diff options
| author | Corey Hulen <corey@hulen.com> | 2016-05-11 11:04:30 -0700 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2016-05-11 14:04:30 -0400 |
| commit | 3928535456f9fcb025ed86edeb4d258f2c524150 (patch) | |
| tree | 010f4bd298f23b92711affcdef81cc329c522e67 /api/user.go | |
| parent | a574397a7256bed7738f499019f97ab468b5161d (diff) | |
| download | chat-3928535456f9fcb025ed86edeb4d258f2c524150.tar.gz chat-3928535456f9fcb025ed86edeb4d258f2c524150.tar.bz2 chat-3928535456f9fcb025ed86edeb4d258f2c524150.zip | |
PLT-2905 fixing upgrade of SSO accounts (#2962)
* PLT-2905 fixing upgrade of SSO accounts
* Fixing multiple Auths mapped to different emails
Diffstat (limited to 'api/user.go')
| -rw-r--r-- | api/user.go | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/api/user.go b/api/user.go index c53a643c7..4b9c3a3c8 100644 --- a/api/user.go +++ b/api/user.go @@ -535,7 +535,7 @@ func LoginByOAuth(c *Context, w http.ResponseWriter, r *http.Request, service st } var user *model.User - if result := <-Srv.Store.User().GetByAuth(authData, service); result.Err != nil { + if result := <-Srv.Store.User().GetByAuth(&authData, service); result.Err != nil { if result.Err.Id == store.MISSING_AUTH_ACCOUNT_ERROR { return CreateOAuthUser(c, w, r, service, bytes.NewReader(buf.Bytes()), "") } @@ -1289,7 +1289,8 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { } rusers[0].Password = "" - rusers[0].AuthData = "" + rusers[0].AuthData = new(string) + *rusers[0].AuthData = "" w.Write([]byte(rusers[0].ToJson())) } } @@ -1337,7 +1338,7 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { user := result.Data.(*model.User) - if user.AuthData != "" { + if user.AuthData != nil && *user.AuthData != "" { c.LogAudit("failed - tried to update user password who was logged in through oauth") c.Err = model.NewLocAppError("updatePassword", "api.user.update_password.oauth.app_error", nil, "auth_service="+user.AuthService) c.Err.StatusCode = http.StatusBadRequest @@ -1653,7 +1654,7 @@ func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) { user = result.Data.(*model.User) } - if len(user.AuthData) != 0 { + if user.AuthData != nil && len(*user.AuthData) != 0 { c.Err = model.NewLocAppError("sendPasswordReset", "api.user.send_password_reset.sso.app_error", nil, "userId="+user.Id) return } @@ -1749,7 +1750,7 @@ func ResetPassword(c *Context, userId, newPassword string) *model.AppError { user = result.Data.(*model.User) } - if len(user.AuthData) != 0 && !c.IsSystemAdmin() { + if user.AuthData != nil && len(*user.AuthData) != 0 && !c.IsSystemAdmin() { return model.NewLocAppError("ResetPassword", "api.user.reset_password.sso.app_error", nil, "userId="+user.Id) } @@ -2148,13 +2149,13 @@ func ldapToEmail(c *Context, w http.ResponseWriter, r *http.Request) { } ldapInterface := einterfaces.GetLdapInterface() - if ldapInterface == nil { + if ldapInterface == nil || user.AuthData == nil { c.Err = model.NewLocAppError("ldapToEmail", "api.user.ldap_to_email.not_available.app_error", nil, "") c.Err.StatusCode = http.StatusNotImplemented return } - if err := ldapInterface.CheckPassword(user.AuthData, ldapPassword); err != nil { + if err := ldapInterface.CheckPassword(*user.AuthData, ldapPassword); err != nil { c.LogAuditWithUserId(user.Id, "fail - ldap authentication failed") c.Err = err return |