From 92fee87a7f30d97c0c661fd283fa614317811681 Mon Sep 17 00:00:00 2001 From: iglocska Date: Wed, 24 Nov 2021 01:34:15 +0100 Subject: [PATCH] fix: [keycloak] when enrolling users in keycloak, use the user organisation_id instead of the individual's first alias --- src/Model/Behavior/AuthKeycloakBehavior.php | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/Model/Behavior/AuthKeycloakBehavior.php b/src/Model/Behavior/AuthKeycloakBehavior.php index d42a8c9..4b46a87 100644 --- a/src/Model/Behavior/AuthKeycloakBehavior.php +++ b/src/Model/Behavior/AuthKeycloakBehavior.php @@ -98,7 +98,7 @@ class AuthKeycloakBehavior extends Behavior { $individual = $this->_table->Individuals->find()->where( ['id' => $data['individual_id']] - )->contain(['Organisations'])->first(); + )->first(); $roleConditions = [ 'id' => $data['role_id'] ]; @@ -106,10 +106,9 @@ class AuthKeycloakBehavior extends Behavior $roleConditions['name'] = Configure::read('keycloak.default_role_name'); } $role = $this->_table->Roles->find()->where($roleConditions)->first(); - $orgs = []; - foreach ($individual['organisations'] as $org) { - $orgs[] = $org['uuid']; - } + $org = $this->_table->Organisations->find()->where([ + ['id' => $data['organisation_id']] + ]); $token = $this->getAdminAccessToken(); $keyCloakUser = [ 'firstName' => $individual['first_name'], @@ -118,7 +117,7 @@ class AuthKeycloakBehavior extends Behavior 'email' => $individual['email'], 'attributes' => [ 'role_name' => empty($role['name']) ? Configure::read('keycloak.default_role_name') : $role['name'], - 'org_uuid' => empty($orgs[0]) ? '' : $orgs[0] + 'org_uuid' => $orgs['uuid'] ] ]; $keycloakConfig = Configure::read('keycloak');