providers/SCIM: patch group name (#5564)

* providers/scim: patch name when group put fails Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-raise ResourceMissing in group update to trigger recreation Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 12:29:39 +02:00 · 2023-05-10 12:29:39 +02:00 · 1c04dc0986
parent 639a5c429c
commit 1c04dc0986
1 changed files with 23 additions and 10 deletions
--- a/authentik/providers/scim/clients/group.py
+++ b/authentik/providers/scim/clients/group.py
@ -117,20 +117,25 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
                    exclude_unset=True,
                ),
            )
+        except ResourceMissing:
+            # Resource missing is handled by self.write, which will re-create the group
+            raise
        except SCIMRequestException:
            # Some providers don't support PUT on groups, so this is mainly a fix for the initial
            # sync, send patch add requests for all the users the group currently has
-            # TODO: send patch request for group name
            users = list(group.users.order_by("id").values_list("id", flat=True))
-            return self._patch_add_users(group, users)
-
-    def _patch(
-        self,
-        group_id: str,
-        *ops: PatchOperation,
-    ):
-        req = PatchRequest(Operations=ops)
-        self._request("PATCH", f"/Groups/{group_id}", data=req.json())
+            self._patch_add_users(group, users)
+            # Also update the group name
+            return self._patch(
+                scim_group.id,
+                PatchOperation(
+                    op=PatchOp.replace,
+                    value={
+                        "id": connection.id,
+                        "displayName": group.name,
+                    },
+                ),
+            )

    def update_group(self, group: Group, action: PatchOp, users_set: set[int]):
        """Update a group, either using PUT to replace it or PATCH if supported"""
@ -151,6 +156,14 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
                    return self._patch_remove_users(group, users_set)
            raise exc

+    def _patch(
+        self,
+        group_id: str,
+        *ops: PatchOperation,
+    ):
+        req = PatchRequest(Operations=ops)
+        self._request("PATCH", f"/Groups/{group_id}", data=req.json())
+
    def _patch_add_users(self, group: Group, users_set: set[int]):
        """Add users in users_set to group"""
        if len(users_set) < 1: