-
-
Notifications
You must be signed in to change notification settings - Fork 812
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authx - validate if the user is blocked #27703
base: master
Are you sure you want to change the base?
Conversation
🤖 Thank you for contributing to CiviCRM! ❤️ We will need to test and review this PR. 👷 Introduction for new contributors...
Quick links for reviewers...
|
This seems like a good idea. From a skim, I'd be suspicious about breaking scenarios where the principal is a (EDIT: Something to look out for: The automated PR test-runs use
Comparing console logs, these things stand out to me:
|
@@ -262,6 +262,10 @@ protected function login(AuthenticatorTarget $tgt) { | |||
return !empty($a) && (string) $a === (string) $b; | |||
}; | |||
|
|||
if ($this->authxUf->getUserIsBlocked($tgt->userId)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In theory, maybe something like....
if ($tgt->userId !== NULL && $this->authxUf->getUserIsBlocked($tgt->userId)) {
030d51d
to
4e79d05
Compare
Requested new E2E test-run on D9: https://test.civicrm.org/job/CiviCRM-Manual-Test/103/ (currently queued) |
4e79d05
to
a9abd36
Compare
a9abd36
to
f81a47f
Compare
Thx for the revision @totten ! This points aren't fixed yet.
The other points are fixed Executed in https://test.civicrm.org/job/CiviCRM-Manual-Test/104/console |
@rubofvil Just checking: from your last comment it was not clear if this PR was ready for a new review, or if there are issues that need fixing? |
Overview
Verify if the user is blocked in the CMS if want to use the API Rest by authx
Before
You can make a API call by webservice if the user is blocked.
With the configuration in
civicrm/admin/setting/authx
is required, like in the image.Image of user blocked in drupal
After
Verify if the user is blocked(only drupal8/9, the other cases in ToDo) in the case that is blocked launch a exception;
Cannot login. User is blocked
Comments
Ref other MR with the deprecated way to call the API
#26185