From c5e794d37b3963e5c71db8efabcd77492b09836a Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Wed, 18 Apr 2018 11:17:29 +0200 Subject: [PATCH] Implemented issue #1954 - Allow to automatically linking of existing user by initial login via third party authentication provider. --- app/models/authorization.rb | 6 ++++ app/models/user.rb | 2 +- ...tting_third_party_link_account_at_login.rb | 34 +++++++++++++++++++ db/seeds/settings.rb | 26 ++++++++++++++ 4 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20180418000001_setting_third_party_link_account_at_login.rb diff --git a/app/models/authorization.rb b/app/models/authorization.rb index 8e61d99b9..7098b0929 100644 --- a/app/models/authorization.rb +++ b/app/models/authorization.rb @@ -53,6 +53,12 @@ class Authorization < ApplicationModel def self.create_from_hash(hash, user = nil) + if !user && Setting.get('auth_third_party_auto_link_at_inital_login') + if hash['info'] && hash['info']['email'].present? + user = User.find_by(email: hash['info']['email'].downcase) + end + end + if !user user = User.create_from_hash!(hash) end diff --git a/app/models/user.rb b/app/models/user.rb index b30329d13..3bcc634f7 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -386,7 +386,7 @@ returns next if local_url.blank? url = local_url end - create( + create!( login: hash['info']['nickname'] || hash['uid'], firstname: hash['info']['name'], email: hash['info']['email'], diff --git a/db/migrate/20180418000001_setting_third_party_link_account_at_login.rb b/db/migrate/20180418000001_setting_third_party_link_account_at_login.rb new file mode 100644 index 000000000..c43872708 --- /dev/null +++ b/db/migrate/20180418000001_setting_third_party_link_account_at_login.rb @@ -0,0 +1,34 @@ +class SettingThirdPartyLinkAccountAtLogin < ActiveRecord::Migration[5.1] + def up + + # return if it's a new setup + return if !Setting.find_by(name: 'system_init_done') + + Setting.create_if_not_exists( + title: 'Automatic account link on initial logon', + name: 'auth_third_party_auto_link_at_inital_login', + area: 'Security::ThirdPartyAuthentication', + description: 'Enables the automatic linking of an existing account on initial login via a third party application. If this is disabled, an existing user must first log into Zammad and then link his "Third Party" account to his Zammad account via Profile -> Linked Accounts.', + options: { + form: [ + { + display: '', + null: true, + name: 'auth_third_party_auto_link_at_inital_login', + tag: 'boolean', + options: { + true => 'yes', + false => 'no', + }, + }, + ], + }, + preferences: { + permission: ['admin.security'], + prio: 10, + }, + state: false, + frontend: false + ) + end +end diff --git a/db/seeds/settings.rb b/db/seeds/settings.rb index ecb84be0b..41869c850 100644 --- a/db/seeds/settings.rb +++ b/db/seeds/settings.rb @@ -954,6 +954,32 @@ Setting.create_if_not_exists( }, frontend: false ) +Setting.create_if_not_exists( + title: 'Automatic account link on initial logon', + name: 'auth_third_party_auto_link_at_inital_login', + area: 'Security::ThirdPartyAuthentication', + description: 'Enables the automatic linking of an existing account on initial login via a third party application. If this is disabled, an existing user must first log into Zammad and then link his "Third Party" account to his Zammad account via Profile -> Linked Accounts.', + options: { + form: [ + { + display: '', + null: true, + name: 'auth_third_party_auto_link_at_inital_login', + tag: 'boolean', + options: { + true => 'yes', + false => 'no', + }, + }, + ], + }, + preferences: { + permission: ['admin.security'], + prio: 10, + }, + state: false, + frontend: false +) Setting.create_if_not_exists( title: 'Authentication via %s', name: 'auth_twitter',