如何使用 WSO2 SCIM 2.0 REST API 更新单个用户的组? [英] How to update a single user's groups with WSO2 SCIM 2.0 REST API?
问题描述
我正在尝试用一组全新的组替换单个用户的组.我可以使用 https://docs.wso2.com/display/IS570/apidocs/SCIM2-endpoints/#!/operations#GroupsEndpoint#patchGroup API.
I'm trying to replace a single user's group with a completely new set of groups. I am able to add user to a group and remove user from a group with https://docs.wso2.com/display/IS570/apidocs/SCIM2-endpoints/#!/operations#GroupsEndpoint#patchGroup API.
但是,我想用一个新数组完全替换这些组,因此我不必从每个组中单独添加/删除用户.我尝试使用以下请求
However, I want to completely replace the groups entirely with a new array, so I don't have to individually add/remove user from each group. I have tried using the following request
POST {url}/scim2/Users/{groupID}
POST {url}/scim2/Users/{groupID}
具有以下 POST 正文
with the following POST body
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "replace",
"value": {
"groups": [
{
"display": "group1",
"value": "092555e8-1636-4642-924e-27aef49757fe"
},
{
"display": "group2",
"value": "b0d42429-67e2-4447-9846-2b001add431f"
}
]
}
}
]
}
然而,返回的响应是
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "Error in performing the add operation",
"status": "500"
}
我怎样才能做到这一点?
How can I achieve this?
推荐答案
POST {url}/scim2/Users/{groupID}
请求将不起作用,因为没有这样的端点.我认为您试图通过补丁操作替换用户资源的 groups
属性.如果是这样,请求将是 PATCH {url}/scim2/Users/{userId}
.但是,由于以下原因,这不起作用.
POST {url}/scim2/Users/{groupID}
request won't work since there is no such endpoint. I think you tried to replace the groups
attribute of the user resource by a patch operation. If so, the request would be PATCH {url}/scim2/Users/{userId}
.
However, that doesn't work due to the following reasons.
根据 SCIM 规范(请参阅 https://tools.ietf.org/html/rfc7643#section-4.1.2) 用户的组属性应使用/Groups 端点进行管理.
According to the SCIM specification(see groups description in https://tools.ietf.org/html/rfc7643#section-4.1.2) groups attribute of the user should be managed using the /Groups endpoint.
直接组成员资格表示用户直接与该组相关联,并且应该表示客户端可以通过组"修改成员资格.资源.
用户资源的组属性也是一个 ReadOnly
属性.因此,不能使用 PATCH/User
端点修改它.(https://tools.ietf.org/html/rfc7643#section-8.7.1) WSO2 中的架构定义是:https://github.com/wso2/charon/blob/f5229c1ed55548d74b833e1a04656ac695899d9b/modules/charon/javasrc/modules/charon/javacore/charon3/core/schema/SCIMSchemaDefinitions.java#L791
Also groups attribute of User resource is a ReadOnly
attribute. Therefore, it can't be modified using PATCH /User
endpoint. (https://tools.ietf.org/html/rfc7643#section-8.7.1) Schema definition in WSO2 IS: https://github.com/wso2/charon/blob/f5229c1ed55548d74b833e1a04656ac695899d9b/modules/charon-core/src/main/java/org/wso2/charon3/core/schema/SCIMSchemaDefinitions.java#L791
因此您必须使用 PATCH/Groups
端点来修改用户的组详细信息.
Therefore you have to use PATCH /Groups
endpoint to modify the groups details of the user.
这篇关于如何使用 WSO2 SCIM 2.0 REST API 更新单个用户的组?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!