Hi Ishara, While looking at patch operation for Users, I have encountered following issues.
Use-Case 01 : changing a User's primary email Issue : Currently there is no way to specify User's primary email (even thought we can set as "primary":true cannot retrieve) Use-Case 02 : changing a User's address Issue : Are we supporting adding an address for a User Use-Case 03 : remove a User's nickname Issue : Can we send meta information in SCIM request. Use-Case 04 : Remove a complex Sub-Attribute and an extended schema attribute Issue : Can we send meta information in SCIM request. Can you please add your suggestion ? On Sun, Jul 13, 2014 at 11:53 PM, Ishara Karunarathna <[email protected]> wrote: > Hi Johan, > > > > On Sun, Jul 13, 2014 at 4:20 AM, Johann Nallathamby <[email protected]> > wrote: > >> Hi Ishara/Darshana, >> >> How does this compare with the new provisioning configurations we provide >> through UI in IS 5.0? >> >> Currently we have capability for service providers to configure which >> user store they want the users/groups to be provisioned to in Service >> Provider UI under inbound provisioning configurations. The same thing is >> also there in the Resident Service Provider configurations. In both places >> we can skip selecting a user store which is effectively dumb mode. In that >> case how should this work with the file based configurations? >> >> If we haven't thought about it my idea is, >> >> 1. If configuration says dumb mode then no service provider should be >> able to provision to any user store (its a global config that needs to be >> honoured, we might need to lock the option in the UI). >> > Current implementation this works in this way. what we have to do is lock > the SCIM provisioning. > > >> 2. If configuration says non-dumb mode, then service providers can >> selectively provision to user stores according to their preference (even >> can do dumb mode by not selecting user store in inbound provisioning UI). >> > In this case if no user store is selected, users can be provisioned to any > user store, if its selected users will be provisioned only to that user > store . > > This is how it works. > @Darshana Please add if something missing. > > Thanks, > -Ishara > >> >> Thoughts? >> >> Thanks, >> Johann. >> >> >> On Fri, Jul 11, 2014 at 6:58 PM, Ishara Karunarathna <[email protected]> >> wrote: >> >>> Hi Gayan, >>> >>> >>> On Fri, Jul 11, 2014 at 1:15 AM, Gayan Gunawardana <[email protected]> >>> wrote: >>> >>>> Hi Ishara, >>>> >>>> Could you please elaborate more about dump mode in SCIMUserManager and >>>> how the changes should be reflected to dump mode. >>>> >>> In dumb mode IS which is configured in dumb mode will act as a >>> provisioning hub only. It wont store Users or Roles in its user store. >>> It will re provision these resources to configures SCIM service >>> providers. >>> >>> You will configure this in provisioning-config.xml configuration file. >>> [IS_Home]/repository/conf/ >>> >>> Thanks, >>> -Ishara >>> >>> >>>> Thanks, >>>> Gayan >>>> >>>> >>>> On Thu, Jul 10, 2014 at 9:20 AM, Gayan Gunawardana <[email protected]> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> There are around 10 use-cases under [1] here *3.2.2 Modifying with >>>>> patch*. I have already done first use-case and working on other >>>>> use-cases as well. >>>>> >>>>> [1] >>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>> >>>>> >>>>> >>>>> On Wed, Jul 9, 2014 at 11:20 PM, Johann Nallathamby <[email protected]> >>>>> wrote: >>>>> >>>>>> +1. This is a valuable addition to IS. >>>>>> >>>>>> >>>>>> On Wed, Jul 9, 2014 at 11:44 AM, Ishara Karunarathna < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi Gayan, >>>>>>> >>>>>>> >>>>>>> On Tue, Jul 8, 2014 at 10:39 PM, Gayan Gunawardana <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi Ishara, >>>>>>>> >>>>>>>> Thanks for the information. >>>>>>>> >>>>>>>> Are we going to support all use-cases according to [1] ? >>>>>>>> >>>>>>>> >>>>>>> Under User and Group resources mainly we have to implement Patch >>>>>>> operation and >>>>>>> there are some improvement in listing and filtering. >>>>>>> >>>>>>> I think its better to start with implementing with PATCH operation. >>>>>>> >>>>>>> >>>>>>>> [1] >>>>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Jul 9, 2014 at 10:39 AM, Ishara Karunarathna < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi Gayan, >>>>>>>>> >>>>>>>>> >>>>>>>>> On Tue, Jul 8, 2014 at 9:32 PM, Gayan Gunawardana <[email protected]> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Hi All, >>>>>>>>>> >>>>>>>>>> Currently WSO2 Identity Server does not support PATCH method for >>>>>>>>>> SCIM end points. >>>>>>>>>> >>>>>>>>>> The major limitation came up with that is in order to add single >>>>>>>>>> user into a group, new user has to be sent with all existing users. >>>>>>>>>> >>>>>>>>>> Above requirement can be archived by adding PATCH method support >>>>>>>>>> for JAX-RS implementation and doing mirror changes to update group >>>>>>>>>> operation. >>>>>>>>>> >>>>>>>>> Yes patch is not only for add users to group and it is more useful >>>>>>>>> than that. >>>>>>>>> >>>>>>>>>> >>>>>>>>>> But according to the spec [1] PATCH method has many powerful >>>>>>>>>> features like selectively sending added users and deleted users. >>>>>>>>>> >>>>>>>>> Here you are pointing to the the wrong draft API which is not >>>>>>>>> finalized yet and still its PATCH operation is under discussion. At >>>>>>>>> the >>>>>>>>> moment >>>>>>>>> WSO2IS support for SCIM draft API 1.1, So I think its better to >>>>>>>>> support PATCH operation in draft API 1.1 [1] Until we support for next >>>>>>>>> version. >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> -Ishara >>>>>>>>> >>>>>>>>> [1] >>>>>>>>> http://www.simplecloud.info/specs/draft-scim-api-01.html#edit-resource-with-patch >>>>>>>>> >>>>>>>>> and still WSO2 IS support for draft API 1.1. So you w >>>>>>>>> Yes patch is not only for add users to group and it is more useful >>>>>>>>> than that. >>>>>>>>> >>>>>>>>>> >>>>>>>>>> Example >>>>>>>>>> >>>>>>>>>> PATCH /Groups/acbf3ae7-8463-4692-b4fd-9b4da3f908ce >>>>>>>>>> >>>>>>>>>> { >>>>>>>>>> "schemas": ["urn:scim:schemas:core:2.0:Group"], >>>>>>>>>> "members": [ >>>>>>>>>> { >>>>>>>>>> "display": "Babs Jensen", >>>>>>>>>> "$ref": >>>>>>>>>> "https://example.com/v1/Users/2819c223-7f76-453a-919d-413861904646";, >>>>>>>>>> "value": "2819c223-7f76-453a-919d-413861904646" >>>>>>>>>> "operation": "delete" >>>>>>>>>> }, >>>>>>>>>> { >>>>>>>>>> "display": "James Smith", >>>>>>>>>> "$ref": >>>>>>>>>> "https://example.com/v1/Users/08e1d05d-121c-4561-8b96-473d93df9210";, >>>>>>>>>> "value": "08e1d05d-121c-4561-8b96-473d93df9210" >>>>>>>>>> } >>>>>>>>>> ] >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> Current charon [2] implementation does not decode single member >>>>>>>>>> into member object and rather it sends members id as a String array >>>>>>>>>> list or >>>>>>>>>> members display name as a String array list. This is a kind of major >>>>>>>>>> bottleneck to implement selective delete operation. >>>>>>>>>> >>>>>>>>>> Are we going to scope PATCH implementation? >>>>>>>>>> >>>>>>>>>> WDYT? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> [1] >>>>>>>>>> http://tools.ietf.org/html/draft-ietf-scim-api-02#section-3.3.2 >>>>>>>>>> >>>>>>>>>> [2] https://docs.wso2.com/display/IS500/Working+with+SCIM >>>>>>>>>> -- >>>>>>>>>> Gayan Gunawardana >>>>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>>>> Email: [email protected] >>>>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Ishara Karunarathna >>>>>>>>> Senior Software Engineer >>>>>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>>>>> >>>>>>>>> email: [email protected], blog: isharaaruna.blogspot.com, >>>>>>>>> mobile: +94 718211678 >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Gayan Gunawardana >>>>>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>>>> Email: [email protected] >>>>>>>> Mobile: +94 (71) 8020933 >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Ishara Karunarathna >>>>>>> Senior Software Engineer >>>>>>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>>>>>> >>>>>>> email: [email protected], blog: isharaaruna.blogspot.com, >>>>>>> mobile: +94 718211678 >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks & Regards, >>>>>> >>>>>> *Johann Dilantha Nallathamby* >>>>>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>>>>> Integration Technologies Team >>>>>> WSO2, Inc. >>>>>> lean.enterprise.middleware >>>>>> >>>>>> Mobile - *+94777776950* >>>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Gayan Gunawardana >>>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>> Email: [email protected] >>>>> Mobile: +94 (71) 8020933 >>>>> >>>> >>>> >>>> >>>> -- >>>> Gayan Gunawardana >>>> Software Engineer; WSO2 Inc.; http://wso2.com/ >>>> Email: [email protected] >>>> Mobile: +94 (71) 8020933 >>>> >>> >>> >>> >>> -- >>> Ishara Karunarathna >>> Senior Software Engineer >>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>> >>> email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 >>> 718211678 >>> >> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Associate Technical Lead & Product Lead of WSO2 Identity Server >> Integration Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> > > > > -- > Ishara Karunarathna > Senior Software Engineer > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: +94 > 718211678 > -- Gayan Gunawardana Software Engineer; WSO2 Inc.; http://wso2.com/ Email: [email protected] Mobile: +94 (71) 8020933
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
