providers/sync: improve v3 (#9966)

* make external id field externally visible Signed-off-by: Jens Langhammer <jens@goauthentik.io> * catch up scim provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add missing views to scim provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make neither user nor group required for mapping testing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve SkipObject handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow deletion of connection objects Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make entra logs less noisy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make event_matcher less noisy Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-06-06 12:47:48 +09:00
parent 0c652a210d
commit 88e9c9b669
28 changed files with 963 additions and 51 deletions
--- a/authentik/lib/sync/mapper.py
+++ b/authentik/lib/sync/mapper.py
@ -57,6 +57,8 @@ class PropertyMappingManager:
            mapping.set_context(user, request, **kwargs)
            try:
                value = mapping.evaluate(mapping.model.expression)
+            except PropertyMappingExpressionException as exc:
+                raise exc from exc
            except Exception as exc:
                raise PropertyMappingExpressionException(exc, mapping.model) from exc
            if value is None:
--- a/authentik/lib/sync/outgoing/base.py
+++ b/authentik/lib/sync/outgoing/base.py
@ -91,10 +91,9 @@ class BaseOutgoingSyncClient[
            }
            eval_kwargs.setdefault("user", None)
            for value in self.mapper.iter_eval(**eval_kwargs):
-                try:
-                    always_merger.merge(raw_final_object, value)
-                except SkipObjectException as exc:
-                    raise exc from exc
+                always_merger.merge(raw_final_object, value)
+        except SkipObjectException as exc:
+            raise exc from exc
        except PropertyMappingExpressionException as exc:
            # Value error can be raised when assigning invalid data to an attribute
            Event.new(
@ -104,7 +103,7 @@ class BaseOutgoingSyncClient[
            ).save()
            raise StopSync(exc, obj, exc.mapping) from exc
        if not raw_final_object:
-            raise StopSync(ValueError("No user mappings configured"), obj)
+            raise StopSync(ValueError("No mappings configured"), obj)
        for key, value in defaults.items():
            raw_final_object.setdefault(key, value)
        return raw_final_object
--- a/authentik/lib/sync/outgoing/tasks.py
+++ b/authentik/lib/sync/outgoing/tasks.py
@ -125,6 +125,7 @@ class SyncTasks:
            try:
                client.write(obj)
            except SkipObjectException:
+                self.logger.debug("skipping object due to SkipObject", obj=obj)
                continue
            except BadRequestSyncException as exc:
                self.logger.warning("failed to sync object", exc=exc, obj=obj)