-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: parse scim query filters #3408
Conversation
9895fea
to
beaacef
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice! This definitely looks like the most complicated part of the SCIM API so far.
I took a quick look at the scim2/filter-parser
. The test coverage looks a little light, so we should make sure we have good coverage for the main cases we care about.
Do the identity providers document which filters they use, or are we kind of forced to support the entire spec?
I think the approach you've taken here to translate the expression into SQL should work well. I left some comments for making it more resilient to injection attacks (and also appease the querylinter at the same time).
a00610f
to
12a12f6
Compare
They don't document the filters super clearly, the most common one seems to be the "email eq x" filter to see if a user exists yet. Many other inbound scim implementations dont implement all filters though, so this seems like a good base. |
- pass query to filter builder - use switches to map supported fields
3e3d08f
to
d80d70c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! One suggestion for removing the pointer to interface
Summary
Parse SCIM query filters into SQL.
Branched from #3405
Checklist
Related Issues
Part of #3378