add separate config for system schema enabling

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/IdentityResourceTypeResourceManager.java

@@ -20,6 +20,7 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.json.JSONArray;
 import org.json.JSONException;
 import org.json.JSONObject;
 import org.wso2.charon3.core.attributes.MultiValuedAttribute;
@@ -72,8 +73,11 @@ public SCIMResponse get(String id, UserManager userManager, String attributes, S
      */
     private SCIMResponse getResourceType() {
 
+        JSONEncoder encoder = null;
         try {
-            JSONEncoder encoder = getEncoder();
+            //obtain the json encoder
+            encoder = getEncoder();
+            //obtain the json decoder
             JSONDecoder decoder = getDecoder();
 
             // get the service provider config schema
@@ -105,7 +109,7 @@ private SCIMResponse getResourceType() {
                     groupResourceTypeObject);
             //encode the newly created SCIM Resource Type object.
             String encodedObject;
-            Map<String, String> responseHeaders = new HashMap<>();
+            Map<String, String> responseHeaders = new HashMap<String, String>();
 
             if (resourceTypeObject != null) {
                 //create a deep copy of the resource type object since we are going to change it.
@@ -140,6 +144,7 @@ private SCIMResponse getResourceType() {
      * @param userObject
      * @param groupObject
      * @return
+     * @throws CharonException
      */
     private AbstractSCIMObject buildCombinedResourceType(AbstractSCIMObject userObject, AbstractSCIMObject groupObject)
             throws CharonException {
@@ -171,6 +176,8 @@ private AbstractSCIMObject buildCombinedResourceType(AbstractSCIMObject userObje
     private String buildUserResourceTypeJsonBody() throws JSONException {
 
         JSONObject userResourceTypeObject = new JSONObject();
+        SCIMResourceSchemaManager schemaManager = SCIMResourceSchemaManager.getInstance();
+
         userResourceTypeObject.put(SCIMConstants.CommonSchemaConstants.SCHEMAS, SCIMConstants.RESOURCE_TYPE_SCHEMA_URI);
         userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.ID, SCIMConstants.USER);
         userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.NAME, SCIMConstants.USER);
@@ -180,25 +187,29 @@ private String buildUserResourceTypeJsonBody() throws JSONException {
         userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA,
                 SCIMConstants.USER_CORE_SCHEMA_URI);
 
-        if (Boolean.TRUE.equals(SCIMResourceSchemaManager.getInstance().isExtensionSet())) {
-            JSONObject extensionSchemaObject = new JSONObject();
-            extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA,
-                    SCIMResourceSchemaManager.getInstance().getExtensionURI());
-            extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED,
-                    SCIMResourceSchemaManager.getInstance().getExtensionRequired());
-
-            userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS,
-                    extensionSchemaObject);
+        if (Boolean.TRUE.equals(schemaManager.isExtensionSet())) {
+            JSONArray schemaExtensions = new JSONArray();
+            JSONObject extensionSchemaObject = createSchemaExtensionObject(
+                    schemaManager.getExtensionURI(), schemaManager.getExtensionRequired());
 
-            JSONObject systemSchemaObject = new JSONObject();
-            systemSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA,
-                    SCIMResourceSchemaManager.getInstance().getSystemSchemaExtensionURI());
-            systemSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED,
-                    SCIMResourceSchemaManager.getInstance().getSystemSchemaExtensionRequired());
+            schemaExtensions.put(extensionSchemaObject);
 
-            userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS,
-                    systemSchemaObject);
+            if (Boolean.TRUE.equals(schemaManager.isSystemUserExtensionEnabled())) {
+                schemaExtensions.put(createSchemaExtensionObject(
+                        schemaManager.getSystemSchemaExtensionURI(), schemaManager.getSystemSchemaExtensionRequired()));
+                userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS, schemaExtensions);
+            } else {
+                userResourceTypeObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS, extensionSchemaObject);
+            }
         }
         return userResourceTypeObject.toString();
     }
+
+    private JSONObject createSchemaExtensionObject(String schemaURI, boolean isRequired) throws JSONException {
+
+        JSONObject extensionSchemaObject = new JSONObject();
+        extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_SCHEMA, schemaURI);
+        extensionSchemaObject.put(SCIMConstants.ResourceTypeSchemaConstants.SCHEMA_EXTENSIONS_REQUIRED, isRequired);
+        return extensionSchemaObject;
+    }
 }

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMUserManager.java

@@ -372,8 +372,8 @@ public User createUser(User user, Map<String, Boolean> requiredAttributes)
             // Therefore, checking for possible client exception.
             Throwable ex = ExceptionUtils.getRootCause(e);
             if (ex instanceof UserStoreClientException) {
-                String errorMessage = String.format("Error in adding the user: %s. %s",
-                        maskIfRequired(user.getUserName()), ex.getMessage());
+                String errorMessage = String.format("Error in adding the user: " + maskIfRequired(user.getUserName())
+                        + ". %s", ex.getMessage());
                 if (log.isDebugEnabled()) {
                     log.debug(errorMessage, ex);
                 }
@@ -523,7 +523,7 @@ public void deleteUser(String userId) throws NotFoundException, CharonException,
         }
         // Get the username of the user with this id.
         org.wso2.carbon.user.core.common.User coreUser = null;
-        String userName;
+        String userName = null;
         try {
 
             // Set thread local property to signal the downstream SCIMUserOperationListener
@@ -5767,8 +5767,7 @@ public List<Attribute> getSystemUserSchema() throws CharonException {
 
         List<Attribute> systemUserSchemaAttributesList = null;
 
-        // We are using the same configuration to enable/disable system user schema as the enterprise user schema.
-        if (SCIMCommonUtils.isEnterpriseUserExtensionEnabled()) {
+        if (SCIMCommonUtils.isSystemUserExtensionEnabled()) {
             Map<ExternalClaim, LocalClaim> scimClaimToLocalClaimMap =
                     getMappedLocalClaimsForDialect(SCIMCommonConstants.SCIM_SYSTEM_USER_CLAIM_DIALECT, tenantDomain);
 

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonConstants.java

@@ -80,6 +80,7 @@ public class SCIMCommonConstants {
     public static final String BULK_MAX_PAYLOAD_SIZE = "bulk-maxPayloadSize";
     public static final String FILTER_MAX_RESULTS = "filter-maxResults";
     public static final String ENTERPRISE_USER_EXTENSION_ENABLED = "user-schema-extension-enabled";
+    public static final String SYSTEM_USER_EXTENSION_ENABLED = "system-schema-extension-enabled";
     public static final String PAGINATION_DEFAULT_COUNT = "pagination-default-count";
     public static final String CUSTOM_USER_SCHEMA_ENABLED = "custom-user-schema-enabled";
     public static final String CUSTOM_USER_SCHEMA_URI = "custom-user-schema-uri";

components/org.wso2.carbon.identity.scim2.common/src/main/java/org/wso2/carbon/identity/scim2/common/utils/SCIMCommonUtils.java

@@ -628,6 +628,17 @@ public static boolean isEnterpriseUserExtensionEnabled() {
                 .getProperty(SCIMCommonConstants.ENTERPRISE_USER_EXTENSION_ENABLED));
     }
 
+    /**
+     * Check if SCIM system user extension has been enabled.
+     *
+     * @return True if system user extension enabled
+     */
+    public static boolean isSystemUserExtensionEnabled() {
+
+        return Boolean.parseBoolean(SCIMConfigProcessor.getInstance()
+                .getProperty(SCIMCommonConstants.SYSTEM_USER_EXTENSION_ENABLED));
+    }
+
     /**
      * Checks whether the identity.xml config is available to enable group based user filtering improvements.
      *

features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml

@@ -18,6 +18,7 @@
 
 <provisioning-config>
     <Property name="user-schema-extension-enabled">true</Property>
+    <Property name="system-schema-extension-enabled">true</Property>
     <Property name="custom-user-schema-enabled">true</Property>
     <Property name="custom-user-schema-uri">urn:scim:schemas:extension:custom:User</Property>
     <Property name="patch-supported">true</Property>

features/org.wso2.carbon.identity.scim2.common.feature/resources/charon-config.xml.j2

@@ -19,6 +19,11 @@
 
 <provisioning-config xmlns:svns="http://org.wso2.securevault/configuration">
     <Property name="user-schema-extension-enabled">{{scim2.enable_schema_extension}}</Property>
+    {% if scim2.enable_system_schema_extension is defined %}
+        <Property name="system-schema-extension-enabled">{{scim2.enable_system_schema_extension}}</Property>
+    {% else %}
+        <Property name="system-schema-extension-enabled">{{scim2.enable_schema_extension}}</Property>
+    {% endif %}
     <Property name="custom-user-schema-enabled">{{scim2.enable_custom_schema_extension}}</Property>
     <Property name="custom-user-schema-uri">{{scim2.custom_user_schema_uri}}</Property>
     <Property name="bulk-maxOperations">{{scim2.max_bulk_operations}}</Property>