From 983525622410bd85dffb0a9dea679399c55717d2 Mon Sep 17 00:00:00 2001
From: Thomas Belliard
Date: Thu, 5 Sep 2013 22:42:20 +0300
Subject: [PATCH 1/2] Add support for auto-creation of successfully
authenticated users
---
README.md | 4 ++++
app/views/redmine_cas/_settings.html.erb | 5 +++++
config/locales/en.yml | 3 +++
init.rb | 5 +++--
lib/redmine_cas.rb | 4 ++++
lib/redmine_cas/application_controller_patch.rb | 14 ++++++++++++++
6 files changed, 33 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 1bdd339..b68c18f 100644
--- a/README.md
+++ b/README.md
@@ -27,6 +27,10 @@ The default login page will still work when you access it directly (http://examp
The sessions have to be stored in the database to make Single Sign Out work.
You can achieve this with a tiny plugin: [redmine_activerecord_session_store](https://github.com/pencil/redmine_activerecord_session_store)
+### Auto-create users
+
+By enabling this setting, successfully authenticated users will be automatically added into Redmine if they do not already exist. You *must* define the attribute mapping for at least firstname, lastname and mail attributes for this to work.
+
## Copyright
Copyright (c) 2013 Nine Internet Solutions AG. See LICENSE.txt for further details.
diff --git a/app/views/redmine_cas/_settings.html.erb b/app/views/redmine_cas/_settings.html.erb
index ca80225..1797052 100644
--- a/app/views/redmine_cas/_settings.html.erb
+++ b/app/views/redmine_cas/_settings.html.erb
@@ -12,3 +12,8 @@
<%= text_field_tag "settings[attributes_mapping]", @settings[:attributes_mapping], :size => 50 %>
<%= l(:redmine_cas_settings_attributes_mapping_helptext, :attribute_names => User.attribute_names.join(', ')).html_safe %>
+
+ <%= label_tag "settings[autocreate_users]", l(:redmine_cas_settings_autocreate_users_label) %>
+ <%= check_box_tag "settings[autocreate_users]", 1, @settings[:autocreate_users] %>
+ <%= l(:redmine_cas_settings_autocreate_users_helptext).html_safe %>
+
diff --git a/config/locales/en.yml b/config/locales/en.yml
index a0dcab5..305e285 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -4,4 +4,7 @@ en:
redmine_cas_settings_cas_url_helptext: 'Base URL to your CAS server.'
redmine_cas_settings_attributes_mapping_label: 'Attributes mapping'
redmine_cas_settings_attributes_mapping_helptext: 'This is how the plugin maps extended attributes from the CAS server to the redmine model.
attribute_name_in_redmine=attribute_name_in_cas_response
Separate entries with &
(query-string).
Example: firstname=first_name&lastname=last_name&mail=email
Valid attribute names: %{attribute_names}
'
+ redmine_cas_settings_autocreate_users_label: 'Auto-create users'
+ redmine_cas_settings_autocreate_users_helptext: 'Automatically create a redmine user if it is successfully authenticated.
Will only work if you specify firstname, lastname and mail in the attributes mapping setting above.'
rbcas_cas_user_not_found: '"%{user}" was authenticated but needs to be created in Redmine first.'
+ rbcas_cas_user_not_created: '"%{user}" was authenticated but could not be created automatically in Redmine. It must be added manually.'
diff --git a/init.rb b/init.rb
index 2d2292b..29f6ee4 100644
--- a/init.rb
+++ b/init.rb
@@ -7,14 +7,15 @@ Redmine::Plugin.register :redmine_cas do
name 'Redmine CAS'
author 'Nils Caspar (Nine Internet Solutions AG)'
description 'Plugin to CASify your Redmine installation.'
- version '1.0.1'
+ version '1.0.2'
url 'https://github.com/ninech/redmine_cas'
author_url 'http://www.nine.ch/'
settings :default => {
'enabled' => false,
'cas_url' => 'https://',
- 'attributes_mapping' => 'firstname=first_name&lastname=last_name&mail=email'
+ 'attributes_mapping' => 'firstname=first_name&lastname=last_name&mail=email',
+ 'autocreate_users' => false
}, :partial => 'redmine_cas/settings'
Rails.configuration.to_prepare do
diff --git a/lib/redmine_cas.rb b/lib/redmine_cas.rb
index 392a5ea..e383eaa 100644
--- a/lib/redmine_cas.rb
+++ b/lib/redmine_cas.rb
@@ -12,6 +12,10 @@ module RedmineCAS
setting(:enabled)
end
+ def autocreate_users?
+ setting(:autocreate_users)
+ end
+
def setup!
return unless enabled?
CASClient::Frameworks::Rails::Filter.configure(
diff --git a/lib/redmine_cas/application_controller_patch.rb b/lib/redmine_cas/application_controller_patch.rb
index 4ce8a0d..3ff469a 100644
--- a/lib/redmine_cas/application_controller_patch.rb
+++ b/lib/redmine_cas/application_controller_patch.rb
@@ -28,6 +28,16 @@ module RedmineCAS
def login_with_cas
if CASClient::Frameworks::Rails::Filter.filter(self)
user = User.find_by_login(session[:cas_user])
+
+ # Auto-create user if possible
+ if user.nil? and RedmineCAS.autocreate_users?
+ user = User.new
+ user.login = session[:cas_user]
+ user.assign_attributes(RedmineCAS.user_extra_attributes_from_session(session))
+ return cas_user_not_created if !user.save
+ user.reload
+ end
+
return cas_user_not_found if user.nil?
return cas_account_pending unless user.active?
user.update_attributes(RedmineCAS.user_extra_attributes_from_session(session))
@@ -51,6 +61,10 @@ module RedmineCAS
def cas_user_not_found
render_403 :message => l(:rbcas_cas_user_not_found, :user => session[:cas_user])
end
+
+ def cas_user_not_created
+ render_403 :message => l(:rbcas_cas_user_not_created, :user => session[:cas_user])
+ end
end
end
end
From e28832c051a9581b25ba36c6ad5742869d6e0926 Mon Sep 17 00:00:00 2001
From: Nils Caspar
Date: Wed, 15 Jan 2014 22:01:04 +0100
Subject: [PATCH 2/2] Fix style
---
lib/redmine_cas/application_controller_patch.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/redmine_cas/application_controller_patch.rb b/lib/redmine_cas/application_controller_patch.rb
index 3ff469a..1b8fe35 100644
--- a/lib/redmine_cas/application_controller_patch.rb
+++ b/lib/redmine_cas/application_controller_patch.rb
@@ -30,7 +30,7 @@ module RedmineCAS
user = User.find_by_login(session[:cas_user])
# Auto-create user if possible
- if user.nil? and RedmineCAS.autocreate_users?
+ if user.nil? && RedmineCAS.autocreate_users?
user = User.new
user.login = session[:cas_user]
user.assign_attributes(RedmineCAS.user_extra_attributes_from_session(session))