+                ]
+            ]
+        );
+
+        $response->assertStatus(200);
+        $response->assertJsonCount(10, 'Resources');
+        $response->assertJsonStructure([
+            'Resources' => [
+                '*' => [
+                    'urn:ietf:params:scim:schemas:core:2.0:User' => [
+                        'userName',
+                    ]
+                ]
+            ]
+        ]);
+
+        foreach ($response->json('Resources') as $resource) {
+            $this->assertArrayNotHasKey('emails', $resource['urn:ietf:params:scim:schemas:core:2.0:User']);
+        }
     }
 
     public function testGetGroupsAttribute()
@@ -180,6 +215,24 @@ public function testFilterByGroup()
         $response->assertStatus(200);
     }
 
+    public function testSearch()
+    {
+        // First get a username to search for
+        $response = $this->postJson('/scim/v2/Users/.search', [
+            'schemas' => ['urn:ietf:params:scim:api:messages:2.0:SearchRequest'],
+            "startIndex" => 30,
+            "count" => 1
+        ]);
+
+        $userName = $response->json('Resources')[0]['urn:ietf:params:scim:schemas:core:2.0:User']['userName'];
+
+        // Now search for this username
+        $response = $this->get('/scim/v2/Users?filter=userName eq "'.$userName.'"');
+        $response->assertStatus(200);
+
+        $this->assertEquals(1, count($response->json('Resources')));
+    }
+
     public function testGroupAssignment()
     {
         // First get a username to search for
