summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChristopher Speller <crspeller@gmail.com>2018-05-10 09:46:09 -0700
committerGitHub <noreply@github.com>2018-05-10 09:46:09 -0700
commitd8dd271e43550ab043c2db36c274092d7819fcab (patch)
treee297c0534a9684d57fc254281cf5cbc3d7c08e0f
parentdb6b8f6238853c6e7e48dc8015a0b25f97ee232a (diff)
downloadchat-d8dd271e43550ab043c2db36c274092d7819fcab.tar.gz
chat-d8dd271e43550ab043c2db36c274092d7819fcab.tar.bz2
chat-d8dd271e43550ab043c2db36c274092d7819fcab.zip
MM-4998 Adding LoginIdAttribute to allow LDAP users to change their login ID without losing their account (#8756)
* Adding LoginIdAttribute * Modifying LDAP to use loginIDAttribute. * Adding IDAttribute migration and AD objectGUID support. * Removing unused idea. * Fix typo.
Diffstat
-rw-r--r--Makefile4
-rw-r--r--api/user.go4
-rw-r--r--api4/user.go8
-rw-r--r--app/ldap.go6
-rw-r--r--app/login.go70
-rw-r--r--app/user.go32
-rw-r--r--cmd/commands/ldap.go29
-rw-r--r--config/default.json1
-rw-r--r--einterfaces/ldap.go7
-rw-r--r--i18n/en.json4
-rw-r--r--mlog/log.go1
-rw-r--r--model/config.go11
-rw-r--r--model/switch_request.go2
-rw-r--r--store/sqlstore/user_store.go6
-rw-r--r--store/store.go2
-rw-r--r--store/storetest/mocks/AuditStore.go2
-rw-r--r--store/storetest/mocks/ChannelMemberHistoryStore.go2
-rw-r--r--store/storetest/mocks/ChannelStore.go2
-rw-r--r--store/storetest/mocks/ClusterDiscoveryStore.go2
-rw-r--r--store/storetest/mocks/CommandStore.go2
-rw-r--r--store/storetest/mocks/CommandWebhookStore.go2
-rw-r--r--store/storetest/mocks/ComplianceStore.go2
-rw-r--r--store/storetest/mocks/EmojiStore.go2
-rw-r--r--store/storetest/mocks/FileInfoStore.go2
-rw-r--r--store/storetest/mocks/JobStore.go2
-rw-r--r--store/storetest/mocks/LayeredStoreDatabaseLayer.go2
-rw-r--r--store/storetest/mocks/LayeredStoreSupplier.go2
-rw-r--r--store/storetest/mocks/LicenseStore.go2
-rw-r--r--store/storetest/mocks/OAuthStore.go2
-rw-r--r--store/storetest/mocks/PluginStore.go2
-rw-r--r--store/storetest/mocks/PostStore.go2
-rw-r--r--store/storetest/mocks/PreferenceStore.go2
-rw-r--r--store/storetest/mocks/ReactionStore.go2
-rw-r--r--store/storetest/mocks/RoleStore.go2
-rw-r--r--store/storetest/mocks/SessionStore.go2
-rw-r--r--store/storetest/mocks/SqlStore.go2
-rw-r--r--store/storetest/mocks/StatusStore.go2
-rw-r--r--store/storetest/mocks/Store.go2
-rw-r--r--store/storetest/mocks/SystemStore.go2
-rw-r--r--store/storetest/mocks/TeamStore.go2
-rw-r--r--store/storetest/mocks/TokenStore.go2
-rw-r--r--store/storetest/mocks/UserAccessTokenStore.go2
-rw-r--r--store/storetest/mocks/UserStore.go12
-rw-r--r--store/storetest/mocks/WebhookStore.go2
-rw-r--r--store/storetest/user_store.go46
45 files changed, 149 insertions, 152 deletions
diff --git a/Makefile b/Makefile
index bff03b1ad..187b8f769 100644
--- a/Makefile
+++ b/Makefile
@@ -275,6 +275,10 @@ store-mocks: ## Creates mock files.
go get github.com/vektra/mockery/...
$(GOPATH)/bin/mockery -dir store -all -output store/storetest/mocks -note 'Regenerate this file using `make store-mocks`.'
+ldap-mocks: ## Creates mock files for ldap.
+ go get github.com/vektra/mockery/...
+ GOPATH=$(shell go env GOPATH) $(shell go env GOPATH)/bin/mockery -dir enterprise/ldap -all -output enterprise/ldap/mocks -note 'Regenerate this file using `make ldap-mocks`.'
+
update-jira-plugin: ## Updates Jira plugin.
go get github.com/mattermost/go-bindata/...
curl -s https://api.github.com/repos/mattermost/mattermost-plugin-jira/releases/latest | grep browser_download_url | grep darwin-amd64 | cut -d '"' -f 4 | wget -qi - -O plugin.tar.gz
diff --git a/api/user.go b/api/user.go
index 15fd4c7ea..5931eac1e 100644
--- a/api/user.go
+++ b/api/user.go
@@ -107,7 +107,7 @@ func login(c *Context, w http.ResponseWriter, r *http.Request) {
ldapOnly := props["ldap_only"] == "true"
c.LogAudit("attempt - user_id=" + id + " login_id=" + loginId)
- user, err := c.App.AuthenticateUserForLogin(id, loginId, password, mfaToken, deviceId, ldapOnly)
+ user, err := c.App.AuthenticateUserForLogin(id, loginId, password, mfaToken, ldapOnly)
if err != nil {
c.LogAudit("failure - user_id=" + id + " login_id=" + loginId)
c.Err = err
@@ -1072,7 +1072,7 @@ func checkMfa(c *Context, w http.ResponseWriter, r *http.Request) {
}
rdata := map[string]string{}
- if user, err := c.App.GetUserForLogin(loginId, false); err != nil {
+ if user, err := c.App.GetUserForLogin("", loginId); err != nil {
rdata["mfa_required"] = "false"
} else {
rdata["mfa_required"] = strconv.FormatBool(user.MfaActive)
diff --git a/api4/user.go b/api4/user.go
index 897c49ad1..2a539a551 100644
--- a/api4/user.go
+++ b/api4/user.go
@@ -771,7 +771,7 @@ func checkUserMfa(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- if user, err := c.App.GetUserForLogin(loginId, false); err == nil {
+ if user, err := c.App.GetUserForLogin("", loginId); err == nil {
resp["mfa_required"] = user.MfaActive
}
@@ -943,7 +943,7 @@ func login(c *Context, w http.ResponseWriter, r *http.Request) {
ldapOnly := props["ldap_only"] == "true"
c.LogAuditWithUserId(id, "attempt - login_id="+loginId)
- user, err := c.App.AuthenticateUserForLogin(id, loginId, password, mfaToken, deviceId, ldapOnly)
+ user, err := c.App.AuthenticateUserForLogin(id, loginId, password, mfaToken, ldapOnly)
if err != nil {
c.LogAuditWithUserId(id, "failure - login_id="+loginId)
c.Err = err
@@ -1167,7 +1167,7 @@ func sendVerificationEmail(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
- user, err := c.App.GetUserForLogin(email, false)
+ user, err := c.App.GetUserForLogin("", email)
if err != nil {
// Don't want to leak whether the email is valid or not
ReturnStatusOK(w)
@@ -1205,7 +1205,7 @@ func switchAccountType(c *Context, w http.ResponseWriter, r *http.Request) {
link, err = c.App.SwitchOAuthToEmail(switchRequest.Email, switchRequest.NewPassword, c.Session.UserId)
} else if switchRequest.EmailToLdap() {
- link, err = c.App.SwitchEmailToLdap(switchRequest.Email, switchRequest.Password, switchRequest.MfaCode, switchRequest.LdapId, switchRequest.NewPassword)
+ link, err = c.App.SwitchEmailToLdap(switchRequest.Email, switchRequest.Password, switchRequest.MfaCode, switchRequest.LdapLoginId, switchRequest.NewPassword)
} else if switchRequest.LdapToEmail() {
link, err = c.App.SwitchLdapToEmail(switchRequest.Password, switchRequest.MfaCode, switchRequest.Email, switchRequest.NewPassword)
} else {
diff --git a/app/ldap.go b/app/ldap.go
index 22c3b746b..544905b70 100644
--- a/app/ldap.go
+++ b/app/ldap.go
@@ -40,7 +40,7 @@ func (a *App) TestLdap() *model.AppError {
return nil
}
-func (a *App) SwitchEmailToLdap(email, password, code, ldapId, ldapPassword string) (string, *model.AppError) {
+func (a *App) SwitchEmailToLdap(email, password, code, ldapLoginId, ldapPassword string) (string, *model.AppError) {
if a.License() != nil && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
return "", model.NewAppError("emailToLdap", "api.user.email_to_ldap.not_available.app_error", nil, "", http.StatusForbidden)
}
@@ -63,7 +63,7 @@ func (a *App) SwitchEmailToLdap(email, password, code, ldapId, ldapPassword stri
return "", model.NewAppError("SwitchEmailToLdap", "api.user.email_to_ldap.not_available.app_error", nil, "", http.StatusNotImplemented)
}
- if err := ldapInterface.SwitchToLdap(user.Id, ldapId, ldapPassword); err != nil {
+ if err := ldapInterface.SwitchToLdap(user.Id, ldapLoginId, ldapPassword); err != nil {
return "", err
}
@@ -95,7 +95,7 @@ func (a *App) SwitchLdapToEmail(ldapPassword, code, email, newPassword string) (
return "", model.NewAppError("SwitchLdapToEmail", "api.user.ldap_to_email.not_available.app_error", nil, "", http.StatusNotImplemented)
}
- if err := ldapInterface.CheckPassword(*user.AuthData, ldapPassword); err != nil {
+ if err := ldapInterface.CheckPasswordAuthData(*user.AuthData, ldapPassword); err != nil {
return "", err
}
diff --git a/app/login.go b/app/login.go
index 43b022749..529e4cb21 100644
--- a/app/login.go
+++ b/app/login.go
@@ -11,47 +11,69 @@ import (
"github.com/avct/uasurfer"
"github.com/mattermost/mattermost-server/model"
+ "github.com/mattermost/mattermost-server/store"
)
-func (a *App) AuthenticateUserForLogin(id, loginId, password, mfaToken, deviceId string, ldapOnly bool) (*model.User, *model.AppError) {
+func (a *App) AuthenticateUserForLogin(id, loginId, password, mfaToken string, ldapOnly bool) (user *model.User, err *model.AppError) {
+ // Do statistics
+ defer func() {
+ if a.Metrics != nil {
+ if user == nil || err != nil {
+ a.Metrics.IncrementLoginFail()
+ } else {
+ a.Metrics.IncrementLogin()
+ }
+ }
+ }()
+
if len(password) == 0 {
err := model.NewAppError("AuthenticateUserForLogin", "api.user.login.blank_pwd.app_error", nil, "", http.StatusBadRequest)
return nil, err
}
- var user *model.User
- var err *model.AppError
+ // Get the MM user we are trying to login
+ if user, err = a.GetUserForLogin(id, loginId); err != nil {
+ return nil, err
+ }
+
+ // and then authenticate them
+ if user, err = a.authenticateUser(user, password, mfaToken); err != nil {
+ return nil, err
+ }
+
+ return user, nil
+}
+
+func (a *App) GetUserForLogin(id, loginId string) (*model.User, *model.AppError) {
+ enableUsername := *a.Config().EmailSettings.EnableSignInWithUsername
+ enableEmail := *a.Config().EmailSettings.EnableSignInWithEmail
+ // If we are given a userID then fail if we can't find a user with that ID
if len(id) != 0 {
- if user, err = a.GetUser(id); err != nil {
- err.StatusCode = http.StatusBadRequest
- if a.Metrics != nil {
- a.Metrics.IncrementLoginFail()
+ if user, err := a.GetUser(id); err != nil {
+ if err.Id != store.MISSING_ACCOUNT_ERROR {
+ err.StatusCode = http.StatusInternalServerError
+ return nil, err
+ } else {
+ err.StatusCode = http.StatusBadRequest
+ return nil, err
}
- return nil, err
- }
- } else {
- if user, err = a.GetUserForLogin(loginId, ldapOnly); err != nil {
- if a.Metrics != nil {
- a.Metrics.IncrementLoginFail()
- }
- return nil, err
+ } else {
+ return user, nil
}
}
- // and then authenticate them
- if user, err = a.authenticateUser(user, password, mfaToken); err != nil {
- if a.Metrics != nil {
- a.Metrics.IncrementLoginFail()
- }
- return nil, err
+ // Try to get the user by username/email
+ if result := <-a.Srv.Store.User().GetForLogin(loginId, enableUsername, enableEmail); result.Err == nil {
+ return result.Data.(*model.User), nil
}
- if a.Metrics != nil {
- a.Metrics.IncrementLogin()
+ // Try to get the user with LDAP
+ if user, err := a.Ldap.GetUser(loginId); err == nil {
+ return user, nil
}
- return user, nil
+ return nil, model.NewAppError("GetUserForLogin", "store.sql_user.get_for_login.app_error", nil, "", http.StatusBadRequest)
}
func (a *App) DoLogin(w http.ResponseWriter, r *http.Request, user *model.User, deviceId string) (*model.Session, *model.AppError) {
diff --git a/app/user.go b/app/user.go
index fd8b6b377..2b0442e75 100644
--- a/app/user.go
+++ b/app/user.go
@@ -382,38 +382,6 @@ func (a *App) GetUserByAuth(authData *string, authService string) (*model.User,
}
}
-func (a *App) GetUserForLogin(loginId string, onlyLdap bool) (*model.User, *model.AppError) {
- license := a.License()
- ldapAvailable := *a.Config().LdapSettings.Enable && a.Ldap != nil && license != nil && *license.Features.LDAP
-
- if result := <-a.Srv.Store.User().GetForLogin(
- loginId,
- *a.Config().EmailSettings.EnableSignInWithUsername && !onlyLdap,
- *a.Config().EmailSettings.EnableSignInWithEmail && !onlyLdap,
- ldapAvailable,
- ); result.Err != nil && result.Err.Id == "store.sql_user.get_for_login.multiple_users" {
- // don't fall back to LDAP in this case since we already know there's an LDAP user, but that it shouldn't work
- result.Err.StatusCode = http.StatusBadRequest
- return nil, result.Err
- } else if result.Err != nil {
- if !ldapAvailable {
- // failed to find user and no LDAP server to fall back on
- result.Err.StatusCode = http.StatusBadRequest
- return nil, result.Err
- }
-
- // fall back to LDAP server to see if we can find a user
- if ldapUser, ldapErr := a.Ldap.GetUser(loginId); ldapErr != nil {
- ldapErr.StatusCode = http.StatusBadRequest
- return nil, ldapErr
- } else {
- return ldapUser, nil
- }
- } else {
- return result.Data.(*model.User), nil
- }
-}
-
func (a *App) GetUsers(offset int, limit int) ([]*model.User, *model.AppError) {
if result := <-a.Srv.Store.User().GetAllProfiles(offset, limit); result.Err != nil {
return nil, result.Err
diff --git a/cmd/commands/ldap.go b/cmd/commands/ldap.go
index 0c79ce32b..03c366213 100644
--- a/cmd/commands/ldap.go
+++ b/cmd/commands/ldap.go
@@ -22,9 +22,19 @@ var LdapSyncCmd = &cobra.Command{
RunE: ldapSyncCmdF,
}
+var LdapIdMigrate = &cobra.Command{
+ Use: "idmigrate",
+ Short: "Migrate LDAP IdAttribute to new value",
+ Long: "Migrate LDAP IdAttribute to new value. Run this utility then change the IdAttribute to the new value.",
+ Example: " ldap idmigrate objectGUID",
+ Args: cobra.ExactArgs(1),
+ RunE: ldapIdMigrateCmdF,
+}
+
func init() {
LdapCmd.AddCommand(
LdapSyncCmd,
+ LdapIdMigrate,
)
cmd.RootCmd.AddCommand(LdapCmd)
}
@@ -47,3 +57,22 @@ func ldapSyncCmdF(command *cobra.Command, args []string) error {
return nil
}
+
+func ldapIdMigrateCmdF(command *cobra.Command, args []string) error {
+ a, err := cmd.InitDBCommandContextCobra(command)
+ if err != nil {
+ return err
+ }
+ defer a.Shutdown()
+
+ toAttribute := args[0]
+ if ldapI := a.Ldap; ldapI != nil {
+ if err := ldapI.MigrateIDAttribute(toAttribute); err != nil {
+ cmd.CommandPrintErrorln("ERROR: AD/LDAP IdAttribute migration failed! Error: " + err.Error())
+ } else {
+ cmd.CommandPrettyPrintln("SUCCESS: AD/LDAP IdAttribute migration complete. You can now change your IdAttribute to: " + toAttribute)
+ }
+ }
+
+ return nil
+}
diff --git a/config/default.json b/config/default.json
index 8bf06dc8b..80a694e38 100644
--- a/config/default.json
+++ b/config/default.json
@@ -263,6 +263,7 @@
"NicknameAttribute": "",
"IdAttribute": "",
"PositionAttribute": "",
+ "LoginIdAttribute": "",
"SyncIntervalMinutes": 60,
"SkipCertificateVerification": false,
"QueryTimeout": 60,
diff --git a/einterfaces/ldap.go b/einterfaces/ldap.go
index 26326b174..31e8b7cf8 100644
--- a/einterfaces/ldap.go
+++ b/einterfaces/ldap.go
@@ -4,8 +4,6 @@
package einterfaces
import (
- "github.com/go-ldap/ldap"
-
"github.com/mattermost/mattermost-server/model"
)
@@ -14,12 +12,11 @@ type LdapInterface interface {
GetUser(id string) (*model.User, *model.AppError)
GetUserAttributes(id string, attributes []string) (map[string]string, *model.AppError)
CheckPassword(id string, password string) *model.AppError
+ CheckPasswordAuthData(authData string, password string) *model.AppError
SwitchToLdap(userId, ldapId, ldapPassword string) *model.AppError
ValidateFilter(filter string) *model.AppError
StartSynchronizeJob(waitForJobToFinish bool) (*model.Job, *model.AppError)
RunTest() *model.AppError
GetAllLdapUsers() ([]*model.User, *model.AppError)
- UserFromLdapUser(ldapUser *ldap.Entry) *model.User
- UserHasUpdateFromLdap(existingUser *model.User, currentLdapUser *model.User) bool
- UpdateLocalLdapUser(existingUser *model.User, currentLdapUser *model.User) *model.User
+ MigrateIDAttribute(toAttribute string) error
}
diff --git a/i18n/en.json b/i18n/en.json
index d4a08b07a..c0b1d0558 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -5019,6 +5019,10 @@
"translation": "AD/LDAP field \"ID Attribute\" is required."
},
{
+ "id": "model.config.is_valid.ldap_login_id",
+ "translation": "AD/LDAP field \"Login ID Attribute\" is required."
+ },
+ {
"id": "model.config.is_valid.ldap_lastname",
"translation": "AD/LDAP field \"Last Name Attribute\" is required."
},
diff --git a/mlog/log.go b/mlog/log.go
index ad537a11d..28f7408c4 100644
--- a/mlog/log.go
+++ b/mlog/log.go
@@ -29,6 +29,7 @@ type Field = zapcore.Field
var Int64 = zap.Int64
var Int = zap.Int
var String = zap.String
+var Any = zap.Any
var Err = zap.Error
type LoggerConfiguration struct {
diff --git a/model/config.go b/model/config.go
index 5074b7637..07cd9d977 100644
--- a/model/config.go
+++ b/model/config.go
@@ -1144,6 +1144,7 @@ type LdapSettings struct {
NicknameAttribute *string
IdAttribute *string
PositionAttribute *string
+ LoginIdAttribute *string
// Synchronization
SyncIntervalMinutes *int
@@ -1227,6 +1228,12 @@ func (s *LdapSettings) SetDefaults() {
s.PositionAttribute = NewString(LDAP_SETTINGS_DEFAULT_POSITION_ATTRIBUTE)
}
+ // For those upgrading to the version when LoginIdAttribute was added
+ // they need IdAttribute == LoginIdAttribute not to break
+ if s.LoginIdAttribute == nil {
+ s.LoginIdAttribute = s.IdAttribute
+ }
+
if s.SyncIntervalMinutes == nil {
s.SyncIntervalMinutes = NewInt(60)
}
@@ -2074,6 +2081,10 @@ func (ls *LdapSettings) isValid() *AppError {
if *ls.IdAttribute == "" {
return NewAppError("Config.IsValid", "model.config.is_valid.ldap_id", nil, "", http.StatusBadRequest)
}
+
+ if *ls.LoginIdAttribute == "" {
+ return NewAppError("Config.IsValid", "model.config.is_valid.ldap_login_id", nil, "", http.StatusBadRequest)
+ }
}
return nil
diff --git a/model/switch_request.go b/model/switch_request.go
index e153c92f4..2a522f492 100644
--- a/model/switch_request.go
+++ b/model/switch_request.go
@@ -15,7 +15,7 @@ type SwitchRequest struct {
Password string `json:"password"`
NewPassword string `json:"new_password"`
MfaCode string `json:"mfa_code"`
- LdapId string `json:"ldap_id"`
+ LdapLoginId string `json:"ldap_id"`
}
func (o *SwitchRequest) ToJson() string {
diff --git a/store/sqlstore/user_store.go b/store/sqlstore/user_store.go
index f4ed3e400..a695e4aa8 100644
--- a/store/sqlstore/user_store.go
+++ b/store/sqlstore/user_store.go
@@ -819,13 +819,12 @@ func (us SqlUserStore) GetByUsername(username string) store.StoreChannel {
})
}
-func (us SqlUserStore) GetForLogin(loginId string, allowSignInWithUsername, allowSignInWithEmail, ldapEnabled bool) store.StoreChannel {
+func (us SqlUserStore) GetForLogin(loginId string, allowSignInWithUsername, allowSignInWithEmail bool) store.StoreChannel {
return store.Do(func(result *store.StoreResult) {
params := map[string]interface{}{
"LoginId": loginId,
"AllowSignInWithUsername": allowSignInWithUsername,
"AllowSignInWithEmail": allowSignInWithEmail,
- "LdapEnabled": ldapEnabled,
}
users := []*model.User{}
@@ -837,8 +836,7 @@ func (us SqlUserStore) GetForLogin(loginId string, allowSignInWithUsername, allo
Users
WHERE
(:AllowSignInWithUsername AND Username = :LoginId)
- OR (:AllowSignInWithEmail AND Email = :LoginId)
- OR (:LdapEnabled AND AuthService = '`+model.USER_AUTH_SERVICE_LDAP+`' AND AuthData = :LoginId)`,
+ OR (:AllowSignInWithEmail AND Email = :LoginId)`,
params); err != nil {
result.Err = model.NewAppError("SqlUserStore.GetForLogin", "store.sql_user.get_for_login.app_error", nil, err.Error(), http.StatusInternalServerError)
} else if len(users) == 1 {
diff --git a/store/store.go b/store/store.go
index 0b5c9df5f..7fcebf0b1 100644
--- a/store/store.go
+++ b/store/store.go
@@ -228,7 +228,7 @@ type UserStore interface {
GetByAuth(authData *string, authService string) StoreChannel
GetAllUsingAuthService(authService string) StoreChannel
GetByUsername(username string) StoreChannel
- GetForLogin(loginId string, allowSignInWithUsername, allowSignInWithEmail, ldapEnabled bool) StoreChannel
+ GetForLogin(loginId string, allowSignInWithUsername, allowSignInWithEmail bool) StoreChannel
VerifyEmail(userId string) StoreChannel
GetEtagForAllProfiles() StoreChannel
GetEtagForProfiles(teamId string) StoreChannel
diff --git a/store/storetest/mocks/AuditStore.go b/store/storetest/mocks/AuditStore.go
index df84545bd..d1ee9082e 100644
--- a/store/storetest/mocks/AuditStore.go
+++ b/store/storetest/mocks/AuditStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/ChannelMemberHistoryStore.go b/store/storetest/mocks/ChannelMemberHistoryStore.go
index 16155b982..ae8d024d1 100644
--- a/store/storetest/mocks/ChannelMemberHistoryStore.go
+++ b/store/storetest/mocks/ChannelMemberHistoryStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/ChannelStore.go b/store/storetest/mocks/ChannelStore.go
index 6eab47073..ec3fa1253 100644
--- a/store/storetest/mocks/ChannelStore.go
+++ b/store/storetest/mocks/ChannelStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/ClusterDiscoveryStore.go b/store/storetest/mocks/ClusterDiscoveryStore.go
index 997dcf03f..4010006d8 100644
--- a/store/storetest/mocks/ClusterDiscoveryStore.go
+++ b/store/storetest/mocks/ClusterDiscoveryStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/CommandStore.go b/store/storetest/mocks/CommandStore.go
index de4bc4e34..798bbee4d 100644
--- a/store/storetest/mocks/CommandStore.go
+++ b/store/storetest/mocks/CommandStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/CommandWebhookStore.go b/store/storetest/mocks/CommandWebhookStore.go
index cede8cdd2..5129388ae 100644
--- a/store/storetest/mocks/CommandWebhookStore.go
+++ b/store/storetest/mocks/CommandWebhookStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/ComplianceStore.go b/store/storetest/mocks/ComplianceStore.go
index fb828cd4b..dd75941b3 100644
--- a/store/storetest/mocks/ComplianceStore.go
+++ b/store/storetest/mocks/ComplianceStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/EmojiStore.go b/store/storetest/mocks/EmojiStore.go
index 9871c98aa..b1f0a3217 100644
--- a/store/storetest/mocks/EmojiStore.go
+++ b/store/storetest/mocks/EmojiStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/FileInfoStore.go b/store/storetest/mocks/FileInfoStore.go
index 4dddf0bd7..67f922146 100644
--- a/store/storetest/mocks/FileInfoStore.go
+++ b/store/storetest/mocks/FileInfoStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/JobStore.go b/store/storetest/mocks/JobStore.go
index d3558212e..a78a3f94e 100644
--- a/store/storetest/mocks/JobStore.go
+++ b/store/storetest/mocks/JobStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/LayeredStoreDatabaseLayer.go b/store/storetest/mocks/LayeredStoreDatabaseLayer.go
index 6fa31bb1b..cf1d776ef 100644
--- a/store/storetest/mocks/LayeredStoreDatabaseLayer.go
+++ b/store/storetest/mocks/LayeredStoreDatabaseLayer.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/LayeredStoreSupplier.go b/store/storetest/mocks/LayeredStoreSupplier.go
index d4242708b..443112615 100644
--- a/store/storetest/mocks/LayeredStoreSupplier.go
+++ b/store/storetest/mocks/LayeredStoreSupplier.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/LicenseStore.go b/store/storetest/mocks/LicenseStore.go
index 5c65425ea..f00ebba78 100644
--- a/store/storetest/mocks/LicenseStore.go
+++ b/store/storetest/mocks/LicenseStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/OAuthStore.go b/store/storetest/mocks/OAuthStore.go
index fb49d715d..a39570b6c 100644
--- a/store/storetest/mocks/OAuthStore.go
+++ b/store/storetest/mocks/OAuthStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/PluginStore.go b/store/storetest/mocks/PluginStore.go
index 920b0f63c..b6f161a86 100644
--- a/store/storetest/mocks/PluginStore.go
+++ b/store/storetest/mocks/PluginStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/PostStore.go b/store/storetest/mocks/PostStore.go
index bdfbb3321..130bfafd7 100644
--- a/store/storetest/mocks/PostStore.go
+++ b/store/storetest/mocks/PostStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/PreferenceStore.go b/store/storetest/mocks/PreferenceStore.go
index 5ad56914a..f53ae06d5 100644
--- a/store/storetest/mocks/PreferenceStore.go
+++ b/store/storetest/mocks/PreferenceStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/ReactionStore.go b/store/storetest/mocks/ReactionStore.go
index ce09f3f76..b3e81a83b 100644
--- a/store/storetest/mocks/ReactionStore.go
+++ b/store/storetest/mocks/ReactionStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/RoleStore.go b/store/storetest/mocks/RoleStore.go
index 3c01ee341..cb69b2f2e 100644
--- a/store/storetest/mocks/RoleStore.go
+++ b/store/storetest/mocks/RoleStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/SessionStore.go b/store/storetest/mocks/SessionStore.go
index 70b2bd945..819ae948d 100644
--- a/store/storetest/mocks/SessionStore.go
+++ b/store/storetest/mocks/SessionStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/SqlStore.go b/store/storetest/mocks/SqlStore.go
index 43709fc0e..20cfd1721 100644
--- a/store/storetest/mocks/SqlStore.go
+++ b/store/storetest/mocks/SqlStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/StatusStore.go b/store/storetest/mocks/StatusStore.go
index 4acb90bdd..68ccdd4ec 100644
--- a/store/storetest/mocks/StatusStore.go
+++ b/store/storetest/mocks/StatusStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/Store.go b/store/storetest/mocks/Store.go
index cb7e511f6..a0438b66e 100644
--- a/store/storetest/mocks/Store.go
+++ b/store/storetest/mocks/Store.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/SystemStore.go b/store/storetest/mocks/SystemStore.go
index b31e4646d..e36396fe1 100644
--- a/store/storetest/mocks/SystemStore.go
+++ b/store/storetest/mocks/SystemStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/TeamStore.go b/store/storetest/mocks/TeamStore.go
index d38fb5f27..993c9b86f 100644
--- a/store/storetest/mocks/TeamStore.go
+++ b/store/storetest/mocks/TeamStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/TokenStore.go b/store/storetest/mocks/TokenStore.go
index b4baacf03..657aeca49 100644
--- a/store/storetest/mocks/TokenStore.go
+++ b/store/storetest/mocks/TokenStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/UserAccessTokenStore.go b/store/storetest/mocks/UserAccessTokenStore.go
index c5ef0fefe..fd98a8a99 100644
--- a/store/storetest/mocks/UserAccessTokenStore.go
+++ b/store/storetest/mocks/UserAccessTokenStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/mocks/UserStore.go b/store/storetest/mocks/UserStore.go
index 369a29e7a..347dd2065 100644
--- a/store/storetest/mocks/UserStore.go
+++ b/store/storetest/mocks/UserStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
@@ -258,13 +258,13 @@ func (_m *UserStore) GetEtagForProfilesNotInTeam(teamId string) store.StoreChann
return r0
}
-// GetForLogin provides a mock function with given fields: loginId, allowSignInWithUsername, allowSignInWithEmail, ldapEnabled
-func (_m *UserStore) GetForLogin(loginId string, allowSignInWithUsername bool, allowSignInWithEmail bool, ldapEnabled bool) store.StoreChannel {
- ret := _m.Called(loginId, allowSignInWithUsername, allowSignInWithEmail, ldapEnabled)
+// GetForLogin provides a mock function with given fields: loginId, allowSignInWithUsername, allowSignInWithEmail
+func (_m *UserStore) GetForLogin(loginId string, allowSignInWithUsername bool, allowSignInWithEmail bool) store.StoreChannel {
+ ret := _m.Called(loginId, allowSignInWithUsername, allowSignInWithEmail)
var r0 store.StoreChannel
- if rf, ok := ret.Get(0).(func(string, bool, bool, bool) store.StoreChannel); ok {
- r0 = rf(loginId, allowSignInWithUsername, allowSignInWithEmail, ldapEnabled)
+ if rf, ok := ret.Get(0).(func(string, bool, bool) store.StoreChannel); ok {
+ r0 = rf(loginId, allowSignInWithUsername, allowSignInWithEmail)
} else {
if ret.Get(0) != nil {
r0 = ret.Get(0).(store.StoreChannel)
diff --git a/store/storetest/mocks/WebhookStore.go b/store/storetest/mocks/WebhookStore.go
index bf5b636eb..a0b2b0bee 100644
--- a/store/storetest/mocks/WebhookStore.go
+++ b/store/storetest/mocks/WebhookStore.go
@@ -1,4 +1,4 @@
-// Code generated by mockery v1.0.0
+// Code generated by mockery v1.0.0. DO NOT EDIT.
// Regenerate this file using `make store-mocks`.
diff --git a/store/storetest/user_store.go b/store/storetest/user_store.go
index 2fd7d4190..66f54df39 100644
--- a/store/storetest/user_store.go
+++ b/store/storetest/user_store.go
@@ -1091,64 +1091,26 @@ func testUserStoreGetForLogin(t *testing.T, ss store.Store) {
}
store.Must(ss.User().Save(u2))
- if result := <-ss.User().GetForLogin(u1.Username, true, true, true); result.Err != nil {
+ if result := <-ss.User().GetForLogin(u1.Username, true, true); result.Err != nil {
t.Fatal("Should have gotten user by username", result.Err)
} else if result.Data.(*model.User).Id != u1.Id {
t.Fatal("Should have gotten user1 by username")
}
- if result := <-ss.User().GetForLogin(u1.Email, true, true, true); result.Err != nil {
+ if result := <-ss.User().GetForLogin(u1.Email, true, true); result.Err != nil {
t.Fatal("Should have gotten user by email", result.Err)
} else if result.Data.(*model.User).Id != u1.Id {
t.Fatal("Should have gotten user1 by email")
}
- if result := <-ss.User().GetForLogin(*u2.AuthData, true, true, true); result.Err != nil {
- t.Fatal("Should have gotten user by AD/LDAP AuthData", result.Err)
- } else if result.Data.(*model.User).Id != u2.Id {
- t.Fatal("Should have gotten user2 by AD/LDAP AuthData")
- }
-
- // prevent getting user by AuthData when they're not an LDAP user
- if result := <-ss.User().GetForLogin(*u1.AuthData, true, true, true); result.Err == nil {
- t.Fatal("Should not have gotten user by non-AD/LDAP AuthData")
- }
-
// prevent getting user when different login methods are disabled
- if result := <-ss.User().GetForLogin(u1.Username, false, true, true); result.Err == nil {
+ if result := <-ss.User().GetForLogin(u1.Username, false, true); result.Err == nil {
t.Fatal("Should have failed to get user1 by username")
}
- if result := <-ss.User().GetForLogin(u1.Email, true, false, true); result.Err == nil {
+ if result := <-ss.User().GetForLogin(u1.Email, true, false); result.Err == nil {
t.Fatal("Should have failed to get user1 by email")
}
-
- if result := <-ss.User().GetForLogin(*u2.AuthData, true, true, false); result.Err == nil {
- t.Fatal("Should have failed to get user3 by AD/LDAP AuthData")
- }
-
- auth3 := model.NewId()
-
- // test a special case where two users will have conflicting login information so we throw a special error
- u3 := &model.User{
- Email: model.NewId(),
- Username: model.NewId(),
- AuthService: model.USER_AUTH_SERVICE_LDAP,
- AuthData: &auth3,
- }
- store.Must(ss.User().Save(u3))
-
- u4 := &model.User{
- Email: model.NewId(),
- Username: model.NewId(),
- AuthService: model.USER_AUTH_SERVICE_LDAP,
- AuthData: &u3.Username,
- }
- store.Must(ss.User().Save(u4))
-
- if err := (<-ss.User().GetForLogin(u3.Username, true, true, true)).Err; err == nil {
- t.Fatal("Should have failed to get users with conflicting login information")
- }
}
func testUserStoreUpdatePassword(t *testing.T, ss store.Store) {
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-12 15:13:52 +0000