Jump to:

17452 Posts in 4473 Topics by 1971 members

Archive

SilverStripe Forums » Archive » auth_external bug? Auto Adding user to a group

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Page: 1
Go to End
Author Topic: 1000 Views
  • Craig
    Avatar
    Community Member
    6 Posts

    auth_external bug? Auto Adding user to a group Link to this post

    SilverStripe V 2.2.2
    auth_external V 0.2

    We are using SilverStripe as part of our corporate intranet site but needed to authenticate against a proprietary application in which we have working. The one piece I was not able to get working was the auto add feature and have come to realize an inconsistency in the use of "autoadd" setting. I apologize if this has been resolved in a previous forum post or bug but I was unable to find this issue being documented.

    If you look at the code in from ExternalAuthenticator.php starting at line 400

    // But before we write ourselves to the database we must check if
    // the group we are subscribing to exists
    if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
    if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
    self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
    $authsuccess = false;
    } else {
    $member = new Member;

    $member->update($SQL_memberdata);
    $member->ID = null;
    $member->write();
    Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
    }
    } else {
    self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
    $authsuccess = false;
    }
    }

    One line 402 you will see "...DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source))..." where it's looking for Group.Title.

    Later on it calls Group::addToGroupByName passing in "autoadd" parameter as well.

    But if you look in Group.php

    /**
    * Add a member to a group.
    *
    * @param DataObject $member
    * @param string $groupcode
    */
    static function addToGroupByName($member, $groupcode) {
    $group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");
    if($group) {
    $member->Groups()->add($group);
    $member->write();
    }
    }

    Notice the line "$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");"

    Here the call to get_one is looking for "Code", not "Title".

    So... my diff for ExternalAuthenticator.php for my solution looks like this...

    --- ExternalAuthenticator.php.orig 2008-12-01 11:23:40.000000000 -0600
    +++ ExternalAuthenticator.php 2008-12-01 15:42:08.000000000 -0600
    @@ -399,7 +399,10 @@

    // But before we write ourselves to the database we must check if
    // the group we are subscribing to exists
    - if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
    + // 12/01/08 - Changed the following line to pull from Group by Code not Title as originally coded
    + // this is due to Group::addToGroupByName using Group.Title. Also insured the
    + // ExternalAuthenticator::setAutoAdd from _config.php is using the desired Group.Code value
    + if (DataObject::get_one('Group','Group.Code = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
    if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
    self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
    $authsuccess = false;
    @@ -409,10 +412,10 @@
    $member->update($SQL_memberdata);
    $member->ID = null;
    $member->write();
    -
    Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
    }
    } else {
    + self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
    $authsuccess = false;
    }
    }

    Also in _config.php I made sure the ExternalAuthenticator::setAutoAdd was set to the proper Group.Code value.

    If there are better solutions or a patch that I could apply other than what I did above please point me the way.

    Cheers,

    Craig

    1000 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.