Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

scim: Upgrade scim2-filter-parser to 0.4.0 to fix case-sensitivity. 

userName lookups are supposed to be case-insensitive per the SCIM2 RFC
and this was fixed upstream in
https://github.com/15five/scim2-filter-parser/pull/31
and included in 0.4.0 release.
This commit is contained in:
Mateusz Mandera 2022-08-29 17:54:25 +02:00 committed by Tim Abbott
parent efee77b41f
commit 43107fcdc3
4 changed files with 34 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
requirements/dev.txt
View File

@ -1827,8 +1827,9 @@ s3transfer==0.6.0 \
--hash=sha256:06176b74f3a15f61f1b4f25a1fc29a4429040b7647133a463da8fa5bd28d5ecd \ --hash=sha256:06176b74f3a15f61f1b4f25a1fc29a4429040b7647133a463da8fa5bd28d5ecd \
--hash=sha256:2ed07d3866f523cc561bf4a00fc5535827981b117dd7876f036b0c1aca42c947 --hash=sha256:2ed07d3866f523cc561bf4a00fc5535827981b117dd7876f036b0c1aca42c947
# via boto3 # via boto3
scim2-filter-parser==0.3.9 \ scim2-filter-parser==0.4.0 \
--hash=sha256:10873af0dbe279acaaaf176b1506b3d2c2730bd74c02e8753acfa0515b8f0f70 --hash=sha256:7171e8cc4e110928bfdb83e5f0a19781d2d8b21f31e5905d92243c5067f2cf59 \
--hash=sha256:ca6e08c167a559d75081a044315c0dd34941c5d61d54aad04e9f6cefc1b929be
# via django-scim2 # via django-scim2
scrapy==2.6.2 \ scrapy==2.6.2 \
--hash=sha256:53528bcaf8c2c77aca359af11f349dec5dad98845a13d4c0bb9abd07f302298d \ --hash=sha256:53528bcaf8c2c77aca359af11f349dec5dad98845a13d4c0bb9abd07f302298d \

5
requirements/prod.txt
View File

@ -1253,8 +1253,9 @@ s3transfer==0.6.0 \
--hash=sha256:06176b74f3a15f61f1b4f25a1fc29a4429040b7647133a463da8fa5bd28d5ecd \ --hash=sha256:06176b74f3a15f61f1b4f25a1fc29a4429040b7647133a463da8fa5bd28d5ecd \
--hash=sha256:2ed07d3866f523cc561bf4a00fc5535827981b117dd7876f036b0c1aca42c947 --hash=sha256:2ed07d3866f523cc561bf4a00fc5535827981b117dd7876f036b0c1aca42c947
# via boto3 # via boto3
scim2-filter-parser==0.3.9 \ scim2-filter-parser==0.4.0 \
--hash=sha256:10873af0dbe279acaaaf176b1506b3d2c2730bd74c02e8753acfa0515b8f0f70 --hash=sha256:7171e8cc4e110928bfdb83e5f0a19781d2d8b21f31e5905d92243c5067f2cf59 \
--hash=sha256:ca6e08c167a559d75081a044315c0dd34941c5d61d54aad04e9f6cefc1b929be
# via django-scim2 # via django-scim2
sentry-sdk==1.9.0 \ sentry-sdk==1.9.0 \
--hash=sha256:60b13757d6344a94bf0ccb3c0a006c4de77daab09871b30fbbd05d5ec24e54fb \ --hash=sha256:60b13757d6344a94bf0ccb3c0a006c4de77daab09871b30fbbd05d5ec24e54fb \

2
version.py
View File

@ -48,4 +48,4 @@ API_FEATURE_LEVEL = 140
# historical commits sharing the same major version, in which case a # historical commits sharing the same major version, in which case a
# minor version bump suffices. # minor version bump suffices.
PROVISION_VERSION = (198, 1) PROVISION_VERSION = (199, 0)

27
zerver/tests/test_scim.py
View File

@ -170,6 +170,33 @@ class TestSCIMUser(SCIMTestCase):
self.assertEqual(output_data, expected_empty_results_response_schema) self.assertEqual(output_data, expected_empty_results_response_schema)
def test_get_basic_filter_by_username_case_insensitive(self) -> None:
"""
Verifies that the "userName eq XXXX" syntax is case-insensitive.
"""
hamlet = self.example_user("hamlet")
# The assumption for the test to make sense is that these two are not the same:
self.assertNotEqual(hamlet.delivery_email.upper(), hamlet.delivery_email)
expected_response_schema = {
"schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
"totalResults": 1,
"itemsPerPage": 50,
"startIndex": 1,
"Resources": [self.generate_user_schema(hamlet)],
}
result = self.client_get(
f'/scim/v2/Users?filter=userName eq "{hamlet.delivery_email.upper()}"',
{},
**self.scim_headers(),
)
self.assertEqual(result.status_code, 200)
output_data = orjson.loads(result.content)
self.assertEqual(output_data, expected_response_schema)
def test_get_all_with_pagination(self) -> None: def test_get_all_with_pagination(self) -> None:
realm = get_realm("zulip") realm = get_realm("zulip")