From ad694fb030453d9504a1452ec118b90f4098da31 Mon Sep 17 00:00:00 2001
From: Colin Kuskie <colink@perldreamer.com>
Date: Wed, 12 Apr 2006 23:33:11 +0000
Subject: [PATCH] Fix User.t so that it assigns IPs in a way that works with
 the new isInGroup code. User.pm: Collapse all methods into getUsers(1) inside
 isInGroup Group.pm: Disable the cache whenever a scratchFilter or ipFilter is
 assigned. Begin updating Group documentation for changes to dbQuery

---
 lib/WebGUI/Group.pm               |  5 +++++
 lib/WebGUI/User.pm                | 18 ++++++++----------
 lib/WebGUI/i18n/English/WebGUI.pm |  6 +++---
 t/User.t                          | 17 +++++++++++------
 4 files changed, 27 insertions(+), 19 deletions(-)

diff --git a/lib/WebGUI/Group.pm b/lib/WebGUI/Group.pm
index 5dd2eb5d3..d3f6dd6c7 100755
--- a/lib/WebGUI/Group.pm
+++ b/lib/WebGUI/Group.pm
@@ -536,6 +536,7 @@ sub getIpUsers {
 	my $sth = $self->session->db->read($query, [ $self->session->datetime->time() ]);
 	my %localCache = ();
 	my @ipUsers = ();
+	$self->session->errorHandler->warn("Fetching IP users");
 	while (my ($userId, $lastIP) = $sth->array() ) {
 		if (!exists $localCache{$lastIP}) {
 			$localCache{$lastIP} = isInSubnet($lastIP, \@filters);	
@@ -754,6 +755,8 @@ sub karmaThreshold {
         my $self = shift;
         my $value = shift;
         if (defined $value) {
+		$self->session->stow->delete('isInGroup');
+		$self->session->stow->delete("gotGroupsInGroup");
 		$self->set("karmaThreshold",$value);	
         }
         return $self->get("karmaThreshold");
@@ -776,6 +779,8 @@ sub ipFilter {
         my $self = shift;
         my $value = shift;
         if (defined $value) {
+		$self->session->stow->delete("gotGroupsInGroup");
+		$self->session->stow->delete('isInGroup');
 		$self->set("ipFilter",$value);
         }
         return $self->get("ipFilter");
diff --git a/lib/WebGUI/User.pm b/lib/WebGUI/User.pm
index 2e6f3fad2..d97878562 100644
--- a/lib/WebGUI/User.pm
+++ b/lib/WebGUI/User.pm
@@ -258,20 +258,18 @@ sub isInGroup {
         return 1 if ($gid eq '2' && $uid ne '1'); 	# if you're not a visitor, then you're a registered user
         return 1 if ($uid eq '3');  #Admin is in every group
         ### Get data for auxillary checks.
-	my $group = WebGUI::Group->new($self->session,$gid);
 	my $isInGroup = $self->session->stow->get("isInGroup");
         ### Look to see if we've already looked up this group. 
 	return $isInGroup->{$uid}{$gid} if exists $isInGroup->{$uid}{$gid};
         ### Lookup the actual groupings.
-	unless ($secondRun) {			# don't look up users if we've already done it once.
-		### Check for groups of groups.
-		my $users = $group->getUsers(1);
-		foreach my $user (@{$users}) {
-			$isInGroup->{$user}{$gid} = 1;
-			if ($uid eq $user) {
-				$self->session->stow->set("isInGroup",$isInGroup);
-				return 1;
-			}
+	my $group = WebGUI::Group->new($self->session,$gid);
+	### Check for groups of groups.
+	my $users = $group->getUsers(1);
+	foreach my $user (@{$users}) {
+		$isInGroup->{$user}{$gid} = 1;
+		if ($uid eq $user) {
+			$self->session->stow->set("isInGroup",$isInGroup);
+			return 1;
 		}
 	}
 
diff --git a/lib/WebGUI/i18n/English/WebGUI.pm b/lib/WebGUI/i18n/English/WebGUI.pm
index ad4a12f67..c12c5dfaf 100644
--- a/lib/WebGUI/i18n/English/WebGUI.pm
+++ b/lib/WebGUI/i18n/English/WebGUI.pm
@@ -1797,9 +1797,9 @@ Multiple filters can be set by joining name and value pairs with a semicolon:
         },
 
         '1005 description' => {
-                message => q|Many organizations have external databases that map users to groups; for example an HR database might map Employee ID to Health Care Plan.  To validate users against an external database, you need to construct a SQL statement that will return 1 if a user is in the group.  Make sure to begin your statement with "select 1".  You may use macros in this query to access data in a user's profile, such as Employee ID.  Here is an example that checks a user against a fictional HR database.  This assumes you have created an additional WebGUI profile field called employeeId.<br>
+                message => q|Many organizations have external databases that map users to groups; for example an HR database might map Employee ID to Health Care Plan.  To validate users against an external database, you need to construct a SQL statement that will return the list of WebGUI userIds for users in the group.  You may use macros in this query to access data in a user's WebGUI profile, such as Employee ID.  Here is an example that checks a user against a fictional HR database.  This assumes you have created an additional WebGUI profile field called employeeId.<br>
 <br>
-select 1 from employees, health_plans, empl_plan_map<br>
+select userId from employees, health_plans, empl_plan_map<br>
 where employees.employee_id = &#94;User("employeeId");<br>
 and health_plans.plan_name = 'HMO 1'<br>
 and employees.employee_id = empl_plan_map.employee_id<br>
@@ -1807,7 +1807,7 @@ and health_plans.health_plan_id = empl_plan_mp.health_plan_id<br>
 <br>
 This group could then be named "Employees in HMO 1", and would allow you to restrict any page or wobject to only those users who are part of this health plan in the external database.
 <p>|,
-                lastUpdated => 1120448672,
+                lastUpdated => 1144798300,
         },
 
         '1004 description' => {
diff --git a/t/User.t b/t/User.t
index dd36b528d..f4f6c2599 100644
--- a/t/User.t
+++ b/t/User.t
@@ -17,7 +17,7 @@ use WebGUI::Session;
 use WebGUI::Utility;
 
 use WebGUI::User;
-use Test::More tests => 80; # increment this value for each test you create
+use Test::More tests => 81; # increment this value for each test you create
 
 my $session = WebGUI::Test->session;
 
@@ -227,12 +227,13 @@ is( $cm->getId, 4, "content manager groupId check");
 my $admin = WebGUI::User->new($session, 3);
 my $visitor = WebGUI::User->new($session, 1);
 
-##Manipulate the env object to set up this test
-my $env = $session->{_env};
-$env->{_env}->{"REMOTE_ADDR"} = '192.168.0.101';
+$session->db->write('update userSession set lastIP=? where sessionId=?',['192.168.0.101', $session->getId]);
+
+my ($result) = $session->db->quickArray('select lastIP,sessionId from userSession where sessionId=?',[$session->getId]);
+is ($result, '192.168.0.101', "userSession setup correctly");
 
 ok (!$visitor->isInGroup($cm->getId), "Visitor is not member of group");
-ok ($admin->isInGroup($cm->getId), "Admin is not member of group");
+ok ($admin->isInGroup($cm->getId), "Admin is member of group");
 
 my $origFilter = $cm->ipFilter;
 
@@ -240,9 +241,13 @@ $cm->ipFilter('192.168.0.0/24');
 
 is( $cm->ipFilter, "192.168.0.0/24", "ipFilter assignment to local net, 192.168.0.0/24");
 
+$session->errorHandler->warn("Begin IP lookup");
+
 ok ($visitor->isInGroup($cm->getId), "Visitor is allowed in via IP");
 
-$env->{_env}->{"REMOTE_ADDR"} = '193.168.0.101';
+$session->db->write('update userSession set lastIP=? where sessionId=?',['193.168.0.101', $session->getId]);
+
+$session->stow->delete('isInGroup');
 
 ok (!$visitor->isInGroup($cm->getId), "Visitor is not allowed in via IP");