LTI Integration - non-admin user in 'No institution' unable to login

Bug #1716541 reported by Robert Lyon on 2017-09-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Status tracked in 17.10
Robert Lyon
Robert Lyon

Bug Description

We do a check:

if (!$is_site_admin) {
  // check user is member of configured OAuth institution
  $institutions = array_keys(load_user_institutions($userid));
  if (!in_array($WEBSERVICE_INSTITUTION, $institutions)) {
  ... throw error and stop them logging in ...

The problem begins when we check what institutions they are in


This only returns an array of institutions if the user is in 1 or more true institutions.
If they are not in a true institution they are in the 'No institution' (mahara) one.

We have already got a $userid from earlier in code so we know a user exists we just need to test them against the $WEBSERVICE_INSTITUTION so in the case they are in no institution the $WEBSERVICE_INSTITUTION should equal 'mahara' and if so log them in and if not stop them.

Robert Lyon (robertl-9) on 2017-09-12
Changed in mahara:
importance: Undecided → High
milestone: none → 17.10.0

Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit f8002f1eb31c223480070985abdd46cd9cdd1472
Author: Robert Lyon <email address hidden>
Date: Tue Sep 12 13:15:05 2017 +1200

Bug 1716541: Allowing the check of 'mahara' institution for LTI login


Change-Id: I35b138d579156f032688178d3d4ed391555fe155
Signed-off-by: Robert Lyon <email address hidden>

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers