Created
April 20, 2015 08:16
-
-
Save zerolab/79aa65490f9d44f50b74 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From 30a31eae993d24aa5e4887e6ae8a0dab026f5c5d Mon Sep 17 00:00:00 2001 | |
From: Dan Braghis <zerolab@354424.no-reply.drupal.org> | |
Date: Mon, 20 Apr 2015 09:14:37 +0100 | |
Subject: [PATCH] Fix content access issues on first login | |
--- | |
shib_auth.module | 25 ++++++++++++++++++++----- | |
1 file changed, 20 insertions(+), 5 deletions(-) | |
diff --git a/shib_auth.module b/shib_auth.module | |
index 0c6936a..e4d8694 100644 | |
--- a/shib_auth.module | |
+++ b/shib_auth.module | |
@@ -659,14 +659,29 @@ function shib_auth_consent_update($uname, $umail_single, $uid) { | |
* Assign roles to the user's session | |
*/ | |
function shib_auth_role_assignment() { | |
- //generate role cache if it doesn't exists | |
- shib_auth_generate_rolenames(FALSE); | |
- if (shib_auth_session_valid() && !user_is_anonymous() && empty($_SESSION['shib_auth_account_linking'])) { | |
+ if (shib_auth_session_valid() && !user_is_anonymous() | |
+ && empty($_SESSION['shib_auth_account_linking'])) { | |
+ // Generate role cache if it doesn't exist | |
+ shib_auth_generate_rolenames(FALSE); | |
+ | |
shib_auth_assignroles(); | |
} | |
} | |
/** | |
+ * Implements hook_custom_theme(). | |
+ * | |
+ * Assign roles before hook_init() as node_access() gets called before it. | |
+ * This allows SSO accounts with non-sticky roles to access content restricted | |
+ * to certain roles via modules like Content Access. | |
+ * | |
+ * @see https://www.drupal.org/node/553944#comment-3518440 for background. | |
+ */ | |
+function shib_auth_custom_theme() { | |
+ shib_auth_role_assignment(); | |
+} | |
+ | |
+/** | |
* Create a new user based on informations from the Shibboleth handler if it's necessary or log in. | |
* | |
* If already authenticated - do nothing | |
2.3.0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment