jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add 403 error for resourcetypes and schemas

Browse source
This commit is contained in:
Jonathan Griffin 2025-04-15 15:11:24 +02:00
parent ab8069a986
commit f0b397708d
1 changed files with 20 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
ee/api/routers/scim.py
View file

@ -70,7 +70,16 @@ def _not_found_error_response(resource_id: str):
@public_app.get("/ResourceTypes", dependencies=[Depends(auth_required)]) @public_app.get("/ResourceTypes", dependencies=[Depends(auth_required)])
async def get_resource_types(r: Request): async def get_resource_types(r: Request, filter_param: str | None = Query(None, alias="filter")):
if filter_param is not None:
return JSONResponse(
status_code=403,
content={
"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
"detail": "Operation is not permitted based on the supplied authorization",
"status": "403",
}
)
return JSONResponse( return JSONResponse(
status_code=200, status_code=200,
content={ content={
@ -116,7 +125,16 @@ SCHEMA_IDS_TO_SCHEMA_DETAILS = {
@public_app.get("/Schemas", dependencies=[Depends(auth_required)]) @public_app.get("/Schemas", dependencies=[Depends(auth_required)])
async def get_schemas(): async def get_schemas(filter_param: str | None = Query(None, alias="filter")):
if filter_param is not None:
return JSONResponse(
status_code=403,
content={
"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
"detail": "Operation is not permitted based on the supplied authorization",
"status": "403",
}
)
return JSONResponse( return JSONResponse(
status_code=200, status_code=200,
content={ content={