Missing code method from the event docs

[johnwbaxter]

In the docs here: https://saml-sp.flipboxfactory.com/configure/events.html#examples

There is a method that doesn't resolve to anything in the SAML-SP codebase

// Determine if admin, return if not
        if (! MyUserHelper::isAdminUser($user, $response)){
            return;
        }

Is it somewhere I have missed?

[dsmrt]

👋 @johnwbaxter ,

Are you talking about the MyUserHelper::isAdminUser($user, $response)? If so, this is just an example on how to build something on yours side. MyUserHelper would be a helper class you build for your own business logic.

Let me know if I'm misunderstanding. Also, feel free to elaborate on what you are trying to do and I'll attempt to help.

Thanks!

[johnwbaxter]

Hey Damien!

Yeah, that is the method I was talking about! Ok, understood, It hadn't dawned on me that it wasn't part of the codebase :)

What I'm trying to do is that when a user is created when they login via SSO for the first time, is to move them into a user group in Craft.

Thanks!

John

[dsmrt]

There's a few ways you can go about this.

1. Out-of-the-box, you can use the config/saml-sp.php and add this config with the group ids \flipbox\saml\sp\models\Settings::$defaultGroupAssignments you want all users to automatically be assigned to. All users will be added to the specified groups, but every time they are are logged in. Example:

   // config/saml-sp.php
   return [
   'defaultGroupAssignments' => [
       12343, // the user group id
   ]
   ];

2. Use the example code (you mentioned above) but edit it to figure out if the user is new or not. Example:

   Event::on(
   \flipbox\saml\sp\services\Login::class,
   \flipbox\saml\sp\services\Login::EVENT_AFTER_RESPONSE_TO_USER,
   function (\flipbox\saml\sp\events\UserLogin $event) {
   
       /** @var \craft\elements\User $user */
       $user = $event->user;
   
       // Get existing groups
       $groups = [];
       foreach ($user->getGroups() as $group) {
           $groups[$group->id] = $group;
       }
   
       // Determine if this user was just created or not ... (I have not tested this so beware)
      // basically just checking to see if the user was created in the last minute. If not, return.
       if ($user->dateCreated > (new \DateTime('-1 minute'))){
           return;
       }
   
       // Get default group by handle
       $group = \Craft::$app->getUserGroups()->getGroupByHandle('myDefaultUserGroup');
   
       // Add it to the group array
       $groups[$group->id] = $group;
   
       // Get an array of ids - we need to do this if we don't want to lose any user groups the user is already associated with
       $groupIds = array_map(
           function ($group) {
               return $group->id;
           },
           $groups
       );
   
       // Assign them to the user groups
       if (\Craft::$app->getUsers()->assignUserToGroups($user->id, $groupIds)) {
           /**
            * Set the groups back on the user just in case it's being used after this.
            *
            * This may seem strange because the they do this in the `assignUserToGroups`
            * method but the user they set the groups to isn't *this* user object,
            * so this is needed.
            */
           $user->setGroups($groups);
       }
   }
   );

[dsmrt]

Let me know if this helps!

[johnwbaxter]

OMG, there is a config option for this. That's literally all I needed! I've already written a function to move existing users into a new group, so that config option covers it moving forward.

Thanks so much for taking the time to add to that code example too.

Thank you for all this Damien!!!

[dsmrt]

Awesome! Let me know if you run into any issues with this!