SilverStripe V 2.2.2
auth_external V 0.2
We are using SilverStripe as part of our corporate intranet site but needed to authenticate against a proprietary application in which we have working. The one piece I was not able to get working was the auto add feature and have come to realize an inconsistency in the use of "autoadd" setting. I apologize if this has been resolved in a previous forum post or bug but I was unable to find this issue being documented.
If you look at the code in from ExternalAuthenticator.php starting at line 400
// But before we write ourselves to the database we must check if
// the group we are subscribing to exists
if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
$authsuccess = false;
} else {
$member = new Member;
$member->update($SQL_memberdata);
$member->ID = null;
$member->write();
Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
}
} else {
self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
$authsuccess = false;
}
}
One line 402 you will see "...DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source))..." where it's looking for Group.Title.
Later on it calls Group::addToGroupByName passing in "autoadd" parameter as well.
But if you look in Group.php
/**
* Add a member to a group.
*
* @param DataObject $member
* @param string $groupcode
*/
static function addToGroupByName($member, $groupcode) {
$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");
if($group) {
$member->Groups()->add($group);
$member->write();
}
}
Notice the line "$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");"
Here the call to get_one is looking for "Code", not "Title".
So... my diff for ExternalAuthenticator.php for my solution looks like this...
--- ExternalAuthenticator.php.orig 2008-12-01 11:23:40.000000000 -0600
+++ ExternalAuthenticator.php 2008-12-01 15:42:08.000000000 -0600
@@ -399,7 +399,10 @@
// But before we write ourselves to the database we must check if
// the group we are subscribing to exists
- if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
+ // 12/01/08 - Changed the following line to pull from Group by Code not Title as originally coded
+ // this is due to Group::addToGroupByName using Group.Title. Also insured the
+ // ExternalAuthenticator::setAutoAdd from _config.php is using the desired Group.Code value
+ if (DataObject::get_one('Group','Group.Code = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
$authsuccess = false;
@@ -409,10 +412,10 @@
$member->update($SQL_memberdata);
$member->ID = null;
$member->write();
-
Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
}
} else {
+ self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
$authsuccess = false;
}
}
Also in _config.php I made sure the ExternalAuthenticator::setAutoAdd was set to the proper Group.Code value.
If there are better solutions or a patch that I could apply other than what I did above please point me the way.
Cheers,
Craig