Feature: Group handling

app/controllers/session_controller.rb

@@ -51,6 +51,7 @@ class SessionController < ApplicationController
         sso.external_id = current_user.id.to_s
         sso.admin = current_user.admin?
         sso.moderator = current_user.moderator?
+        sso.groups = current_user.groups.pluck(:name)
 
         if sso.return_sso_url.blank?
           render plain: "return_sso_url is blank, it must be provided", status: 400

lib/single_sign_on.rb

@@ -1,9 +1,10 @@
 class SingleSignOn
   ACCESSORS = [:nonce, :name, :username, :email, :avatar_url, :avatar_force_update, :require_activation,
                :bio, :external_id, :return_sso_url, :admin, :moderator, :suppress_welcome_message, :title,
-               :add_groups, :remove_groups]
+               :add_groups, :remove_groups, :groups]
   FIXNUMS = []
   BOOLS = [:avatar_force_update, :admin, :moderator, :require_activation, :suppress_welcome_message]
+  ARRAYS = [:groups]
   NONCE_EXPIRY_TIME = 10.minutes
 
   attr_accessor(*ACCESSORS)
@@ -40,6 +41,7 @@ class SingleSignOn
       if BOOLS.include? k
         val = ["true", "false"].include?(val) ? val == "true" : nil
       end
+      val = Array(val) if ARRAYS.include?(k) && !val.nil?
       sso.send("#{k}=", val)
     end
 

spec/controllers/session_controller_spec.rb

@@ -303,6 +303,9 @@ describe SessionController do
         @sso.return_sso_url = "http://somewhere.over.rainbow/sso"
 
         @user = Fabricate(:user, password: "frogs", active: true, admin: true)
+        group = Fabricate(:group)
+        group.add(@user)
+        @user.reload
         EmailToken.update_all(confirmed: true)
       end
 
@@ -328,6 +331,7 @@ describe SessionController do
         expect(sso2.external_id).to eq(@user.id.to_s)
         expect(sso2.admin).to eq(true)
         expect(sso2.moderator).to eq(false)
+        expect(sso2.groups).to eq(@user.groups.pluck(:name))
       end
 
       it "successfully redirects user to return_sso_url when the user is logged in" do