Fix SSO authentication not working due to missing agreement boolean (#9915)

Fix #9906
2019-01-25 12:36:54 +01:00
parent e1ec3a9f09
commit 9519d55332
2 changed files with 3 additions and 0 deletions
--- a/app/models/concerns/omniauthable.rb
+++ b/app/models/concerns/omniauthable.rb
@ -63,6 +63,7 @@ module Omniauthable
      {
        email: email || "#{TEMP_EMAIL_PREFIX}-#{auth.uid}-#{auth.provider}.com",
        password: Devise.friendly_token[0, 20],
+        agreement: true,
        account_attributes: {
          username: ensure_unique_username(auth.uid),
          display_name: display_name,
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -295,6 +295,7 @@ class User < ApplicationRecord

  def self.pam_get_user(attributes = {})
    return nil unless attributes[:email]
+
    resource =
      if Devise.check_at_sign && !attributes[:email].index('@')
        joins(:account).find_by(accounts: { username: attributes[:email] })
@ -304,6 +305,7 @@ class User < ApplicationRecord

    if resource.blank?
      resource = new(email: attributes[:email], agreement: true)
+
      if Devise.check_at_sign && !resource[:email].index('@')
        resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false)
        resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email]