From nobody Wed Apr 10 09:38:24 2019 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02F271203BA for ; Wed, 10 Apr 2019 09:38:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dh7Il5UItGdG for ; Wed, 10 Apr 2019 09:38:20 -0700 (PDT) Received: from mail-oi1-x22f.google.com (mail-oi1-x22f.google.com [IPv6:2607:f8b0:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75B3112037D for ; Wed, 10 Apr 2019 09:38:20 -0700 (PDT) Received: by mail-oi1-x22f.google.com with SMTP id a6so2334953oie.5 for ; Wed, 10 Apr 2019 09:38:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=I+be+3XZajAlHARt9A507a2ufDEvARIc3S1TYtLyNag=; b=KR1WX8JaLdUjDRi+T09jkuH+mdsev4JdHVno/dCHoOMSiLS39+qEAPDFEL7mHQQacO Vh+xSNTNgLHsMVDUztwECKpPdQovT8MqXVela2CAsNGvEJpIcwQFdsLNYbKERLDnzP6w +qh//eAZaXUFtah86uCkfIYTCulhtmbV7eCUEuXgJqCucZOj2itDT6MkJl3fJI+mDt8Y e4kdyRdpnccjxUVzQ/kFh0WwiYnUJENhOVdHh8/NeIKelkR385ogy+V3/KhrIPI1Fitw Ee2CmPdZOs7nTZWgDIcxWWaeK3eh2O15j2jKJsR5s8FVx4DMUEFc5rf0E4oy0b2N7FPg rN5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=I+be+3XZajAlHARt9A507a2ufDEvARIc3S1TYtLyNag=; b=djjpFRlobx3fGBr1gcxP4GH3O1xJ8L6Vnl7xZpXNWZwbyBGmHHriEDtoYiwsIu3AP1 QhrrvQwvgOPa63To3qiUx8RW9FXCPaFzqxczDkW87vvuGknNfSPdedOOheNy2sxTe2+W g4jNE2njrHqQUyzG44tEYKo44k5QV1Rx9WpmxKFhUspz9yy4BqOnPODPoEm/W/xtUeuI Flshk0gXg6AE21Zo43ZRZJCuYPebEqwZgXsiySIfZ9tqlRKNu/MOVgIxy2lQOGVP+wg7 8HuOWI5fyWjctIz49T8fxmVwsZ8f83NYpkI7c3Bb9xgXlQYjzInO0t9VCgo6O158znWy bxag== X-Gm-Message-State: APjAAAUScZ15L53zizKAy6wKBgmeC/QSIBXMUkxnTzBKi4/uUARMJWj2 XkYoUHPgzmAzGyBpKYG8NAJkuGonP4XvUnckW4ha7g== X-Google-Smtp-Source: APXvYqyI0y2/C4QgbM4og3VI8lUOLOn+cQXnT9eryo2gSeEJR1jMoS2skeKDH1R+knpdRNG4XZRUl7TAOIBWD0TD/3s= X-Received: by 2002:aca:b984:: with SMTP id j126mr3267881oif.113.1554914299485; Wed, 10 Apr 2019 09:38:19 -0700 (PDT) MIME-Version: 1.0 From: Aleksey Chernoraenko Date: Wed, 10 Apr 2019 11:38:08 -0500 Message-ID: To: scim@ietf.org Content-Type: text/plain; charset="UTF-8" Archived-At: Subject: [scim] Query parameter to include attributes in result that are not returned by default X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Apr 2019 16:38:22 -0000 Greetings, "attributes" and "excludedAttributes" query parameters as described in 3.4.3. section of rfc7644 allow to support at least two scenarios 1) when requestor wants to exclude attributes that are returned by default (e.g. expensive, or "not interested in" ones, etc) 2) when requestor wants to get a specific set of attributes and by that overrides defaults but it looks like another valuable scenario is missing: 3) when requestor wants to include attributes that are not returned by default ("returned" schema attribute would be "request" for such attributes) without discarding the defaults of other attributes. Would introducing "includedAttributes" parameter be a good idea? Any thoughts? Thanks, Alexei From nobody Wed Apr 10 12:55:47 2019 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF0D71200CE for ; Wed, 10 Apr 2019 12:55:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.299 X-Spam-Level: X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xrm8xIajtQC4 for ; Wed, 10 Apr 2019 12:55:43 -0700 (PDT) Received: from userp2130.oracle.com (userp2130.oracle.com [156.151.31.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 495831200B7 for ; Wed, 10 Apr 2019 12:55:43 -0700 (PDT) Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3AJnH77184724; Wed, 10 Apr 2019 19:55:41 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=corp-2018-07-02; bh=3hzCLAIvMVQCBavQ1sVPgIFIWtxql37pcNIq66/Af00=; b=QfM8ElJUSOXAdfHiKeslxPWgQVVtR40uArcQxCyuA8sscM5xX+xGWbfyE45slJq0A4La mH/Y2YTQfWVa4+A2XLgUyxfbNxk7+XJRutIl4a89k5toe5TWpFwR6MolQca2ZS7vpM22 m6dNZhV1Ub54U0vGR7AHKIzMCtWH4QfoMA03obK8B0ecdY/epsPnV/mg63BBCR5acpaY p6q0u30QzuKEkHL2bCuD8xb4SNZxODA0m8kl4aWBzj7HvxgKg3z959rL2e6r92NoEsFa 1YXHJ6WrKLqa0YuoF/2Yjfz6/dquBv7JzMWur0hC60huEqkc6qp1/Pn65WKFfSMRazIW BQ== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2130.oracle.com with ESMTP id 2rpkht57wu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 10 Apr 2019 19:55:41 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3AJsVga174282; Wed, 10 Apr 2019 19:55:41 GMT Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by userp3030.oracle.com with ESMTP id 2rph7td7b3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 10 Apr 2019 19:55:41 +0000 Received: from abhmp0008.oracle.com (abhmp0008.oracle.com [141.146.116.14]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x3AJtelI020851; Wed, 10 Apr 2019 19:55:40 GMT Received: from dhcp-10-65-183-198.vpn.oracle.com (/10.65.183.198) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 10 Apr 2019 12:55:40 -0700 From: Phil Hunt Message-Id: <82F35A12-51BC-4EAD-AA01-A1842DD7BFCC@oracle.com> Content-Type: multipart/alternative; boundary="Apple-Mail=_22ACF17E-C127-4184-AD94-FE89F5CC2EFC" Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\)) Date: Wed, 10 Apr 2019 12:55:38 -0700 In-Reply-To: Cc: scim@ietf.org To: Aleksey Chernoraenko References: X-Mailer: Apple Mail (2.3445.9.1) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9223 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904100129 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9223 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904100129 Archived-At: Subject: Re: [scim] Query parameter to include attributes in result that are not returned by default X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Apr 2019 19:55:46 -0000 --Apple-Mail=_22ACF17E-C127-4184-AD94-FE89F5CC2EFC Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Aleksey, As far as changing the protocol, the spec is published and cannot be = altered (see IETF publication process) unless a new WG is chartered to = begin working on new SCIM RFCs. In practice, people specify a list of all the attributes they want which = may include attributes not normally returned by default.=20 Also, this certainly something a client tool could do to make the user = experience better. However, in the protocol, the client would have to = list all the attributes wanted to get what you want. Regards, Phil Hunt=20 > On Apr 10, 2019, at 9:38 AM, Aleksey Chernoraenko = wrote: >=20 > Greetings, >=20 > "attributes" and "excludedAttributes" query parameters as described in > 3.4.3. section of rfc7644 allow to support at least two scenarios >=20 > 1) when requestor wants to exclude attributes that are returned by > default (e.g. expensive, or "not interested in" ones, etc) >=20 > 2) when requestor wants to get a specific set of attributes and by > that overrides defaults >=20 > but it looks like another valuable scenario is missing: > 3) when requestor wants to include attributes that are not returned by > default ("returned" schema attribute would be "request" for such > attributes) without discarding the defaults of other attributes. >=20 > Would introducing "includedAttributes" parameter be a good idea? > Any thoughts? >=20 > Thanks, > Alexei >=20 > _______________________________________________ > scim mailing list > scim@ietf.org > = https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__www.ietf.org_mailma= n_listinfo_scim&d=3DDwICAg&c=3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE= &r=3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=3Dfqza63xS12PGFgfuW40qH= tTxmp6SJbP0J638fkUMCZg&s=3DEhCjhUQmDOX1KUIULcX-RWc4Fr0RuvZm015XdO6e1fc&e=3D= --Apple-Mail=_22ACF17E-C127-4184-AD94-FE89F5CC2EFC Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii Aleksey,

As= far as changing the protocol, the spec is published and cannot be = altered (see IETF publication process) unless a new WG is chartered to = begin working on new SCIM RFCs.

In practice, people specify a list of = all the attributes they want which may include attributes not normally = returned by default. 

Also, this certainly something a client tool could do to make = the user experience better. However, in the protocol, the client would = have to list all the attributes wanted to get what you want.

Regards,

Phil Hunt 






On Apr 10, 2019, at 9:38 AM, Aleksey Chernoraenko <achernoraenko@gmail.com> wrote:

Greetings,

"attributes" and = "excludedAttributes" query parameters as described in
3.4.3.= section of rfc7644 allow to support at least two scenarios

1) when requestor wants to exclude attributes = that are returned by
default (e.g. expensive, or "not = interested in" ones, etc)

2) when requestor = wants to get a specific set of attributes and by
that = overrides defaults

but it looks like = another valuable scenario is missing:
3) when requestor = wants to include attributes that are not returned by
default= ("returned" schema attribute would be "request" for such
attributes) without discarding the defaults of other = attributes.

Would introducing = "includedAttributes" parameter be a good idea?
Any = thoughts?

Thanks,
Alexei

_______________________________________________
scim mailing list
scim@ietf.org
https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__www.ietf= .org_mailman_listinfo_scim&d=3DDwICAg&c=3DRoP1YumCXCgaWHvlZYR8PZh8= Bv7qIrMUB65eapI_JnE&r=3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&am= p;m=3Dfqza63xS12PGFgfuW40qHtTxmp6SJbP0J638fkUMCZg&s=3DEhCjhUQmDOX1KUIU= LcX-RWc4Fr0RuvZm015XdO6e1fc&e=3D

= --Apple-Mail=_22ACF17E-C127-4184-AD94-FE89F5CC2EFC-- From nobody Fri Apr 19 08:04:03 2019 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E6FF1202F1 for ; Fri, 19 Apr 2019 08:03:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9MfYYfh5Y3Hy for ; Fri, 19 Apr 2019 08:03:57 -0700 (PDT) Received: from mail-oi1-x22f.google.com (mail-oi1-x22f.google.com [IPv6:2607:f8b0:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABA801202E3 for ; Fri, 19 Apr 2019 08:03:57 -0700 (PDT) Received: by mail-oi1-x22f.google.com with SMTP id v7so4180984oie.8 for ; Fri, 19 Apr 2019 08:03:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=3QQA9m6MtCWDQabwar9bGyS5vP8s6I47wcTOBQe8ZTc=; b=VYHYjIGJMigZy9FSoRZ+4bpjhZ4qU6l11FOORutUtKPxdWL/VfF5DZnMZs041A6+Aj ECj8v75OxK8NDM23uYirs/NcO/lVVO0zNC2oD05Hgeg9rMV/wqr4V80J9xMtXTNM3E1G M80cgiGXQJqk5o8iptCHH1PqY++7VFRgvnMW5rfSCZMWBvvFmY9HkK9F2PvNg+EAeyvy pxd18XlB+u79xvxlsNekBx4G9yi2t+MMzD5oBd7rurCJZvj1X3AozGEpUfbpNFMwmiv+ 186OHIqibPnrJD+UZsZxB4MDvuWbP0P/hw9FicZvQRicgb4zocto6efvedz+tMjwnyI9 AuaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=3QQA9m6MtCWDQabwar9bGyS5vP8s6I47wcTOBQe8ZTc=; b=q7CYNAkBcmclMrYuvKMHsjxJQmz1U1GrbOyS9XUfflatWCf5/KE6l01HabjLMeXuWL nHby+hMH+NgkUcFPRsKPjRlyajk9Ynw3EwmUi87993OCqf7gGMsjqgH+iY8lxxqe+bIf NPhJyxpDYuennbLvhWJ6s8GhEe1hyDyt+BdkeeYPKyuS6IIk8ZbHvmaxrB80Lmc75R3J XyKkdiLgOi8M2dX72bfBvqrdJerFUbF66d+vuU2zttrYdtlaZXkntl9zqwqkYCGqYfpE cbzXaVd7IOTaJIT3UecHZ6Atqz35sAJlKpjUHMsW5tq64ObDsvi0L8CmxVT5+SlXva6y nCKg== X-Gm-Message-State: APjAAAX1ub805FwHJZWP8jDWohXWdgGursH36ERftL9KUAFPLzlkY/Yc x9XX7dbtlzOyt5iyU5ABeiX3WlAJtlrdlpZ09/syd3OC X-Google-Smtp-Source: APXvYqwtD3gr7y3v96tUsZQyTqkEvIC/J/50RFsW826z0MDJrYyfpcM31dLaachHDe9uI/qQN9tsCWfvduNg6zWlO3I= X-Received: by 2002:aca:b984:: with SMTP id j126mr2177671oif.113.1555686236513; Fri, 19 Apr 2019 08:03:56 -0700 (PDT) MIME-Version: 1.0 From: Aleksey Chernoraenko Date: Fri, 19 Apr 2019 10:03:45 -0500 Message-ID: To: scim@ietf.org Content-Type: text/plain; charset="UTF-8" Archived-At: Subject: [scim] Filter evaluation for multi-valued complex attributes X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Apr 2019 15:03:59 -0000 Greetings, Could you please clarify filter evaluation for multi-valued complex attributes? "Filtering" section (3.4.2.2.) in rfc7644 demonstrates the following example for "emails" (which is I assume is multi-valued complex attribute): 1) filter=userType ne "Employee" and not (emails co "example.com" or emails.value co "example.org") 2) filter=userType eq "Employee" and (emails.type eq "work") Is it correct that the following expressions are valid, equal, and should be evaluated to the same result: a) emails[value co "example.com"] b) emails.value co "example.com" c) emails co "example.com" b) and c) options are basically shortcuts for a) ? c) is valid because "value" is a default attribute for "email" ? Thanks, Alexei From nobody Fri Apr 19 16:41:51 2019 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3C921203CD for ; Fri, 19 Apr 2019 16:41:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.301 X-Spam-Level: X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rf01jHgrc8zp for ; Fri, 19 Apr 2019 16:41:47 -0700 (PDT) Received: from userp2130.oracle.com (userp2130.oracle.com [156.151.31.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D64CA12019B for ; Fri, 19 Apr 2019 16:41:47 -0700 (PDT) Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3JNd8BI194075; Fri, 19 Apr 2019 23:41:46 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=corp-2018-07-02; bh=eeGzegYCbGmJTn+pjd1RQNW6xCutU8EZROznZsw90+g=; b=A/60FSfQA7u8IbuWz1nL8hQeZxt3X+xzejAy83zqXRxu/ZK1U48aUB280TRFmUMSwkJn rntGpwLAP/vSnvklZzR4GYpFLgVMzJJIxbd5DJPoJX+zdEr4pl1XJekXREJuVL612Lzo /StotA7luhSdO7E5AXEi0xjBCoE66a7MDz6e1iE+E9Q/9PkXDdqJGgwL2s6Rnk6syowj lt38NLJWWnRYwouZ3j00xXl3DjXCjiERTD1jlaihcAJdkK4x1XzCzKwsaOK0x+085SkD QPUrWqeX8vuLmT4Q+Ec2XHbV7hU/XKQ8ytDxBVkidsoEir/wqCO1BQ1pWozWAwz91Pe7 Zw== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2130.oracle.com with ESMTP id 2ryjv90vyr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 19 Apr 2019 23:41:45 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x3JNf780073557; Fri, 19 Apr 2019 23:41:45 GMT Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by userp3030.oracle.com with ESMTP id 2ryjurkxxf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 19 Apr 2019 23:41:45 +0000 Received: from abhmp0007.oracle.com (abhmp0007.oracle.com [141.146.116.13]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x3JNfiK6024486; Fri, 19 Apr 2019 23:41:44 GMT Received: from [192.168.1.22] (/70.70.142.148) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 19 Apr 2019 16:41:44 -0700 Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) From: Phil Hunt X-Mailer: iPhone Mail (16E227) In-Reply-To: Date: Fri, 19 Apr 2019 16:41:43 -0700 Cc: scim@ietf.org Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Aleksey Chernoraenko X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9232 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904190162 X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9232 signatures=668685 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904190162 Archived-At: Subject: Re: [scim] Filter evaluation for multi-valued complex attributes X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Apr 2019 23:41:50 -0000 Yes, they are the same for a simple filter against one sub attribute.=20 The square brackets make sure the filter terms are applied against the same v= alue record of the CMVA. Eg [type eq =E2=80=9Cwork=E2=80=9D and value co =E2= =80=9Cexample=E2=80=9D] processes differently than (emails.type eq =E2=80=9C= work=E2=80=9D and emails.value co =E2=80=9Cexample=E2=80=9D). Phil > On Apr 19, 2019, at 8:03 AM, Aleksey Chernoraenko wrote: >=20 > Greetings, >=20 > Could you please clarify filter evaluation for multi-valued complex attrib= utes? >=20 > "Filtering" section (3.4.2.2.) in rfc7644 demonstrates the following > example for "emails" (which is I assume is multi-valued complex > attribute): >=20 > 1) filter=3DuserType ne "Employee" and not (emails co "example.com" or > emails.value co "example.org") >=20 > 2) filter=3DuserType eq "Employee" and (emails.type eq "work") >=20 > Is it correct that the following expressions are valid, equal, and > should be evaluated to the same result: >=20 > a) emails[value co "example.com"] > b) emails.value co "example.com" > c) emails co "example.com" >=20 > b) and c) options are basically shortcuts for a) ? > c) is valid because "value" is a default attribute for "email" ? >=20 > Thanks, > Alexei >=20 > _______________________________________________ > scim mailing list > scim@ietf.org > https://urldefense.proofpoint.com/v2/url?u=3Dhttps-3A__www.ietf.org_mailma= n_listinfo_scim&d=3DDwICAg&c=3DRoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r= =3Dna5FVzBTWmanqWNy4DpctyXPpuYqPkAI1aLcLN4KZNA&m=3DvTNKWgajF8MWgt4tfGeeCs7VA= dsruY5hM9-7IIV-vDI&s=3Dz8UV9HeKJNemdy6_GzHO7foXe70cvn6GczzA0C9RM4c&e=3D From nobody Sat Apr 20 06:58:15 2019 Return-Path: X-Original-To: scim@ietfa.amsl.com Delivered-To: scim@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CBB4120129 for ; Sat, 20 Apr 2019 06:58:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.75 X-Spam-Level: X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aarftXjTXiOz for ; Sat, 20 Apr 2019 06:58:12 -0700 (PDT) Received: from mail-it1-x12b.google.com (mail-it1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7E16120052 for ; Sat, 20 Apr 2019 06:58:12 -0700 (PDT) Received: by mail-it1-x12b.google.com with SMTP id a190so12120484ite.4 for ; Sat, 20 Apr 2019 06:58:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-transfer-encoding; bh=M6oJzxlJRVRZB4NSHGX8IFbCqSioKnZXYFn39ONJjXw=; b=KNR3bSExK/o1u4P+XiZYIkNa/LDM2ecaDf+X5w8XpIXynqsi7e968NOe4VI3fQUh73 YumqZtCkQ+BOetFlO2Qw9jLXSojMpyCrIcr6rfB7DmMkP9zVGBa+D4qwETG/DlSLRz3B vq+1exqZCuSLKXe2TE+4WTsaU9zccehdWFcxedZMLN29uD5bAgd3QuZamuiP8fOvTEqP WmUWatz7izQsUH38KaUvauiIJhIRCjuVkvMsDAPaZUfNU5xuzsSDl0xBWaheQscUsOF6 +oAKGw31hYbVPzBi1YOMf/ZngUi/wyrPZMyuFtfN2X0yCzGWMCsr/CILlRN6XxkXjX5I /PBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-transfer-encoding; bh=M6oJzxlJRVRZB4NSHGX8IFbCqSioKnZXYFn39ONJjXw=; b=RwVlAWitQzRaG2Ttmc62dCLLDrrDss2pKd9JS5lLEH10Af+h2C9oIeHq4XRFSrBOI+ 5MmSiSCKJo0f3IvJiYx4fVDD1MYpl9WOaVHBxaIcfB3US+ZG5aaLvWHZ5JLE3GJNx9JI xtdYVsLCWxcOrLBAH61d88rGOHmdpysO5Jn1G1CP8sRRsKttjm3OyNRbto7856zOWXCn QzpB2PaH3pN9yln/1XRJq+UP5sIzbHsFMzKSGwNCF51eruOJlTpe43AFJ8F3qun7PJmV mazVfGU5PM2QXOX+964FB6qB7uunYGhN12aYAgonU1b0ECnWsCf7MvYzUwqDuEHZjywz KJdw== X-Gm-Message-State: APjAAAWbK7N7CFkOXmetPyZVYhTk9A+cQUXKxIebi+E8/jJ4XQRUolVd 4+cJ/LxbqYSDuHGqM2WTURxKizto4GDrf+eEp5N7gg== X-Google-Smtp-Source: APXvYqw0Ouh/tXwPkq/fCWNawqaJ+4WM8tIIGPspZi4PXTMT5x7Opf9VNPdt8v5l01vGz8qWmAR6et1BoqmSMfIsb74= X-Received: by 2002:a02:43cf:: with SMTP id s198mr424026jab.138.1555768691911; Sat, 20 Apr 2019 06:58:11 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Paul Bismuth Date: Sat, 20 Apr 2019 16:58:00 +0300 Message-ID: To: scim@ietfa.amsl.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Archived-At: Subject: Re: [scim] Filter grammar issues for valFilter X-BeenThere: scim@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Simple Cloud Identity Management BOF List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Apr 2019 13:58:14 -0000 Dear all, Are these questions irrelevant in some way, or is the grammar flawed? Has anyone ever impemented this grammar with an LALR-1 parser? Regards, Paul =D0=B2=D1=82, 26 =D0=BC=D0=B0=D1=80. 2019 =D0=B3. =D0=B2 14:54, Paul Bismut= h : > > Hello, > > It seems to me that there are some problems with the updated grammar > (section 3.4.2 of RFC7644) and the following errata: > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > Errata ID: 4690 > Status: Reported > Type: Technical > > Reported By: Phil Hunt > Date Reported: 2016-05-10 > > Section 3.4.2.2 says: > > valFilter =3D attrExp / logExp / *1"not" "(" valFilter ")" > > It should say: > > valFilter =3D attrExp / valLogExp / *1"not" "(" valFilter ")" > > valLogExp =3D attrExp SP ("and" / "or") SP attrExp > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > * It seems to me that the updated grammar allows expressions such as > "attr.subattr[subattr.x]", however it doesn't make sense regarding the > SCIM data model > * The rule "valLogExp =3D attrExp SP ("and" / "or") SP attrExp" doesn't > allow more than one "and" or "or". Therefore expression such as > "attr[subattr1 pr and subattr2 pr or subattr3 pr]" is rejected > * "valLogExp" doesn't allow the use of the "not" operand except when > negating the whole "valFilter". Is that normal? > * "valLogExp" doesn't allow precedence grouping ("( exp1 or exp2 ) and ex= p3") > > I'd be glad to help with the grammar if these issues are confirmed. > > Cheers, > > Paul