33namespace ArieTimmerman \Laravel \SCIMServer \Http \Controllers ;
44
55use ArieTimmerman \Laravel \SCIMServer \Exceptions \SCIMException ;
6+ use ArieTimmerman \Laravel \SCIMServer \SCIMConfig ;
67use Illuminate \Http \Request ;
78use Illuminate \Support \Facades \Validator ;
89
@@ -66,6 +67,14 @@ public function processBulkRequest(Request $request)
6667 // Remove everything till the last occurence of Bulk, e.g. /scim/v2/Bulk should become /scim/v2/
6768 $ prefixsubstr ($ originalRequestpath (), 0 , strrpos ($ originalRequestpath (), '/Bulk ' ));
6869
70+ $ resourceTypeConfigresolve (SCIMConfig::class)->getConfig ();
71+ $ resourceTypePatternnull ;
72+
73+ if (!empty ($ resourceTypeConfig
74+ $ escapedResourceTypesarray_map (static fn ($ namepreg_quote ($ name'/ ' ), array_keys ($ resourceTypeConfig
75+ $ resourceTypePattern'/^\/( ' . implode ('| ' , $ escapedResourceTypes')(?:\/|\?|$)/ ' ;
76+ }
77+
6978 foreach ($ operationsas $ index$ operation
7079
7180 $ method$ operation'method ' ];
@@ -81,9 +90,7 @@ public function processBulkRequest(Request $request)
8190 $ encodedstr_replace (array_keys ($ bulkIdMappingarray_values ($ bulkIdMapping$ encoded
8291 $ pathstr_replace (array_keys ($ bulkIdMappingarray_values ($ bulkIdMapping$ operation'path ' ]);
8392
84- // TODO: Allow BULK requests for all configured resource types (RFC 7644 §3.7).
85- // ensure $path starts with /Users or /Groups
86- if (!preg_match ('/^\/(Users|Groups)/ ' , $ path
93+ if ($ resourceTypePatternnull || !preg_match ($ resourceTypePattern$ path
8794 throw (new SCIMException ('Invalid path! ' ))->setCode (400 )->setScimType ('invalidPath ' );
8895 }
8996
0 commit comments