From 7c1292c0f7306a45387fc4db92af1e1ad1800cdd Mon Sep 17 00:00:00 2001
From: Andrew Engelbrecht <andrew@fsf.org>
Date: Tue, 25 Jan 2022 14:23:29 -0500
Subject: [PATCH] More documentation about fsfdrupalauth

---
 README.md               |  1 +
 docs/fsf-drupal-auth.md | 26 ++++++++++++++++++++++++--
 2 files changed, 25 insertions(+), 2 deletions(-)
 create mode 120000 README.md

diff --git a/README.md b/README.md
new file mode 120000
index 0000000..a4d7e0d
--- /dev/null
+++ b/README.md
@@ -0,0 +1 @@
+docs/fsf-drupal-auth.md
\ No newline at end of file
diff --git a/docs/fsf-drupal-auth.md b/docs/fsf-drupal-auth.md
index 1eac6f0..dddae54 100644
--- a/docs/fsf-drupal-auth.md
+++ b/docs/fsf-drupal-auth.md
@@ -1,4 +1,26 @@
-# fsf-drupal-auth
+# About fsfdrupalauth / README
 
-this code is based off of the sqlauth code in upstream simplesamlphp.
+This code is based off of the [sqlauth][1] module in upstream SimpleSAMLphp. It
+queries whether people are FSF CAS users, and/or whether they are FSF members
+or staff.
+
+SQL queries in `config/authsources.php` should be something like the following:
+
+    'my-drupalauth' => [
+
+        // custom fsf authentication source wrapped by ratelimit auth source
+        'fsfdrupalauth:FSFDrupalAuth',
+        'dsn' => 'mysql:host=example.com;port=3306;dbname=drupal',
+        'username' => '$DB_USERNAME',
+        'password' => '$DB_PASSWORD',
+        'query_main' => 'SELECT pass, mail FROM users WHERE name = :username AND status = "1" limit 1;',
+        // don't filter with 'and c.is_test = 0' because these may be useful for FSF staff
+        'query_membership' => "select c.status_id from drupal.users a inner join civicrm.civicrm_uf_match b on a.uid=b.uf_id inner join civicrm.civicrm_membership c on b.contact_id=c.contact_id inner join civicrm.civicrm_contact d on c.contact_id=d.id where a.status = 1 and d.is_deleted = 0 and c.status_id is not NULL and a.name = :username and (c.status_id = 1 or c.status_id = 2 or c.status_id = 3 or c.status_id = 4) order by c.status_id limit 10;",
+        'query_staff' => "select a.name as is_fsf_staff from drupal.users a inner join civicrm.civicrm_uf_match b on a.uid=b.uf_id inner join civicrm.civicrm_contact c on b.contact_id=c.id inner join civicrm.civicrm_relationship d on c.id=d.contact_id_a where a.name=:username and a.status=1 and c.is_deleted=0 and d.relationship_type_id=4 and d.contact_id_b=FOOBAR and d.is_active=1 and (d.end_date>NOW() or d.end_date is NULL) limit 1;",
+
+    ],
+
+---
+
+[1]: https://github.com/simplesamlphp/simplesamlphp-module-sqlauth
 
-- 
2.25.1