Add admin update endpoint that can update authservice and authdata (#7842)

* add admin update endpoint that can upate authservice and authdata

* Control only SystemAdmin access

* Refactored AdminUpdate endpoint to only be able to update AuthData, AuthService and Password by User.Id

* Refactor to move `PUT /api/v4/users/{user_id}/auth`. Created a struct to hold UserAuth info.

1 files changed, 24 insertions, 0 deletions

diff --git a/app/user.go b/app/user.go
index 626f6310f..493b391ae 100644
--- a/app/user.go
+++ b/app/user.go
@@ -969,6 +969,30 @@ func (a *App) PatchUser(userId string, patch *model.UserPatch, asAdmin bool) (*m
 	return updatedUser, nil
 }
 
+func (a *App) UpdateUserAuth(userId string, userAuth *model.UserAuth) (*model.UserAuth, *model.AppError) {
+	if userAuth.AuthData == nil || *userAuth.AuthData == "" || userAuth.AuthService == "" {
+		userAuth.AuthData = nil
+		userAuth.AuthService = ""
+
+		if err := a.IsPasswordValid(userAuth.Password); err != nil {
+			return nil, err
+		}
+		password := model.HashPassword(userAuth.Password)
+
+		if result := <-a.Srv.Store.User().UpdatePassword(userId, password); result.Err != nil {
+			return nil, result.Err
+		}
+	} else {
+		userAuth.Password = ""
+
+		if result := <-a.Srv.Store.User().UpdateAuthData(userId, userAuth.AuthService, userAuth.AuthData, "", false); result.Err != nil {
+			return nil, result.Err
+		}
+	}
+
+	return userAuth, nil
+}
+
 func (a *App) sendUpdatedUserEvent(user model.User, asAdmin bool) {
 	a.SanitizeProfile(&user, asAdmin)