Documentation ¶
Index ¶
- Constants
- func DB(resourceType *spec.ResourceType, logger log.Logger, coll *mongo.Collection, ...) db.DB
- func ReadMetadata(raw []byte) error
- func TransformCompiledFilter(root *expr.Expression, resourceType *spec.ResourceType) (bson.D, error)
- func TransformFilter(scimFilter string, resourceType *spec.ResourceType) (bson.D, error)
- type DBOptions
- type Metadata
Constants ¶
const (
AnnotationMongoIndex = "@MongoIndex"
)
Variables ¶
This section is empty.
Functions ¶
func DB ¶
func DB(resourceType *spec.ResourceType, logger log.Logger, coll *mongo.Collection, opt *DBOptions) db.DB
Create a db.DB implementation that persists data in MongoDB. This implementation supports one-to-one correspondence of a SCIM resource type to a MongoDB collection.
The database will attempt to create MongoDB indexes on attributes whose uniqueness is global or server, or that has been annotated with "@MongoIndex". For unique attributes, a unique MongoDB index will be created, otherwise, it is just an ordinary index. Any index creation error are treated as non-error and simply logged as warning. Successful index creation will be logged as info.
This implementation has limited capability of correctly performing field projection according to the specification. It dumbly treats the *crud.Projection parameter as it is without performing any sanitation. As a result, if any returned=always field is excluded, it will not be returned; similarly, if any returned=never field is included, it will be returned. It is expected by downstream calls to perform a pre-sanitation on the parameters or perform a post-guard operation to ensure no sensitive information is leaked.
The "github.com/imulab/go-scim/core/json" provides a post-guard operation in its serialization function to ensure returned=never parameters are never leaked. When used with this database, the only situation needs to be worried about is that returned=always parameter may not be returned at all when included intentionally in the "attributes" parameter list. This behaviour might be acceptable. If not, pre-sanitation of the projection list is required.
If so desired, use Options().IgnoreProjection() to ignore projection altogether and return a complete version of the result every time.
This implementation do not directly use the SCIM attribute path to persist into MongoDB. Instead, it uses a concept of MongoDB persistence paths (or mongo paths). These mongo paths are introduced to provide an alternative name to SCIM path when SCIM path consists characters illegal to MongoDB. For instance, group.$ref attribute consists a dollar sign that cannot be used as part of field names in MongoDB. Similarly, schema extensions will almost always introduce illegal characters because schemas such as "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" contain dot which is used as path separators in MongoDB. When this is the case, this package allows used to register metadata (see metadata.go) that can be associated with the target attribute in order to provide an alias to the SCIM path suitable to be persisted in MongoDB. When a metadata is associated to a target attribute, the metadata's MongoName or MongoPath will be used; otherwise, the attribute's Name and Path will be used.
The atomicity of MongoDB is utilized to avoid explicit locking when modifying the resource. When performing Replace (which provides service to SCIM replace and SCIM patch) and Delete operations, the resources id and version is used as the criteria to match a document in store before carrying out the operation. If the provided id and version failed to match a document, a preCondition error is returned instead of a notFound error. This is because caller already provided a resource as argument which was fetched from the database, hence, the resource by the id must have existed. The only reason that id and version failed to match would then because another process modified the resource concurrently. Therefore, preCondition seems to be a reasonable error code.
func ReadMetadata ¶
Read metadata and add all metadata to the hub
func TransformCompiledFilter ¶
func TransformCompiledFilter(root *expr.Expression, resourceType *spec.ResourceType) (bson.D, error)
Compile and transform a compiled SCIM filter to bsonx.Val that contains the original filter in MongoDB compatible format. This slight optimization allow the caller to pre-compile frequently used queries and save the trip to the filter parser and compiler.
func TransformFilter ¶
Compile and transform a SCIM filter string to a bsonx.Val that contains the original filter in MongoDB compatible format.
Types ¶
type DBOptions ¶
type DBOptions struct {
// contains filtered or unexported fields
}
func (*DBOptions) IgnoreProjection ¶
Ask the database to ignore any projection parameters. This might be reasonable when the downstream services wish to perform further actions on the complete version of the resource.