diff --git a/app/serializers/user_serializer.rb b/app/serializers/user_serializer.rb index 1e45721b685..c54147747ed 100644 --- a/app/serializers/user_serializer.rb +++ b/app/serializers/user_serializer.rb @@ -73,7 +73,8 @@ class UserSerializer < BasicUserSerializer :primary_group_flair_bg_color, :primary_group_flair_color, :staged, - :second_factor_enabled + :second_factor_enabled, + :external_id has_one :invited_by, embed: :object, serializer: BasicUserSerializer has_many :groups, embed: :object, serializer: BasicGroupSerializer @@ -287,6 +288,14 @@ class UserSerializer < BasicUserSerializer object.try(:primary_group).try(:flair_color) end + def external_id + object&.single_sign_on_record&.external_id + end + + def include_external_id? + SiteSetting.enable_sso + end + ### ### STAFF ATTRIBUTES ### diff --git a/spec/serializers/user_serializer_spec.rb b/spec/serializers/user_serializer_spec.rb index 6ed8891c646..4502640b488 100644 --- a/spec/serializers/user_serializer_spec.rb +++ b/spec/serializers/user_serializer_spec.rb @@ -196,4 +196,28 @@ describe UserSerializer do expect(json[:custom_fields]['secret_field']).to eq(nil) end end + + context "when SSO is enabled" do + it "sets the external_id field" do + SiteSetting.sso_url = "http://example.com/discourse_sso" + SiteSetting.sso_secret = "abcdefghijklmnop" + SiteSetting.enable_sso = true + sso = DiscourseSingleSignOn.new + sso.username = "test" + sso.email = "test@example.com" + sso.external_id = "1" + user = sso.lookup_or_create_user + json = UserSerializer.new(user, scope: Guardian.new, root: false).as_json + expect(json[:external_id]).to eq("1") + end + end + + context "when SSO is not enabled" do + let(:user) { Fabricate(:user) } + let(:json) { UserSerializer.new(user, scope: Guardian.new, root: false).as_json } + it "doesn't include the external_id field" do + SiteSetting.enable_sso = false + expect(json).not_to have_key(:external_id) + end + end end