add and use updateExternalDBGroups function, fixes #49641

This enables plugins to add/remove groups in an external authentication
service when a group is added via the MediaWiki interface without relying
on the related Hooks. Relying on the Hook would mean that a plugin cannot
use User::addGroup or User::delGroup to add/remove groups comming FROM
the authentication service, as these functions would call the hook and
then redundantly add these groups to the auth-service again.

Change-Id: Ia04d5bb30831a89dfc66128e3c335bbe07f724b6

diff --git a/includes/AuthPlugin.php b/includes/AuthPlugin.php
index a465817..84cf3d5 100644 (file)
--- a/includes/AuthPlugin.php
+++ b/includes/AuthPlugin.php
@@ -212,6 +212,19 @@ class AuthPlugin {
                return true;
        }
 
+       /**
+        * Update user groups in the external authentication database.
+        * Return true if successful.
+        *
+        * @param $user User object.
+        * @param $addgroups Groups to add.
+        * @param $delgroups Groups to remove.
+        * @return Boolean
+        */
+       public function updateExternalDBGroups( $user, $addgroups, $delgroups = array() ) {
+               return true;
+       }
+
        /**
         * Check to see if external accounts can be created.
         * Return true if external accounts can be created.

diff --git a/includes/User.php b/includes/User.php
index bb61e80..c6f660d 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -1162,16 +1162,20 @@ class User {
         * @see $wgAutopromoteOnce
         */
        public function addAutopromoteOnceGroups( $event ) {
-               global $wgAutopromoteOnceLogInRC;
+               global $wgAutopromoteOnceLogInRC, $wgAuth;
 
                $toPromote = array();
                if ( $this->getId() ) {
                        $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
                        if ( count( $toPromote ) ) {
                                $oldGroups = $this->getGroups(); // previous groups
+
                                foreach ( $toPromote as $group ) {
                                        $this->addGroup( $group );
                                }
+                               // update groups in external authentication database
+                               $wgAuth->updateExternalDBGroups( $this, $toPromote );
+
                                $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
 
                                $logEntry = new ManualLogEntry( 'rights', 'autopromote' );

diff --git a/includes/specials/SpecialUserrights.php b/includes/specials/SpecialUserrights.php
index e893455..77f2063 100644 (file)
--- a/includes/specials/SpecialUserrights.php
+++ b/includes/specials/SpecialUserrights.php
@@ -216,6 +216,8 @@ class UserrightsPage extends SpecialPage {
         * @return Array: Tuple of added, then removed groups
         */
        function doSaveUserGroups( $user, $add, $remove, $reason = '' ) {
+               global $wgAuth;
+
                // Validate input set...
                $isself = ( $user->getName() == $this->getUser()->getName() );
                $groups = $user->getGroups();
@@ -251,6 +253,9 @@ class UserrightsPage extends SpecialPage {
                // Ensure that caches are cleared
                $user->invalidateCache();
 
+               // update groups in external authentication database
+               $wgAuth->updateExternalDBGroups( $user, $add, $remove );
+
                wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) );
                wfDebug( 'newGroups: ' . print_r( $newGroups, true ) );
                wfRunHooks( 'UserRights', array( &$user, $add, $remove ) );