Fix SSO authentication not working due to missing agreement boolean (#9915)

Fix #9906

diff --git a/app/models/concerns/omniauthable.rb b/app/models/concerns/omniauthable.rb
index f263fe7af04761de25c995676342442178dda999..4dd2e9383c11fbbbe7bd43fae83905ad47482222 100644 (file)
--- a/app/models/concerns/omniauthable.rb
+++ b/app/models/concerns/omniauthable.rb
@@ -63,6 +63,7 @@ module Omniauthable
       {
         email: email || "#{TEMP_EMAIL_PREFIX}-#{auth.uid}-#{auth.provider}.com",
         password: Devise.friendly_token[0, 20],
+        agreement: true,
         account_attributes: {
           username: ensure_unique_username(auth.uid),
           display_name: display_name,

diff --git a/app/models/user.rb b/app/models/user.rb
index 5aa5c2b15c4a6be9b64fc822092785dc6a9811cc..fdd2741c1dae8385f004b98ca7c7fa2b45da941f 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -295,6 +295,7 @@ class User < ApplicationRecord
 
   def self.pam_get_user(attributes = {})
     return nil unless attributes[:email]
+
     resource =
       if Devise.check_at_sign && !attributes[:email].index('@')
         joins(:account).find_by(accounts: { username: attributes[:email] })
@@ -304,6 +305,7 @@ class User < ApplicationRecord
 
     if resource.blank?
       resource = new(email: attributes[:email], agreement: true)
+
       if Devise.check_at_sign && !resource[:email].index('@')
         resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false)
         resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email]