From ad0ce669f6694e720df823bd6f9cc42da0d53aa5 Mon Sep 17 00:00:00 2001
From: Phan Trung Thanh <trung.thanh.phan@canonical.com>
Date: Tue, 19 Nov 2024 16:56:30 +0100
Subject: [PATCH] ISD2762 run reconcile on saml relation broken (#594)

* run reconcile on saml relation broken

* add cve to trivyignore due to nodejs being packaged with mjolnir
---
 .trivyignore                 |  1 +
 src-docs/saml_observer.py.md |  6 +++---
 src/saml_observer.py         | 15 +++++++++++++++
 tests/unit/test_charm.py     | 20 ++++++++++++++++++++
 4 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 3505f0ab..e3df94e0 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -45,3 +45,4 @@ CVE-2023-45288
 CVE-2024-24790
 CVE-2024-29415
 CVE-2024-34156
+CVE-2024-21538
\ No newline at end of file
diff --git a/src-docs/saml_observer.py.md b/src-docs/saml_observer.py.md
index 49f5a031..1fb45d9b 100644
--- a/src-docs/saml_observer.py.md
+++ b/src-docs/saml_observer.py.md
@@ -12,7 +12,7 @@ The SAML integrator relation observer.
 ## <kbd>class</kbd> `SAMLObserver`
 The SAML Integrator relation observer. 
 
-<a href="../src/saml_observer.py#L24"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
+<a href="../src/saml_observer.py#L25"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
 
 ### <kbd>function</kbd> `__init__`
 
@@ -39,7 +39,7 @@ Shortcut for more simple access the model.
 
 ---
 
-<a href="../src/saml_observer.py#L35"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
+<a href="../src/saml_observer.py#L39"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
 
 ### <kbd>function</kbd> `get_charm`
 
@@ -56,7 +56,7 @@ Return the current charm.
 
 ---
 
-<a href="../src/saml_observer.py#L54"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
+<a href="../src/saml_observer.py#L69"><img align="right" style="float:right;" src="https://img.shields.io/badge/-source-cccccc?style=flat-square"></a>
 
 ### <kbd>function</kbd> `get_relation_as_saml_conf`
 
diff --git a/src/saml_observer.py b/src/saml_observer.py
index 6beeb7b7..42e7a0f7 100644
--- a/src/saml_observer.py
+++ b/src/saml_observer.py
@@ -8,6 +8,7 @@
 
 import ops
 from charms.saml_integrator.v0.saml import SamlDataAvailableEvent, SamlRequires
+from ops.charm import RelationBrokenEvent
 from ops.framework import Object
 
 from charm_state import CharmBaseWithState, CharmState, inject_charm_state
@@ -31,6 +32,9 @@ def __init__(self, charm: CharmBaseWithState):
         self._charm = charm
         self.saml = SamlRequires(self._charm)
         self.framework.observe(self.saml.on.saml_data_available, self._on_saml_data_available)
+        self.framework.observe(
+            charm.on[self.saml.relation_name].relation_broken, self._on_relation_broken
+        )
 
     def get_charm(self) -> CharmBaseWithState:
         """Return the current charm.
@@ -51,6 +55,17 @@ def _on_saml_data_available(self, _: SamlDataAvailableEvent, charm_state: CharmS
         logger.debug("_on_saml_data_available emitting reconcile")
         self.get_charm().reconcile(charm_state)
 
+    @inject_charm_state
+    def _on_relation_broken(self, _: RelationBrokenEvent, charm_state: CharmState) -> None:
+        """Handle SAML data available.
+
+        Args:
+            charm_state: The charm state.
+        """
+        self.model.unit.status = ops.MaintenanceStatus("Reloading homeserver configuration")
+        logger.debug("_on_relation_broken emitting reconcile")
+        self.get_charm().reconcile(charm_state)
+
     def get_relation_as_saml_conf(self) -> typing.Optional[SAMLConfiguration]:
         """Get SAML data from relation.
 
diff --git a/tests/unit/test_charm.py b/tests/unit/test_charm.py
index bfe843ad..9b6ada29 100644
--- a/tests/unit/test_charm.py
+++ b/tests/unit/test_charm.py
@@ -7,6 +7,7 @@
 
 import io
 import json
+import typing
 from unittest.mock import MagicMock
 
 import ops
@@ -473,3 +474,22 @@ def test_redis_enabled_reconcile_pebble_error(
 
     assert isinstance(harness.model.unit.status, ops.BlockedStatus)
     assert error_message in str(harness.model.unit.status)
+
+
+def test_saml_on_relation_broken(
+    saml_configured: Harness, monkeypatch: pytest.MonkeyPatch
+) -> None:
+    """
+    arrange: start the Synapse charm with saml integration, set server_name, mock pebble.
+    act: remove the saml integration.
+    assert: Synapse charm should correctly reconcile.
+    """
+    harness = saml_configured
+    harness.begin()
+    reconcile_mock = MagicMock()
+    monkeypatch.setattr(pebble, "reconcile", reconcile_mock)
+
+    relation = typing.cast(ops.model.Relation, harness.model.get_relation("saml"))
+    harness.remove_relation(relation.id)
+
+    reconcile_mock.assert_called_once()