SimpleIdServer icon indicating copy to clipboard operation
SimpleIdServer copied to clipboard
verified publisher icon simpleidserver

[SCIM] delete a group with a member

Open danflomin opened this issue 2 years ago • 4 comments

Hello, how are you?

I noticed that when you DELETE a group that already has a member in it, GET on the user still shows that he is a member of the group but as an "indirect" membership.

Can you reproduce this as well?

Kind regards Dan

danflomin avatar Feb 18 '24 14:02 danflomin

I think it happens in DeleteRepresentationCommandHandler.cs in

await _scimRepresentationCommandRepository.BulkInsert(reference.AddedRepresentationAttributes).ConfigureAwait(false);

For some reason the same attributes that are removed are also added. Should we just remove this line?

danflomin avatar Feb 18 '24 14:02 danflomin

Hello,

I have verified on my local machine, and the HTTP DELETE request is functioning correctly for all the scenarios outlined below:

First scenario

  1. create a group G1.with one user in it.
  2. create a user U1.
  3. Assign the user to the group.
  4. Remove the group.

Result : the groups property of the user is removed.

Second scenario

  1. Create a group G1.
  2. Create a group G2.
  3. Create a user U1.
  4. Assign the group G1 to the group G2.
  5. Assign the user to the group G1.
  6. Remove the group G1.

Result : the groups property of the user is removed.

Could you please provide more details and explain how to reproduce this problem? :)

The portion of code you mentioned in your comment is not needed and can be commented out. Normally, the reference.AddedRepresentationAttribute list, must always be empty.

simpleidserver avatar Feb 18 '24 19:02 simpleidserver

Hello

I might have made a local change that caused it, I will double check.

If the line is not needed, can we remove it from the open source to avoid any future issues with it?

Kind regards Dan

On Sun, Feb 18, 2024, 21:50 SimpleIdServer @.***> wrote:

Hello,

I have verified on my local machine, and the HTTP DELETE request is functioning correctly for all the scenarios outlined below: First scenario

  1. create a group G1.with one user in it.
  2. create a user U1.
  3. Assign the user to the group.
  4. Remove the group.

Result : the groups property of the user is removed. Second scenario

  1. Create a group G1.
  2. Create a group G2.
  3. Create a user U1.
  4. Assign the group G1 to the group G2.
  5. Assign the user to the group G1.
  6. Remove the group G1.

Result : the groups property of the user is removed.

Could you please provide more details and explain how to reproduce this problem? :)

The portion of code you mentioned in your comment is not needed and can be commented out. Normally, the reference.AddedRepresentationAttribute list, must always be empty.

— Reply to this email directly, view it on GitHub https://github.com/simpleidserver/SimpleIdServer/issues/698#issuecomment-1951427629, or unsubscribe https://github.com/notifications/unsubscribe-auth/AIB5S7I7HP2JBSPKGSMC5YLYUJLO7AVCNFSM6AAAAABDOGHFYCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNJRGQZDONRSHE . You are receiving this because you authored the thread.Message ID: @.***>

danflomin avatar Feb 18 '24 19:02 danflomin

Okay, of course :) I'll comment the code in the 'master' branch.

simpleidserver avatar Feb 18 '24 21:02 simpleidserver