Auth group sync: Fixed unintential mapping behaviour change

Due to change in how casing was handled when used in the "External Auth ID" role field. Likely related to #3535. Added test to cover.
2024-11-22 12:30:27 +08:00 · 2022-06-27 14:17:42 +01:00 · 2022-06-27 14:17:42 +01:00 · 0bcd1795cb
commit 0bcd1795cb
parent 47887ec595
2 changed files with 13 additions and 1 deletions
--- a/app/Auth/Access/GroupSyncService.php
+++ b/app/Auth/Access/GroupSyncService.php
@ -39,7 +39,7 @@ class GroupSyncService

    protected function parseRoleExternalAuthId(string $externalId): array
    {
-        $inputIds = preg_split('/(?<!\\\),/', $externalId);
+        $inputIds = preg_split('/(?<!\\\),/', strtolower($externalId));
        $cleanIds = [];

        foreach ($inputIds as $inputId) {
--- a/tests/Auth/GroupSyncServiceTest.php
+++ b/tests/Auth/GroupSyncServiceTest.php
@ -54,4 +54,16 @@ class GroupSyncServiceTest extends TestCase
        $user = User::query()->find($user->id);
        $this->assertTrue($user->hasRole($role->id));
    }
+
+    public function test_external_auth_id_matches_ignoring_case()
+    {
+        $user = $this->getViewer();
+        $role = Role::factory()->create(['display_name' => 'ABC123', 'external_auth_id' => 'WaRRioRs']);
+        $this->assertFalse($user->hasRole($role->id));
+
+        (new GroupSyncService())->syncUserWithFoundGroups($user, ['wArriors', 'penguiNs'], false);
+
+        $user = User::query()->find($user->id);
+        $this->assertTrue($user->hasRole($role->id));
+    }
 }