Combined with #1364574: Invoke logout & login hooks for compatibility with bakery, the forthcoming patch will allow bakery and masquerade to coexist on the same site.

CommentFileSizeAuthor
#9 bakery-masquerade-1599522-9.patch1.65 KBbtopro
#4 1599522.patch1.46 KBdrumm
#1 1599522.patch1.45 KBdrumm
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

drumm’s picture

drumm
he/him
Location NY, US
CreditAttribution: drumm commented
Status: Active » Needs review
FileSize
1599522.patch1.45 KB

Here is the patch. It has been tested on Drupal.org dev sites.

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
CreditAttribution: greggles commented
Status: Needs review » Reviewed & tested by the community

Seems rtbc to me.

drumm’s picture

drumm
he/him
Location NY, US
CreditAttribution: drumm commented

It was also tested on the Munich live site.

drumm’s picture

drumm
he/him
Location NY, US
CreditAttribution: drumm commented
FileSize
1599522.patch1.46 KB

Here is an updated patch. It rebased cleanly, only line number changes.

coltrane’s picture

coltrane
he/him
CreditAttribution: coltrane commented
Status: Reviewed & tested by the community » Needs work 
+++ b/bakery.module
@@ -980,12 +980,15 @@ function _bakery_taste_chocolatechip_cookie() {
-      if (!user_access('bypass bakery')) {
+      if (!(user_access('bypass bakery') || (module_exists('masquerade') && isset($_SESSION['masquerading'])))) {
         watchdog('bakery', 'Logging out the user with the bad cookie.');
         _bakery_user_logout();
       }
-- 
1.7.10.2 (Apple Git-33)

If the user doesn't have the bypass bakery permission this will still log those users out.

I am able to get it to work sometimes for users without that permission but the masquerade ability of returning to the original user doesn't work. Putting back to CNW to look into whether there's a better way to do this.

drumm’s picture

drumm
he/him
Location NY, US
CreditAttribution: drumm commented
Assigned: drumm » Unassigned

I took another look at our usage on DrupalCon sites, the only ones where we had allowed masquerade, and I'm not sure that we need this.

MrDaleSmith’s picture

MrDaleSmith CreditAttribution: MrDaleSmith commented

Developing a site where Masquerade and Bakery were a client requirement, and we had to apply the patch in #4 to get both working together.

MrDaleSmith’s picture

MrDaleSmith CreditAttribution: MrDaleSmith commented
Issue summary: View changes

For some reason, the patch in #4 stopped being effective recently.

For anyone looking to get these two modules working together, we eventually used the experiment rules integration in Masquerade Extras (after applying the patch to Masquerade here) and then created a custom rule to handle users who were masquerading getting the correct bakery credentials.

btopro’s picture

btopro CreditAttribution: btopro commented
Status: Needs work » Needs review
FileSize
bakery-masquerade-1599522-9.patch1.65 KB

Re rolled against dev and I think I fixed the issue that was introduced / mentioned. I had to integrate with Masquerade before for an internal authentication method (cosign) that was really aggressive as to how it integrated with drupal (not unlike bakery). The issue is that your account doesn't have the ability to skip logout, you are masquerading which alters your session / cookie token, and as you are in the process of "logging in" you get logged out.

The way around this is to set a value in the masquerade form that indicates the user account is about to masquerade. You write this into the form to fire prior to the masquerade form submission being processed. It kicks you over to login / a new page load after it has switched your account to the new user. It notices the "about to masquerade" property on your user account and prevents it from killing the request.

I've tested this for all of 5 minutes and it appears to be working on the site you masquerade with. Obviously once you switch to another site it doesn't know you were masquerading and so your session gets dumped on other services (or could be).