Skip to content

Commit

Permalink
Plugin: Azure: Optimize request when registering/updating user - refs…
Browse files Browse the repository at this point in the history
… BT#21930
  • Loading branch information
AngelFQC committed Sep 12, 2024
1 parent c9d99a6 commit d2ebff9
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 17 deletions.
42 changes: 25 additions & 17 deletions plugin/azure_active_directory/src/AzureActiveDirectory.php
Original file line number Diff line number Diff line change
Expand Up @@ -383,27 +383,35 @@ private function getUserRoleAndCheckIsAdmin(
string $apiRef = 'me/memberOf',
string $groupObjectIdKey = 'objectId'
): array {
try {
$groups = $provider->get($apiRef, $token);
} catch (Exception $e) {
throw new Exception('Exception when requesting user groups from Azure: '.$e->getMessage());
}

// If any specific group ID has been defined for a specific role, use that
// ID to give the user the right role
$givenAdminGroup = $this->get(self::SETTING_GROUP_ID_ADMIN);
$givenSessionAdminGroup = $this->get(self::SETTING_GROUP_ID_SESSION_ADMIN);
$givenTeacherGroup = $this->get(self::SETTING_GROUP_ID_TEACHER);
$userRole = STUDENT;
$isAdmin = false;
foreach ($groups as $group) {
if ($givenAdminGroup == $group[$groupObjectIdKey]) {
$userRole = COURSEMANAGER;
$isAdmin = true;
} elseif ($givenSessionAdminGroup == $group[$groupObjectIdKey]) {
$userRole = SESSIONADMIN;
} elseif ($userRole != SESSIONADMIN && $givenTeacherGroup == $group[$groupObjectIdKey]) {
$userRole = COURSEMANAGER;

$groupRoles = [
'admin' => $this->get(self::SETTING_GROUP_ID_ADMIN),
'sessionAdmin' => $this->get(self::SETTING_GROUP_ID_SESSION_ADMIN),
'teacher' => $this->get(self::SETTING_GROUP_ID_TEACHER),
];

if ($groupRoles = array_filter($groupRoles)) {
try {
$groups = $provider->get($apiRef, $token);
} catch (Exception $e) {
throw new Exception('Exception when requesting user groups from Azure: '.$e->getMessage());
}

foreach ($groups as $group) {
$groupId = $group[$groupObjectIdKey];

if (isset($groupRoles['admin']) && $groupRoles['admin'] === $groupId) {
$userRole = COURSEMANAGER;
$isAdmin = true;
} elseif (isset($groupRoles['sessionAdmin']) && $groupRoles['sessionAdmin'] === $groupId) {
$userRole = SESSIONADMIN;
} elseif (isset($groupRoles['teacher']) && $groupRoles['teacher'] === $groupId && $userRole !== SESSIONADMIN) {
$userRole = COURSEMANAGER;
}
}
}

Expand Down
4 changes: 4 additions & 0 deletions plugin/azure_active_directory/src/AzureCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@ class AzureCommand
* @var Azure
*/
protected $provider;
/**
* @var AccessTokenInterface
*/
private $token;

public function __construct()
{
Expand Down

0 comments on commit d2ebff9

Please sign in to comment.