MCPcopy Index your code
hub / github.com/coder/coder / scimPostUser

Method scimPostUser

enterprise/coderd/scim.go:199–335  ·  view source on GitHub ↗

scimPostUser creates a new user, or returns the existing user if it exists. @Summary SCIM 2.0: Create new user @ID scim-create-new-user @Security Authorization @Produce json @Tags Enterprise @Param request body coderd.SCIMUser true "New user" @Success 200 {object} coderd.SCIMUser @Router /scim/v2/U

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

197// @Success 200 {object} coderd.SCIMUser
198// @Router /scim/v2/Users [post]
199func (api *API) scimPostUser(rw http.ResponseWriter, r *http.Request) {
200 ctx := r.Context()
201 if !api.scimVerifyAuthHeader(r) {
202 scimUnauthorized(rw)
203 return
204 }
205
206 auditor := *api.AGPL.Auditor.Load()
207 aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{
208 Audit: auditor,
209 Log: api.Logger,
210 Request: r,
211 Action: database.AuditActionCreate,
212 AdditionalFields: SCIMAuditAdditionalFields,
213 })
214 defer commitAudit()
215
216 var sUser SCIMUser
217 err := json.NewDecoder(r.Body).Decode(&sUser)
218 if err != nil {
219 _ = handlerutil.WriteError(rw, scim.NewHTTPError(http.StatusBadRequest, "invalidRequest", err))
220 return
221 }
222
223 if sUser.Active == nil {
224 _ = handlerutil.WriteError(rw, scim.NewHTTPError(http.StatusBadRequest, "invalidRequest", xerrors.New("active field is required")))
225 return
226 }
227
228 email := ""
229 for _, e := range sUser.Emails {
230 if e.Primary {
231 email = e.Value
232 break
233 }
234 }
235
236 if email == "" {
237 _ = handlerutil.WriteError(rw, scim.NewHTTPError(http.StatusBadRequest, "invalidEmail", xerrors.New("no primary email provided")))
238 return
239 }
240
241 //nolint:gocritic
242 dbUser, err := api.Database.GetUserByEmailOrUsername(dbauthz.AsSystemRestricted(ctx), database.GetUserByEmailOrUsernameParams{
243 Email: email,
244 Username: sUser.UserName,
245 })
246 if err != nil && !xerrors.Is(err, sql.ErrNoRows) {
247 _ = handlerutil.WriteError(rw, err) // internal error
248 return
249 }
250 if err == nil {
251 sUser.ID = dbUser.ID.String()
252 sUser.UserName = dbUser.Username
253
254 if *sUser.Active && dbUser.Status == database.UserStatusSuspended {
255 //nolint:gocritic
256 newUser, err := api.Database.UpdateUserStatus(dbauthz.AsSystemRestricted(r.Context()), database.UpdateUserStatusParams{

Callers

nothing calls this directly

Calls 15

scimVerifyAuthHeaderMethod · 0.95
InitRequestFunction · 0.92
NewHTTPErrorFunction · 0.92
AsSystemRestrictedFunction · 0.92
NowFunction · 0.92
WriteFunction · 0.92
NameValidFunction · 0.92
UsernameFromFunction · 0.92
scimUnauthorizedFunction · 0.85
ContextMethod · 0.65
NewMethod · 0.65

Tested by

no test coverage detected