SCIM: Associate users to group on PUT/POST (#2139)

* associate users to group on PUT/POST * fix logic
2024-11-21 12:05:42 +01:00 · 2022-07-21 13:44:27 -04:00 · 2022-07-21 13:44:27 -04:00 · cf16be16c6
commit cf16be16c6
parent 378b54524f
2 changed files with 40 additions and 0 deletions
--- a/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs
+++ b/bitwarden_license/src/Scim/Controllers/v2/GroupsController.cs
@ -1,4 +1,5 @@
 using System.Text.Json;
+using Bit.Core.Entities;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
 using Bit.Scim.Context;
@ -126,6 +127,7 @@ namespace Bit.Scim.Controllers.v2

            var group = model.ToGroup(organizationId);
            await _groupService.SaveAsync(group, null);
+            await UpdateGroupMembersAsync(group, model, true);
            var response = new ScimGroupResponseModel(group);
            return new CreatedResult(Url.Action(nameof(Get), new { group.OrganizationId, group.Id }), response);
        }
@ -145,6 +147,7 @@ namespace Bit.Scim.Controllers.v2

            group.Name = model.DisplayName;
            await _groupService.SaveAsync(group);
+            await UpdateGroupMembersAsync(group, model, false);
            return new ObjectResult(new ScimGroupResponseModel(group));
        }

@ -295,5 +298,34 @@ namespace Bit.Scim.Controllers.v2
            }
            return null;
        }
+
+        private async Task UpdateGroupMembersAsync(Group group, ScimGroupRequestModel model, bool skipIfEmpty)
+        {
+            if (_scimContext.RequestScimProvider != Core.Enums.ScimProviderType.Okta)
+            {
+                return;
+            }
+
+            if (model.Members == null)
+            {
+                return;
+            }
+
+            var memberIds = new List<Guid>();
+            foreach (var id in model.Members.Select(i => i.Value))
+            {
+                if (Guid.TryParse(id, out var guidId))
+                {
+                    memberIds.Add(guidId);
+                }
+            }
+
+            if (!memberIds.Any() && skipIfEmpty)
+            {
+                return;
+            }
+
+            await _groupRepository.UpdateUsersAsync(group.Id, memberIds);
+        }
    }
 }
--- a/bitwarden_license/src/Scim/Models/ScimGroupRequestModel.cs
+++ b/bitwarden_license/src/Scim/Models/ScimGroupRequestModel.cs
@ -19,5 +19,13 @@ namespace Bit.Scim.Models
                OrganizationId = organizationId
            };
        }
+
+        public List<GroupMembersModel> Members { get; set; }
+
+        public class GroupMembersModel
+        {
+            public string Value { get; set; }
+            public string Display { get; set; }
+        }
    }
 }