User.set_automatic_groups is not called for all social logins


(Joshua Rosenfeld) #1

Our Google login provider has the following code:

def after_create_account(user, auth)
  data = auth[:extra_data]
  GoogleUserInfo.create({ user_id: user.id }.merge(data))
  if auth[:email_valid].to_s == 'true' && data[:email]&.downcase == user.email
    EmailToken.confirm(user.email_tokens.first.token)
    user.set_automatic_groups
  end
end

Specifically, user.set_automatic_groups ensures that automatic group rules are applied to the user. This function is not called by our other auto providers, including GitHub, Facebook, and Twitter. We should ensure that all social login provider call user.set_automatic_groups, or that the call is extracted to a shared function that all providers use.

cc @supermathie @n-b-sonar


(Michael Brown) #2

I was pondering earlier whether it would make sense to just fire this in e.g. User.logged_in so that it’s refreshed on login, but without delving into it it probably makes sense to trigger this:

  • in the UserEmail controller when a user’s (verified) email address is updated
  • when the autogroup rules change

#9

I’ve sent a PR for this:


#10

PR merged thanks to @tgxworld :tada: :confetti_ball:


#11