Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

auth_external bug? Auto Adding user to a group


Reply


1172 Views

Avatar
Craig

Community Member, 6 Posts

2 December 2008 at 10:51am

Edited: 02/12/2008 10:52am

SilverStripe V 2.2.2
auth_external V 0.2

We are using SilverStripe as part of our corporate intranet site but needed to authenticate against a proprietary application in which we have working. The one piece I was not able to get working was the auto add feature and have come to realize an inconsistency in the use of "autoadd" setting. I apologize if this has been resolved in a previous forum post or bug but I was unable to find this issue being documented.

If you look at the code in from ExternalAuthenticator.php starting at line 400

// But before we write ourselves to the database we must check if
// the group we are subscribing to exists
if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
$authsuccess = false;
} else {
$member = new Member;

$member->update($SQL_memberdata);
$member->ID = null;
$member->write();
Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
}
} else {
self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
$authsuccess = false;
}
}

One line 402 you will see "...DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source))..." where it's looking for Group.Title.

Later on it calls Group::addToGroupByName passing in "autoadd" parameter as well.

But if you look in Group.php

/**
* Add a member to a group.
*
* @param DataObject $member
* @param string $groupcode
*/
static function addToGroupByName($member, $groupcode) {
$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");
if($group) {
$member->Groups()->add($group);
$member->write();
}
}

Notice the line "$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");"

Here the call to get_one is looking for "Code", not "Title".

So... my diff for ExternalAuthenticator.php for my solution looks like this...

--- ExternalAuthenticator.php.orig 2008-12-01 11:23:40.000000000 -0600
+++ ExternalAuthenticator.php 2008-12-01 15:42:08.000000000 -0600
@@ -399,7 +399,10 @@

// But before we write ourselves to the database we must check if
// the group we are subscribing to exists
- if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
+ // 12/01/08 - Changed the following line to pull from Group by Code not Title as originally coded
+ // this is due to Group::addToGroupByName using Group.Title. Also insured the
+ // ExternalAuthenticator::setAutoAdd from _config.php is using the desired Group.Code value
+ if (DataObject::get_one('Group','Group.Code = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
$authsuccess = false;
@@ -409,10 +412,10 @@
$member->update($SQL_memberdata);
$member->ID = null;
$member->write();
-
Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
}
} else {
+ self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
$authsuccess = false;
}
}

Also in _config.php I made sure the ExternalAuthenticator::setAutoAdd was set to the proper Group.Code value.

If there are better solutions or a patch that I could apply other than what I did above please point me the way.

Cheers,

Craig