--- pnuserapi.php 2010-04-09 21:32:34.000000000 +0000 +++ /home/fedora/pfrields/pnuserapi.php 2010-04-09 22:53:47.000000000 +0000 @@ -44,6 +44,8 @@ $groups = $response["person"]["approved_memberships"]; $found = false; $admin = false; + $writer = false; + $editor = false; for ($i = 0, $cnt = count($groups); $i < $cnt; $i++) { if ($groups[$i]["name"] = "cla_done") { error_log("FAS auth succeeded for $username", 0); @@ -51,7 +53,13 @@ } if ($groups[$i]["name"] = "cmsadmin") { $admin = true; - } + } + if ($groups[$i]["name"] = "cmseditors") { + $editor = true; + } + if ($groups[$i]["name"] = "cmswriters") { + $writer = true; + } } if (!$found) { error_log("FAS auth failed for $username: insufficient group membership", 0); @@ -70,7 +78,7 @@ $uid = $user['uid']; } - pnModAPIFunc('AuthFAS', 'user', 'syncgroups', array('uid' => $uid, 'admin' => $admin)); + pnModAPIFunc('AuthFAS', 'user', 'syncgroups', array('uid' => $uid, 'admin' => $admin, 'editor' => $editor, 'writer' => $writer)); pnUserSetVar('lastlogin', date("Y-m-d H:i:s", time()), $uid); return $uid; @@ -152,16 +160,39 @@ } // Maybe in the admin group $group = DBUtil::selectObjectByID('groups', 'Administrators', 'name'); - if (!$group) { - return false; - } - $is_admin_member = pnModAPIFunc('Groups', 'user', 'isgroupmember', array('gid' => $group['gid'], 'uid' => $args['uid'])); - if (!$is_admin_member && $args['admin']) { - pnModAPIFunc('Groups', 'user', 'adduser', array('gid' => $group['gid'], 'uid' => $args['uid'])); - } else if ($is_admin_member && !$args['admin']) { - // We need to remove them, they are no longer in the admin group - pnModAPIFunc('Groups', 'user', 'removeuser', array('gid' => $group['gid'], 'uid' => $args['uid'])); - } + if ($group) { + $is_admin_member = pnModAPIFunc('Groups', 'user', 'isgroupmember', array('gid' => $group['gid'], 'uid' => $args['uid'])); + if (!$is_admin_member && $args['admin']) { + pnModAPIFunc('Groups', 'user', 'adduser', array('gid' => $group['gid'], 'uid' => $args['uid'])); + } else if ($is_admin_member && !$args['admin']) { + // We need to remove them, they are no longer in the admin group + pnModAPIFunc('Groups', 'user', 'removeuser', array('gid' => $group['gid'], 'uid' => $args['uid'])); + } + } + + // Maybe in editors group + $group = DBUtil::selectObjectByID('groups', 'Editors', 'name'); + if ($group) { + $is_editors_member = pnModAPIFunc('Groups', 'user', 'isgroupmember', array('gid' => $group['gid'], 'uid' => $args['uid'])); + if (!$is_editors_member && $args['editor']) { + pnModAPIFunc('Groups', 'user', 'adduser', array('gid' => $group['gid'], 'uid' => $args['uid'])); + } else if ($is_editors_member && !$args['editor']) { + // Need to remove, not in editors group anymore + pnModAPIFunc('Groups', 'user', 'removeuser', array('gid' => $group['gid'], 'uid' => $args['uid'])); + } + } // otherwise there is no Editors group + + // Maybe in writers group (currently called News in Insight) + $group = DBUtil::selectObjectByID('groups', 'News', 'name'); + if ($group) { + $is_writers_member = pnModAPIFunc('Groups', 'user', 'isgroupmember', array('gid' => $group['gid'], 'uid' => $args['uid'])); + if (!$is_writers_member && $args['writer']) { + pnModAPIFunc('Groups', 'user', 'adduser', array('gid' => $group['gid'], 'uid' => $args['uid'])); + } else if ($is_writers_member && !$args['writer']) { + // Need to remove, not in writers group anymore + pnModAPIFunc('Groups', 'user', 'removeuser', array('gid' => $group['gid'], 'uid' => $args['uid'])); + } + } // otherwise there is no News group } /**