Package com.unboundid.scim2.server.utils

Class SchemaChecker

  • public class SchemaChecker
extends Object
    Utility class used to validate and enforce the schema constraints of a Resource Type on JSON objects representing SCIM resources.

    • Constructor Detail

      • SchemaChecker

        public SchemaChecker​(@NotNull
                     ResourceTypeDefinition resourceType)
        Create a new instance that may be used to validate and enforce schema constraints for a resource type.
        Parameters:
        resourceType - The resource type whose schema(s) to enforce.

    • Method Detail

      • checkCreate

        @NotNull
public SchemaChecker.Results checkCreate​(@NotNull
                                         com.fasterxml.jackson.databind.node.ObjectNode objectNode)
                                  throws ScimException
        Check a new SCIM resource against the schema. The following checks will be performed:
        • All schema URIs in the schemas attribute are defined.
        • All required schema extensions are present.
        • All required attributes are present.
        • All attributes are defined in schema.
        • All attribute values match the types defined in schema.
        • All canonical type values match one of the values defined in the schema.
        • No attributes with values are read-only.
        Parameters:
        objectNode - The SCIM resource that will be created. Any read-only attributes should be removed first using removeReadOnlyAttributes(ObjectNode).
        Returns:
        Schema checking results.
        Throws:
        ScimException - If an error occurred while checking the schema.

      • checkModify

        @NotNull
public SchemaChecker.Results checkModify​(@NotNull
                                         Iterable<PatchOperation> patchOperations,
                                         @Nullable
                                         com.fasterxml.jackson.databind.node.ObjectNode currentObjectNode)
                                  throws ScimException
        Check a set of modify patch operations against the schema. The current state of the SCIM resource may be provided to enable additional checks for attributes that are immutable or required. The following checks will be performed:
        • Undefined schema URIs are not added to the schemas attribute.
        • Required schema extensions are not removed.
        • Required attributes are not removed.
        • Undefined attributes are not added.
        • New attribute values match the types defined in the schema.
        • New canonical values match one of the values defined in the schema.
        • Read-only attribute are not modified.
        Additional checks if the current state of the SCIM resource is provided:
        • The last value from a required multi-valued attribute is not removed.
        • Immutable attribute values are not modified if they already have a value.
        Parameters:
        patchOperations - The set of modify patch operations to check.
        currentObjectNode - The current state of the SCIM resource or null if not available. Any read-only attributes should be removed first using removeReadOnlyAttributes(ObjectNode).
        Returns:
        Schema checking results.
        Throws:
        ScimException - If an error occurred while checking the schema.

      • checkReplace

        @NotNull
public SchemaChecker.Results checkReplace​(@NotNull
                                          com.fasterxml.jackson.databind.node.ObjectNode replacementObjectNode,
                                          @NotNull
                                          com.fasterxml.jackson.databind.node.ObjectNode currentObjectNode)
                                   throws ScimException
        Check a replacement SCIM resource against the schema. The current state of the SCIM resource may be provided to enable additional checks for attributes that are immutable. The following checks will be performed:
        • All schema URIs in the schemas attribute are defined.
        • All required schema extensions are present.
        • All attributes are defined in schema.
        • All attribute values match the types defined in schema.
        • All canonical type values match one of the values defined in the schema.
        • No attributes with values are read-only.
        Additional checks if the current state of the SCIM resource is provided:
        • Immutable attribute values are not replaced if they already have a value.
        Parameters:
        replacementObjectNode - The replacement SCIM resource to check.
        currentObjectNode - The current state of the SCIM resource or null if not available.
        Returns:
        Schema checking results.
        Throws:
        ScimException - If an error occurred while checking the schema.

      • removeReadOnlyAttributes

        @NotNull
public com.fasterxml.jackson.databind.node.ObjectNode removeReadOnlyAttributes​(@NotNull
                                                                               com.fasterxml.jackson.databind.node.ObjectNode objectNode)
        Remove any read-only attributes and/or sub-attributes that are present in the provided SCIM resource. This should be performed on new and replacement SCIM resources before schema checking since read-only attributes should be ignored by the service provider on create with POST and modify with PUT operations.
        Parameters:
        objectNode - The SCIM resource to remove read-only attributes from. This method will not alter the provided resource.
        Returns:
        A copy of the SCIM resource with the read-only attributes (if any) removed.