Skip to content

Commit

Permalink
...
Browse files Browse the repository at this point in the history
  • Loading branch information
@fisx
fisx committed Jul 15, 2020
1 parent f7ae91d commit c378d02
Showing 1 changed file with 8 additions and 18 deletions.
26 changes: 8 additions & 18 deletions services/spar/src/Spar/Scim/User.hs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ import Crypto.Hash
import Data.Aeson as Aeson
import Data.Handle (Handle (Handle), parseHandle)
import Data.Id
import Data.Misc ((<$$>))
import Data.Range
import Data.String.Conversions
import qualified Data.Text as Text
Expand Down Expand Up @@ -104,10 +105,8 @@ instance Scim.UserDB SparTag Spar where
-- soon anyway. Please scream loudly in the review if you disagree with this,
-- but it would complicate this code a bit, instead of leaving it as is.
members <- lift $ Galley.getTeamMembers stiTeam
brigusers :: [User] <-
scimusers :: [Scim.StoredUser SparTag] <- synthesizeScimStoredUser <$$> do
lift (Brig.getBrigUsers ((^. Galley.userId) <$> members))
scimusers :: [Scim.StoredUser SparTag] <-
lift . wrapMonadClient . Data.getScimUsers $ BrigTypes.userId <$> brigusers
pure $ Scim.fromList scimusers
getUsers ScimTokenInfo {stiTeam, stiIdP} (Just filter') = do
idp <- stiIdP ?? Scim.serverError "No IdP configured for the provisioning token"
Expand Down Expand Up @@ -138,18 +137,12 @@ instance Scim.UserDB SparTag Spar where
brigUser <- getBrigUser' uid
team' <- getUserTeam' brigUser
guard $ stiTeam == team'
-- TODO: this is a consitency bug. If people change things in brig this
-- wont be reflected here. Fix: Get rid of the scim table and just
-- always call synthesizeUser on whatever data we get from brig.
-- pure $ synthesizeScimUser brigUser
-- [see also](https://github.com/zinfra/backend-issues/issues/1006)
getScimUser' uid
pure $ synthesizeScimStoredUser brigUser
maybe (throwError . Scim.notFound "User" $ idToText uid) pure user
where
-- pretty wrappers; should use some MTL instances to get rid of lifts
getBrigUser' = MaybeT . lift . Brig.getBrigUser
getUserTeam' = MaybeT . pure . userTeam
getScimUser' = MaybeT . lift . wrapMonadClient . Data.getScimUser
postUser ::
ScimTokenInfo ->
Scim.User SparTag ->
Expand Down Expand Up @@ -360,7 +353,6 @@ createValidScimUser tokinfo vsu@(ValidScimUser uref handl mbName richInfo active
-- If we crash now, same as above, but the PATCH will only contain externalId

-- FUTUREWORK(arianvp): these two actions we probably want to make transactional
lift . wrapMonadClient $ Data.insertScimUser buid storedUser
lift . wrapMonadClient $ Data.insertSAMLUser uref buid

lift $ validateEmailIfExists buid uref
Expand Down Expand Up @@ -451,7 +443,6 @@ updateValidScimUser tokinfo uid newScimUser = do

-- store new user value to scim_user table (spar). (this must happen last, so in case
-- of crash the client can repeat the operation and it won't be considered a noop.)
lift . wrapMonadClient $ Data.insertScimUser uid newScimStoredUser
pure newScimStoredUser

toScimStoredUser ::
Expand Down Expand Up @@ -542,7 +533,6 @@ deleteScimUser ScimTokenInfo {stiTeam} uid = do
$ BrigTypes.userSSOId brigUser
uref <- either logThenServerError pure $ Brig.fromUserSSOId ssoId
lift . wrapMonadClient $ Data.deleteSAMLUser uref
lift . wrapMonadClient $ Data.deleteScimUser uid
lift $ Brig.deleteBrigUser uid
return ()
where
Expand Down Expand Up @@ -610,6 +600,9 @@ assertHandleNotUsedElsewhere hndl uid = do
unless ((userHandle =<< musr) == Just hndl) $
assertHandleUnused' "userName does not match UserId" hndl uid

synthesizeScimStoredUser :: User -> Scim.StoredUser SparTag
synthesizeScimStoredUser = undefined

synthesizeScimUser :: ValidScimUser -> Scim.User SparTag
synthesizeScimUser info =
let Handle userName = info ^. vsuHandle
Expand All @@ -628,7 +621,7 @@ getOrCreateScimUser :: TeamId -> BrigTypes.User -> MaybeT (Scim.ScimHandler Spar
getOrCreateScimUser stiTeam brigUser = do
team <- getUserTeam' brigUser
guard $ stiTeam == team
getScimUser' (BrigTypes.userId brigUser) <|> createScimUser' brigUser
error "getScimUser' (BrigTypes.userId brigUser)" <|> createScimUser' brigUser
where
createScimUser' brigUser' = do
let uid = BrigTypes.userId brigUser'
Expand All @@ -645,12 +638,10 @@ getOrCreateScimUser stiTeam brigUser = do
toSAMLIdentity' ssoIdentity'
setManagedBy' uid ManagedByScim
let validScimUser = ValidScimUser samlIdentity handle (Just name) richInfo (Just isActive)
let user = synthesizeScimUser validScimUser
let user = error "call synthesizeScimStoredUser here, and avoid constructing validScimUser" $ synthesizeScimUser validScimUser
storedUser <- toScimStoredUser'' uid user
insertScimUser' uid storedUser
pure storedUser
-- All this is boilerplate that can go away if we have the correct MTL instances I think? :)
getScimUser' = MaybeT . lift . wrapMonadClient . Data.getScimUser
getUserTeam' = MaybeT . pure . userTeam
getUserHandle' = MaybeT . pure . userHandle
setManagedBy' uid = lift . lift . Brig.setBrigUserManagedBy uid
Expand All @@ -661,7 +652,6 @@ getOrCreateScimUser stiTeam brigUser = do
where
err = const . throwError $ Scim.badRequest Scim.InvalidFilter (Just "Invalid externalId")
toScimStoredUser'' uid = lift . lift . toScimStoredUser uid
insertScimUser' uid = lift . lift . wrapMonadClient . Data.insertScimUser uid

{- TODO: might be useful later.
~~~~~~~~~~~~~~~~~~~~~~~~~
Expand Down

0 comments on commit c378d02

Please sign in to comment.