From c35d07c3e02f6942573fecf3cf5dfb7f5ef8837c Mon Sep 17 00:00:00 2001
From: Nikita Manovich <40690625+nmanovic@users.noreply.github.com>
Date: Mon, 12 Nov 2018 12:47:56 +0300
Subject: [PATCH] Fix LDAP auth for new users. (#192)

---
 cvat/apps/authentication/auth_ldap.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/cvat/apps/authentication/auth_ldap.py b/cvat/apps/authentication/auth_ldap.py
index 821a99ba..1c1cee2b 100644
--- a/cvat/apps/authentication/auth_ldap.py
+++ b/cvat/apps/authentication/auth_ldap.py
@@ -25,5 +25,9 @@ def create_user(sender, user=None, ldap_user=None, **kwargs):
                 if role == AUTH_ROLE.ADMIN:
                     user.is_staff = user.is_superuser = True
 
-    user.groups.set(user_groups)
+    # It is important to save the user before adding groups. Please read
+    # https://django-auth-ldap.readthedocs.io/en/latest/users.html#populating-users
+    # The user instance will be saved automatically after the signal handler
+    # is run.
     user.save()
+    user.groups.set(user_groups)