The current discourse_sync is working great for one use case:
- All Drupal users already exist in Discourse, and
- A new user role is created, and
- Role gets added to Drupal users
My use case is somewhat different, and discourse_sync does not address it, which is:
- Discourse sync is not yet enabled in production
- Only some Drupal users have been SSO'ed / created in Discourse
- The Drupal role that I want to sync with a Discourse group already exists
So the problem is two-fold:
1. When a user SSO's to Discourse for the first time, they don't get added to the correct groups.
I don't see any reasonable way to work around this.
2. When an existing Drupal user with a sync'ed role SSOs to Discourse, they don't get added to the correct groups.
(Because their group will only be synced when their user account gets edited.)
I can work around this issue by forcing a re-save on all user accounts, so not quite as big a deal.
Syncing groups upon SSO would address both these issues.
Issue fork discourse_sso-3254164
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
Comments
Comment #5
AaronBaumanOpened MR https://git.drupalcode.org/project/discourse_sso/-/merge_requests/2 adding implementation of discourse_sync_discourse_sso_parameters_alter() to add groups to the SSO login payload, per docs https://meta.discourse.org/t/discourseconnect-official-single-sign-on-fo...
Comment #6
jurgenhaasThis is a great idea, only have one comment you should probably address in the code.
Comment #7
AaronBaumanThanks for the feedback. MR updated.
Comment #9
jurgenhaasLooks great, just merged.