From e37f172f05ff421c0d33115e7093a5cd3e57960e Mon Sep 17 00:00:00 2001
From: Devanshu Matlawala <devanshu.matlawala@emory.edu>
Date: Tue, 24 Nov 2020 14:08:07 -0500
Subject: [PATCH] Adds user role when logging in via shib (#121)

---
 app/models/user.rb       | 1 +
 spec/models/user_spec.rb | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index b4ddd69679..1dba360a35 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -193,6 +193,7 @@ def self.from_omniauth(auth)
     user.assign_attributes(display_name: auth.info.first_name, ppid: auth.uid, uid: auth.info.net_id)
     # tezprox@emory.edu isn't a real email address
     user.email = auth.info.net_id + '@emory.edu' unless auth.info.net_id == 'tezprox'
+    Avalon::RoleControls.add_user_role(user.username, 'administrator') unless Avalon::RoleControls.user_roles(user.username).include?('administrator')
     user.save
     user
   end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index f6bc5df58c..4bd9b3ce96 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -224,7 +224,7 @@
           )
         end
 
-        it "updates ppid and display_name with values from shibboleth" do
+        it "updates ppid and display_name and group with values from shibboleth" do
           expect(user.uid).to eq auth_hash.info.net_id
           expect(user.ppid).to eq auth_hash.uid
           expect(user.display_name).to eq auth_hash.info.first_name
@@ -235,6 +235,7 @@
           expect(user.ppid).to eq updated_auth_hash.uid
           expect(user.display_name).not_to eq auth_hash.info.first_name
           expect(user.display_name).to eq updated_auth_hash.info.first_name
+          expect(Avalon::RoleControls.user_roles(user.username)).to include('administrator')
         end
       end