scim-server 0.4.0

A comprehensive SCIM 2.0 server library for Rust with multi-tenant support and type-safe operations
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

//! Request context and query structures for SCIM operations.
//!
//! This module provides request tracking, tenant context, and query parameters
//! for SCIM operations with support for multi-tenant environments.

use crate::resource::tenant::{IsolationLevel, TenantContext};
use uuid::Uuid;

/// Request context for SCIM operations.
///
/// Provides request tracking for logging and auditing purposes.
/// Optionally includes tenant context for multi-tenant operations.
#[derive(Debug, Clone)]
pub struct RequestContext {
    /// Unique identifier for this request
    pub request_id: String,
    /// Optional tenant context for multi-tenant operations
    pub tenant_context: Option<TenantContext>,
}

impl RequestContext {
    /// Create a new request context with a specific request ID.
    pub fn new(request_id: String) -> Self {
        Self {
            request_id,
            tenant_context: None,
        }
    }

    /// Create a new request context with a generated request ID.
    pub fn with_generated_id() -> Self {
        Self {
            request_id: Uuid::new_v4().to_string(),
            tenant_context: None,
        }
    }

    /// Create a new request context with tenant information.
    pub fn with_tenant(request_id: String, tenant_context: TenantContext) -> Self {
        Self {
            request_id,
            tenant_context: Some(tenant_context),
        }
    }

    /// Create a new request context with generated ID and tenant information.
    pub fn with_tenant_generated_id(tenant_context: TenantContext) -> Self {
        Self {
            request_id: Uuid::new_v4().to_string(),
            tenant_context: Some(tenant_context),
        }
    }

    /// Get the tenant ID if this is a multi-tenant request.
    pub fn tenant_id(&self) -> Option<&str> {
        self.tenant_context.as_ref().map(|t| t.tenant_id.as_str())
    }

    /// Get the client ID if this is a multi-tenant request.
    pub fn client_id(&self) -> Option<&str> {
        self.tenant_context.as_ref().map(|t| t.client_id.as_str())
    }

    /// Check if this is a multi-tenant request.
    pub fn is_multi_tenant(&self) -> bool {
        self.tenant_context.is_some()
    }

    /// Get the isolation level for this request.
    pub fn isolation_level(&self) -> Option<&IsolationLevel> {
        self.tenant_context.as_ref().map(|t| &t.isolation_level)
    }

    /// Check if the tenant has permission for a specific operation.
    pub fn can_perform_operation(&self, operation: &str) -> bool {
        match &self.tenant_context {
            Some(tenant) => tenant.can_perform_operation(operation),
            None => true, // Single-tenant operations are always allowed
        }
    }

    /// Validate that this context can perform the requested operation.
    pub fn validate_operation(&self, operation: &str) -> Result<(), String> {
        if self.can_perform_operation(operation) {
            Ok(())
        } else {
            Err(format!(
                "Operation '{}' not permitted for tenant",
                operation
            ))
        }
    }
}

impl Default for RequestContext {
    fn default() -> Self {
        Self::with_generated_id()
    }
}

/// Query parameters for listing resources.
///
/// This structure supports pagination, filtering, and attribute selection
/// for SCIM list operations.
#[derive(Debug, Clone, Default)]
pub struct ListQuery {
    /// Maximum number of results to return
    pub count: Option<usize>,
    /// Starting index for pagination
    pub start_index: Option<usize>,
    /// Filter expression
    pub filter: Option<String>,
    /// Attributes to include in results
    pub attributes: Vec<String>,
    /// Attributes to exclude from results
    pub excluded_attributes: Vec<String>,
}

impl ListQuery {
    /// Create a new empty query.
    pub fn new() -> Self {
        Self::default()
    }

    /// Set the maximum count.
    pub fn with_count(mut self, count: usize) -> Self {
        self.count = Some(count);
        self
    }

    /// Set the starting index.
    pub fn with_start_index(mut self, start_index: usize) -> Self {
        self.start_index = Some(start_index);
        self
    }

    /// Set a filter expression.
    pub fn with_filter(mut self, filter: String) -> Self {
        self.filter = Some(filter);
        self
    }

    /// Add an attribute to include in results.
    pub fn with_attribute(mut self, attribute: String) -> Self {
        self.attributes.push(attribute);
        self
    }

    /// Add multiple attributes to include in results.
    pub fn with_attributes(mut self, attributes: Vec<String>) -> Self {
        self.attributes.extend(attributes);
        self
    }

    /// Add an attribute to exclude from results.
    pub fn with_excluded_attribute(mut self, attribute: String) -> Self {
        self.excluded_attributes.push(attribute);
        self
    }

    /// Add multiple attributes to exclude from results.
    pub fn with_excluded_attributes(mut self, attributes: Vec<String>) -> Self {
        self.excluded_attributes.extend(attributes);
        self
    }
}