add transform

aserto-dev · florindragos · May 7, 2024 · Jun 13, 2024 · Jun 14, 2024 · Jun 26, 2024
commit d49d0deb24b5559f8d0a1d56efd8749e548073bc
diff --git a/go.mod b/go.mod
@@ -2,41 +2,46 @@ module github.com/aserto-dev/scim
 
 go 1.22
 
+// replace github.com/aserto-dev/ds-load/sdk => ../ds-load/sdk
+
 require (
 	github.com/aserto-dev/certs v0.0.5
-	github.com/aserto-dev/errors v0.0.6
+	github.com/aserto-dev/ds-load/sdk v0.0.0-20240513161945-bc0e942cc34c
+	github.com/aserto-dev/errors v0.0.7
 	github.com/aserto-dev/go-aserto v0.30.0
-	github.com/aserto-dev/go-directory v0.30.5
+	github.com/aserto-dev/go-directory v0.31.3
 	github.com/aserto-dev/logger v0.0.4
 	github.com/elimity-com/scim v0.0.0-20240320110924-172bf2aee9c8
 	github.com/magefile/mage v1.15.0
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/pkg/errors v0.9.1
-	github.com/rs/zerolog v1.31.0
+	github.com/rs/zerolog v1.32.0
 	github.com/scim2/filter-parser/v2 v2.2.0
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/viper v1.18.0
-	google.golang.org/protobuf v1.31.0
+	google.golang.org/protobuf v1.33.1-0.20240408130810-98873a205002
 )
 
 require (
-	buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.31.0-20231106192134-1baebb0a1518.2 // indirect
+	buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.33.0-20240401165935-b983156c5e99.1 // indirect
 	github.com/aserto-dev/header v0.0.4 // indirect
 	github.com/di-wu/parser v0.3.0 // indirect
 	github.com/di-wu/xsd-datetime v1.0.0 // indirect
+	github.com/dongri/phonenumber v0.1.2 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/uuid v1.4.0 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.1 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
+	github.com/samber/lo v1.39.0 // indirect
 	github.com/sirupsen/logrus v1.9.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.11.0 // indirect
@@ -45,14 +50,14 @@ require (
 	github.com/subosito/gotenv v1.6.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
-	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
-	golang.org/x/net v0.19.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect
+	golang.org/x/net v0.24.0 // indirect
+	golang.org/x/sys v0.19.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f // indirect
-	google.golang.org/grpc v1.59.0 // indirect
+	google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240415151819-79826c84ba32 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240415151819-79826c84ba32 // indirect
+	google.golang.org/grpc v1.63.2 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
diff --git a/pkg/app/handlers/groups/create.go b/pkg/app/handlers/groups/create.go
@@ -3,37 +3,110 @@ package groups
 import (
 	"net/http"
 
+	cerr "github.com/aserto-dev/errors"
 	dsw "github.com/aserto-dev/go-directory/aserto/directory/writer/v3"
+	"github.com/aserto-dev/go-directory/pkg/derr"
 	"github.com/aserto-dev/scim/pkg/common"
 	"github.com/elimity-com/scim"
 	serrors "github.com/elimity-com/scim/errors"
+	"github.com/pkg/errors"
 )
 
 func (u GroupResourceHandler) Create(r *http.Request, attributes scim.ResourceAttributes) (scim.Resource, error) {
-	object, err := common.ResourceAttributesToObject(attributes, u.cfg.SCIM.GroupObjectType, attributes["displayName"].(string))
+	group, err := common.ResourceAttributesToGroup(attributes)
 	if err != nil {
 		return scim.Resource{}, serrors.ScimErrorInvalidSyntax
 	}
 
-	resp, err := u.dirClient.Writer.SetObject(r.Context(), &dsw.SetObjectRequest{
+	var result scim.Resource
+	dirClient, err := u.getDirectoryClient(r)
+	if err != nil {
+		u.logger.Error().Err(err).Msg("failed to get directory client")
+		return scim.Resource{}, serrors.ScimErrorInternal
+	}
+	scimConfig, err := dirClient.GetTransformConfig(r.Context())
+	if err != nil {
+		return scim.Resource{}, err
+	}
+
+	// converter := common.NewConverter(scimConfig)
+
+	object, err := u.converter.SCIMGroupToObject(group)
+	if err != nil {
+		u.logger.Error().Err(err).Msg("failed to convert group to object")
+		return scim.Resource{}, serrors.ScimErrorInvalidSyntax
+	}
+
+	sourceGroupResp, err := dirClient.Writer.SetObject(r.Context(), &dsw.SetObjectRequest{
 		Object: object,
 	})
 	if err != nil {
 		return scim.Resource{}, err
 	}
 
-	err = u.setGroupMappings(r.Context(), resp.Result.Id)
+	groupMap, err := common.ProtobufStructToMap(sourceGroupResp.Result.Properties)
 	if err != nil {
+		if errors.Is(cerr.UnwrapAsertoError(err), derr.ErrAlreadyExists) {
+			return scim.Resource{}, serrors.ScimErrorUniqueness
+		}
 		return scim.Resource{}, err
 	}
 
-	createdAt := resp.Result.CreatedAt.AsTime()
-	updatedAt := resp.Result.UpdatedAt.AsTime()
-	resource := common.ObjectToResource(resp.Result, scim.Meta{
+	transformResult, err := common.TransformResource(groupMap, scimConfig)
+	if err != nil {
+		u.logger.Error().Err(err).Msg("failed to transform group")
+		return scim.Resource{}, serrors.ScimErrorInvalidSyntax
+	}
+
+	for _, object := range transformResult.Objects {
+		_, err := dirClient.Writer.SetObject(r.Context(), &dsw.SetObjectRequest{
+			Object: object,
+		})
+		if err != nil {
+			if errors.Is(cerr.UnwrapAsertoError(err), derr.ErrAlreadyExists) {
+				return scim.Resource{}, serrors.ScimErrorUniqueness
+			}
+			return scim.Resource{}, err
+		}
+
+		// _, err = dirClient.Writer.SetRelation(r.Context(), &dsw.SetRelationRequest{
+		// 	Relation: &dsc.Relation{
+		// 		ObjectType:  resp.Result.Type,
+		// 		ObjectId:    resp.Result.Id,
+		// 		Relation:    u.cfg.SCIM.Transform.SourceRelation,
+		// 		SubjectType: u.cfg.SCIM.Transform.SourceGroupType,
+		// 		SubjectId:   sourceGroupResp.Result.Id,
+		// 	},
+		// })
+
+		// if err != nil {
+		// 	return scim.Resource{}, err
+		// }
+
+		// if object.Type == u.cfg.SCIM.Transform.GroupObjectType {
+		// 	err = u.setGroupMappings(r.Context(), dirClient, resp.Result.Id)
+		// 	if err != nil {
+		// 		return scim.Resource{}, err
+		// 	}
+		// }
+	}
+
+	for _, relation := range transformResult.Relations {
+		_, err := dirClient.Writer.SetRelation(r.Context(), &dsw.SetRelationRequest{
+			Relation: relation,
+		})
+		if err != nil {
+			return scim.Resource{}, err
+		}
+	}
+
+	createdAt := sourceGroupResp.Result.CreatedAt.AsTime()
+	updatedAt := sourceGroupResp.Result.UpdatedAt.AsTime()
+	result = u.converter.ObjectToResource(sourceGroupResp.Result, scim.Meta{
 		Created:      &createdAt,
 		LastModified: &updatedAt,
-		Version:      resp.Result.Etag,
+		Version:      sourceGroupResp.Result.Etag,
 	})
 
-	return resource, nil
+	return result, nil
 }
diff --git a/pkg/app/handlers/groups/delete.go b/pkg/app/handlers/groups/delete.go
@@ -4,15 +4,50 @@ import (
 	"net/http"
 
 	cerr "github.com/aserto-dev/errors"
+	dsr "github.com/aserto-dev/go-directory/aserto/directory/reader/v3"
 	dsw "github.com/aserto-dev/go-directory/aserto/directory/writer/v3"
 	"github.com/aserto-dev/go-directory/pkg/derr"
 	serrors "github.com/elimity-com/scim/errors"
 	"github.com/pkg/errors"
 )
 
 func (u GroupResourceHandler) Delete(r *http.Request, id string) error {
-	_, err := u.dirClient.Writer.DeleteObject(r.Context(), &dsw.DeleteObjectRequest{
-		ObjectType:    u.cfg.SCIM.GroupObjectType,
+	dirClient, err := u.getDirectoryClient(r)
+	if err != nil {
+		u.logger.Error().Err(err).Msg("failed to get directory client")
+		return serrors.ScimErrorInternal
+	}
+
+	scimConfig, err := dirClient.GetTransformConfig(r.Context())
+	if err != nil {
+		return err
+	}
+
+	relations, err := dirClient.Reader.GetRelations(r.Context(), &dsr.GetRelationsRequest{
+		SubjectType: scimConfig.GroupObjectType,
+		SubjectId:   id,
+		Relation:    scimConfig.SourceRelation,
+	})
+	if err != nil {
+		if errors.Is(cerr.UnwrapAsertoError(err), derr.ErrObjectNotFound) {
+			return serrors.ScimErrorResourceNotFound(id)
+		}
+		return err
+	}
+
+	for _, v := range relations.Results {
+		_, err = dirClient.Writer.DeleteObject(r.Context(), &dsw.DeleteObjectRequest{
+			ObjectId:      v.ObjectId,
+			ObjectType:    v.ObjectType,
+			WithRelations: true,
+		})
+		if err != nil {
+			return err
+		}
+	}
+
+	_, err = dirClient.Writer.DeleteObject(r.Context(), &dsw.DeleteObjectRequest{
+		ObjectType:    scimConfig.GroupObjectType,
 		ObjectId:      id,
 		WithRelations: true,
 	})

diff --git a/pkg/app/handlers/groups/get.go b/pkg/app/handlers/groups/get.go
@@ -5,13 +5,24 @@ import (
 
 	dsc "github.com/aserto-dev/go-directory/aserto/directory/common/v3"
 	dsr "github.com/aserto-dev/go-directory/aserto/directory/reader/v3"
-	"github.com/aserto-dev/scim/pkg/common"
 	"github.com/elimity-com/scim"
+	serrors "github.com/elimity-com/scim/errors"
 )
 
 func (u GroupResourceHandler) Get(r *http.Request, id string) (scim.Resource, error) {
-	resp, err := u.dirClient.Reader.GetObject(r.Context(), &dsr.GetObjectRequest{
-		ObjectType:    u.cfg.SCIM.GroupObjectType,
+	dirClient, err := u.getDirectoryClient(r)
+	if err != nil {
+		u.logger.Error().Err(err).Msg("failed to get directory client")
+		return scim.Resource{}, serrors.ScimErrorInternal
+	}
+
+	scimConfig, err := dirClient.GetTransformConfig(r.Context())
+	if err != nil {
+		return scim.Resource{}, err
+	}
+
+	resp, err := dirClient.Reader.GetObject(r.Context(), &dsr.GetObjectRequest{
+		ObjectType:    scimConfig.GroupObjectType,
 		ObjectId:      id,
 		WithRelations: true,
 	})
@@ -21,7 +32,7 @@ func (u GroupResourceHandler) Get(r *http.Request, id string) (scim.Resource, er
 
 	createdAt := resp.Result.CreatedAt.AsTime()
 	updatedAt := resp.Result.UpdatedAt.AsTime()
-	resource := common.ObjectToResource(resp.Result, scim.Meta{
+	resource := u.converter.ObjectToResource(resp.Result, scim.Meta{
 		Created:      &createdAt,
 		LastModified: &updatedAt,
 		Version:      resp.Result.Etag,
@@ -35,8 +46,19 @@ func (u GroupResourceHandler) GetAll(r *http.Request, params scim.ListRequestPar
 		resources = make([]scim.Resource, 0)
 	)
 
-	resp, err := u.dirClient.Reader.GetObjects(r.Context(), &dsr.GetObjectsRequest{
-		ObjectType: u.cfg.SCIM.GroupObjectType,
+	dirClient, err := u.getDirectoryClient(r)
+	if err != nil {
+		u.logger.Error().Err(err).Msg("failed to get directory client")
+		return scim.Page{}, serrors.ScimErrorInternal
+	}
+
+	scimConfig, err := dirClient.GetTransformConfig(r.Context())
+	if err != nil {
+		return scim.Page{}, err
+	}
+
+	resp, err := dirClient.Reader.GetObjects(r.Context(), &dsr.GetObjectsRequest{
+		ObjectType: scimConfig.GroupObjectType,
 		Page: &dsc.PaginationRequest{
 			Size: int32(params.Count),
 		},
@@ -48,7 +70,7 @@ func (u GroupResourceHandler) GetAll(r *http.Request, params scim.ListRequestPar
 	for _, v := range resp.Results {
 		createdAt := v.CreatedAt.AsTime()
 		updatedAt := v.UpdatedAt.AsTime()
-		resource := common.ObjectToResource(v, scim.Meta{
+		resource := u.converter.ObjectToResource(v, scim.Meta{
 			Created:      &createdAt,
 			LastModified: &updatedAt,
 			Version:      v.Etag,