When you have this module set up to synch user data on user_save() by setting the zendesk_api_sync_users to TRUE, a problem arises when the actual user may in fact be an 'agent' rather than 'end-user'. If an 'agent' at zendesk changes their password for example on Drupal, they in turn get changed to an 'end-user', essentially locking them out of zendesk with agent privileges.
In general, I think the use of hook_user_update() is much too broad as it always will call zendesk without any checks to see if anything has actually changed in Drupal. The example of a simple password change should not warrant this call.
I propose to look at the $edit and $account variables and just see if the name or email address has changed and if there is any difference in $account or $data after the drupal_alter() call, and only when there are differences, do you tell zendesk to change the user data.
This is the function in question:
<?php
/**
* Implements hook_user_update().
*/
function zendesk_user_update(&$edit, $account, $category) {
if (variable_get('zendesk_api_sync_users', 0)) {
if ($user_id = _zendesk_get_user($account->uid)) {
$zd = zendesk_initialize_library();
$data = array(
'user' => array(
'id' => $user_id,
'name' => format_username($account),
'email' => $account->mail,
'role' => 'end-user',
),
);
// Invoke a alter call to allow other modules to pass data to ZenDesk.
drupal_alter(array('zendesk_user', 'zendesk_user_update'), $data, $account);
$data = drupal_json_encode($data);
$result = $zd->call('/users/' . $user_id, $data, 'PUT');
}
}
}
?>
Comment | File | Size | Author |
---|---|---|---|
#1 | zendesk-user-update-does-not-account-for-agent-2493995-1.patch | 367 bytes | blasthaus |
Comments
Comment #1
blasthaus CreditAttribution: blasthaus commentedSince the 'role' param is not required, the following patch simply removes it to avoid locking out zendesk admins from the site when hook_user_update is invoked. In general the hook_user_update() implementation needs to be rewritten so this issue may be irrelevant in the end.
Comment #2
blasthaus CreditAttribution: blasthaus commented