Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

auth_external bug? Auto Adding user to a group » Archive

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

auth_external bug? Auto Adding user to a group

Go to End


1854 Views

Avatar
Craig

Community Member, 6 Posts

2 December 2008 at 10:51am

Edited: 02/12/2008 10:52am

SilverStripe V 2.2.2
auth_external V 0.2

We are using SilverStripe as part of our corporate intranet site but needed to authenticate against a proprietary application in which we have working. The one piece I was not able to get working was the auto add feature and have come to realize an inconsistency in the use of "autoadd" setting. I apologize if this has been resolved in a previous forum post or bug but I was unable to find this issue being documented.

If you look at the code in from ExternalAuthenticator.php starting at line 400

          // But before we write ourselves to the database we must check if
          // the group we are subscribing to exists
          if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
              if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
                  self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
                  $authsuccess = false;
              } else {
                  $member = new Member;

                  $member->update($SQL_memberdata);
                  $member->ID = null;
                  $member->write();
                  Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
              }
          } else {
              self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
              $authsuccess = false;
          }
      }

One line 402 you will see "...DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source))..." where it's looking for Group.Title.

Later on it calls Group::addToGroupByName passing in "autoadd" parameter as well.

But if you look in Group.php


        /**
         * Add a member to a group.
         *
         * @param DataObject $member
         * @param string $groupcode
         */
        static function addToGroupByName($member, $groupcode) {
                $group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");
                if($group) {
                        $member->Groups()->add($group);
                        $member->write();
                }
        }

Notice the line "$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");"

Here the call to get_one is looking for "Code", not "Title".

So... my diff for ExternalAuthenticator.php for my solution looks like this...

--- ExternalAuthenticator.php.orig      2008-12-01 11:23:40.000000000 -0600
+++ ExternalAuthenticator.php   2008-12-01 15:42:08.000000000 -0600
@@ -399,7 +399,10 @@
 
           // But before we write ourselves to the database we must check if
           // the group we are subscribing to exists
-          if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
+         // 12/01/08 - Changed the following line to pull from Group by Code not Title as originally coded 
+         //    this is due to Group::addToGroupByName using Group.Title.  Also insured the 
+         //    ExternalAuthenticator::setAutoAdd from _config.php is using the desired Group.Code value
+         if (DataObject::get_one('Group','Group.Code = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
               if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
                   self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
                   $authsuccess = false;
@@ -409,10 +412,10 @@
                   $member->update($SQL_memberdata);
                   $member->ID = null;
                   $member->write();
-              
                   Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
               }
           } else {
+             self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
               $authsuccess = false;
           }
       }

Also in _config.php I made sure the ExternalAuthenticator::setAutoAdd was set to the proper Group.Code value.

If there are better solutions or a patch that I could apply other than what I did above please point me the way.

Cheers,

Craig

Go to Top
Go to TopReturn to top