Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo

auth_external bug? Auto Adding user to a group


Go to End
Reply


1295 Views

Avatar
Craig

Community Member, 6 Posts

2 December 2008 at 10:51am

Edited: 02/12/2008 10:52am

SilverStripe V 2.2.2
auth_external V 0.2

We are using SilverStripe as part of our corporate intranet site but needed to authenticate against a proprietary application in which we have working. The one piece I was not able to get working was the auto add feature and have come to realize an inconsistency in the use of "autoadd" setting. I apologize if this has been resolved in a previous forum post or bug but I was unable to find this issue being documented.

If you look at the code in from ExternalAuthenticator.php starting at line 400

          // But before we write ourselves to the database we must check if
          // the group we are subscribing to exists
          if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
              if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
                  self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
                  $authsuccess = false;
              } else {
                  $member = new Member;

                  $member->update($SQL_memberdata);
                  $member->ID = null;
                  $member->write();
                  Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
              }
          } else {
              self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
              $authsuccess = false;
          }
      }

One line 402 you will see "...DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source))..." where it's looking for Group.Title.

Later on it calls Group::addToGroupByName passing in "autoadd" parameter as well.

But if you look in Group.php


        /**
         * Add a member to a group.
         *
         * @param DataObject $member
         * @param string $groupcode
         */
        static function addToGroupByName($member, $groupcode) {
                $group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");
                if($group) {
                        $member->Groups()->add($group);
                        $member->write();
                }
        }

Notice the line "$group = DataObject::get_one('Group', "Code = '" . Convert::raw2sql($groupcode). "'");"

Here the call to get_one is looking for "Code", not "Title".

So... my diff for ExternalAuthenticator.php for my solution looks like this...

--- ExternalAuthenticator.php.orig      2008-12-01 11:23:40.000000000 -0600
+++ ExternalAuthenticator.php   2008-12-01 15:42:08.000000000 -0600
@@ -399,7 +399,10 @@
 
           // But before we write ourselves to the database we must check if
           // the group we are subscribing to exists
-          if (DataObject::get_one('Group','Group.Title = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
+         // 12/01/08 - Changed the following line to pull from Group by Code not Title as originally coded 
+         //    this is due to Group::addToGroupByName using Group.Title.  Also insured the 
+         //    ExternalAuthenticator::setAutoAdd from _config.php is using the desired Group.Code value
+         if (DataObject::get_one('Group','Group.Code = \'' . Convert::raw2sql(self::getAutoAdd($RAW_source)).'\'')) {
               if (DataObject::get_one('Member','Email = \'' . $SQL_memberdata['Email'] .'\'')) {
                   self::$authmessage = _t('ExternalAuthenticator.GroupExists','An account with your e-mail address already exists');
                   $authsuccess = false;
@@ -409,10 +412,10 @@
                   $member->update($SQL_memberdata);
                   $member->ID = null;
                   $member->write();
-              
                   Group::addToGroupByName($member, Convert::raw2sql(self::getAutoAdd($RAW_source)));
               }
           } else {
+             self::$authmessage = _t('ExternalAuthenticator.GroupExists','Unable to find group');
               $authsuccess = false;
           }
       }

Also in _config.php I made sure the ExternalAuthenticator::setAutoAdd was set to the proper Group.Code value.

If there are better solutions or a patch that I could apply other than what I did above please point me the way.

Cheers,

Craig