summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoram Wilander <jwawilander@gmail.com>2017-12-08 14:14:55 -0500
committerChristopher Speller <crspeller@gmail.com>2017-12-08 11:14:55 -0800
commit617a98d6d8a48e347921bdcaa5155b4022174d87 (patch)
treeaefb864af543e816621e0f4a9bcacd523c9fce89
parentae931ae6b63047d3a5362ab217ebdcf4ecaa6cb8 (diff)
downloadchat-617a98d6d8a48e347921bdcaa5155b4022174d87.tar.gz
chat-617a98d6d8a48e347921bdcaa5155b4022174d87.tar.bz2
chat-617a98d6d8a48e347921bdcaa5155b4022174d87.zip
Allow deactivation of SSO users (#7952)
-rw-r--r--api4/user.go12
-rw-r--r--api4/user_test.go11
-rw-r--r--cmd/platform/user.go4
3 files changed, 22 insertions, 5 deletions
diff --git a/api4/user.go b/api4/user.go
index 16b7f79a9..4f4185958 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -683,10 +683,18 @@ func updateUserActive(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if ruser, err := c.App.UpdateNonSSOUserActive(c.Params.UserId, active); err != nil {
+ var user *model.User
+ var err *model.AppError
+
+ if user, err = c.App.GetUser(c.Params.UserId); err != nil {
+ c.Err = err
+ return
+ }
+
+ if _, err := c.App.UpdateActive(user, active); err != nil {
c.Err = err
} else {
- c.LogAuditWithUserId(ruser.Id, fmt.Sprintf("active=%v", active))
+ c.LogAuditWithUserId(user.Id, fmt.Sprintf("active=%v", active))
ReturnStatusOK(w)
}
}
diff --git a/api4/user_test.go b/api4/user_test.go
index 9c554da54..e3f1935b4 100644
--- a/api4/user_test.go
+++ b/api4/user_test.go
@@ -1163,6 +1163,13 @@ func TestUpdateUserActive(t *testing.T) {
_, resp = SystemAdminClient.UpdateUserActive(user.Id, false)
CheckNoError(t, resp)
+
+ authData := model.NewId()
+ result := <-th.App.Srv.Store.User().UpdateAuthData(user.Id, "random", &authData, "", true)
+ require.Nil(t, result.Err)
+
+ _, resp = SystemAdminClient.UpdateUserActive(user.Id, false)
+ CheckNoError(t, resp)
}
func TestGetUsers(t *testing.T) {
@@ -2123,7 +2130,9 @@ func TestSwitchAccount(t *testing.T) {
defer func() {
utils.SetIsLicensed(isLicensed)
utils.SetLicense(license)
- th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.ExperimentalEnableAuthenticationTransfer = enableAuthenticationTransfer })
+ th.App.UpdateConfig(func(cfg *model.Config) {
+ *cfg.ServiceSettings.ExperimentalEnableAuthenticationTransfer = enableAuthenticationTransfer
+ })
}()
utils.SetIsLicensed(true)
utils.SetLicense(&model.License{Features: &model.Features{}})
diff --git a/cmd/platform/user.go b/cmd/platform/user.go
index e5e068023..0913609f1 100644
--- a/cmd/platform/user.go
+++ b/cmd/platform/user.go
@@ -184,8 +184,8 @@ func changeUserActiveStatus(a *app.App, user *model.User, userArg string, activa
if user == nil {
return fmt.Errorf("Can't find user '%v'", userArg)
}
- if user.IsLDAPUser() {
- return errors.New("You can not modify the activation status of AD/LDAP accounts. Please modify through the AD/LDAP server.")
+ if user.IsSSOUser() {
+ fmt.Println("You must also deactivate this user in the SSO provider or they will be reactivated on next login or sync.")
}
if _, err := a.UpdateActive(user, activate); err != nil {
return fmt.Errorf("Unable to change activation status of user: %v", userArg)