From 5d5268a82b3ca0da9e2275b97fe6c3430c9b8bf2 Mon Sep 17 00:00:00 2001
From: Rafael dos Santos Silva <xfalcox@gmail.com>
Date: Wed, 25 Oct 2017 22:49:17 -0200
Subject: [PATCH] Feature: Group handling

---
 app/controllers/session_controller.rb       | 1 +
 lib/single_sign_on.rb                       | 4 +++-
 spec/controllers/session_controller_spec.rb | 4 ++++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/app/controllers/session_controller.rb b/app/controllers/session_controller.rb
index c67e6baf340..f05d0976af6 100644
--- a/app/controllers/session_controller.rb
+++ b/app/controllers/session_controller.rb
@@ -51,6 +51,7 @@ class SessionController < ApplicationController
         sso.external_id = current_user.id.to_s
         sso.admin = current_user.admin?
         sso.moderator = current_user.moderator?
+        sso.groups = current_user.groups.pluck(:name)
 
         if sso.return_sso_url.blank?
           render plain: "return_sso_url is blank, it must be provided", status: 400
diff --git a/lib/single_sign_on.rb b/lib/single_sign_on.rb
index 3d31722293a..ef5a47d7b19 100644
--- a/lib/single_sign_on.rb
+++ b/lib/single_sign_on.rb
@@ -1,9 +1,10 @@
 class SingleSignOn
   ACCESSORS = [:nonce, :name, :username, :email, :avatar_url, :avatar_force_update, :require_activation,
                :bio, :external_id, :return_sso_url, :admin, :moderator, :suppress_welcome_message, :title,
-               :add_groups, :remove_groups]
+               :add_groups, :remove_groups, :groups]
   FIXNUMS = []
   BOOLS = [:avatar_force_update, :admin, :moderator, :require_activation, :suppress_welcome_message]
+  ARRAYS = [:groups]
   NONCE_EXPIRY_TIME = 10.minutes
 
   attr_accessor(*ACCESSORS)
@@ -40,6 +41,7 @@ class SingleSignOn
       if BOOLS.include? k
         val = ["true", "false"].include?(val) ? val == "true" : nil
       end
+      val = Array(val) if ARRAYS.include?(k) && !val.nil?
       sso.send("#{k}=", val)
     end
 
diff --git a/spec/controllers/session_controller_spec.rb b/spec/controllers/session_controller_spec.rb
index e04681b2f3c..f80e5b76438 100644
--- a/spec/controllers/session_controller_spec.rb
+++ b/spec/controllers/session_controller_spec.rb
@@ -303,6 +303,9 @@ describe SessionController do
         @sso.return_sso_url = "http://somewhere.over.rainbow/sso"
 
         @user = Fabricate(:user, password: "frogs", active: true, admin: true)
+        group = Fabricate(:group)
+        group.add(@user)
+        @user.reload
         EmailToken.update_all(confirmed: true)
       end
 
@@ -328,6 +331,7 @@ describe SessionController do
         expect(sso2.external_id).to eq(@user.id.to_s)
         expect(sso2.admin).to eq(true)
         expect(sso2.moderator).to eq(false)
+        expect(sso2.groups).to eq(@user.groups.pluck(:name))
       end
 
       it "successfully redirects user to return_sso_url when the user is logged in" do