diff options
| author | Christopher Speller <crspeller@gmail.com> | 2016-05-02 08:07:58 -0400 |
|---|---|---|
| committer | Christopher Speller <crspeller@gmail.com> | 2016-05-02 08:07:58 -0400 |
| commit | c63e027aece1270c8e1378ee27b015304d25f89d (patch) | |
| tree | aefef2f1ea027472c62e821c04e6a56b460d931a /store | |
| parent | 3346a9a63a7c1db582b2f553269c64f4b4a356ef (diff) | |
| download | chat-c63e027aece1270c8e1378ee27b015304d25f89d.tar.gz chat-c63e027aece1270c8e1378ee27b015304d25f89d.tar.bz2 chat-c63e027aece1270c8e1378ee27b015304d25f89d.zip | |
Fixing LDAP editing of attributes (#2824)
Diffstat (limited to 'store')
| -rw-r--r-- | store/sql_user_store.go | 12 | ||||
| -rw-r--r-- | store/sql_user_store_test.go | 11 |
2 files changed, 22 insertions, 1 deletions
diff --git a/store/sql_user_store.go b/store/sql_user_store.go index 636400ce9..9db378341 100644 --- a/store/sql_user_store.go +++ b/store/sql_user_store.go @@ -136,7 +136,17 @@ func (us SqlUserStore) Update(user *model.User, allowActiveUpdate bool) StoreCha if user.IsOAuthUser() { user.Email = oldUser.Email - } else if !user.IsLDAPUser() && user.Email != oldUser.Email { + } else if user.IsLDAPUser() { + if user.Username != oldUser.Username || + user.FirstName != oldUser.FirstName || + user.LastName != oldUser.LastName || + user.Email != oldUser.Email { + result.Err = model.NewLocAppError("SqlUserStore.Update", "store.sql_user.update.can_not_change_ldap.app_error", nil, "user_id="+user.Id) + storeChannel <- result + close(storeChannel) + return + } + } else if user.Email != oldUser.Email { user.EmailVerified = false } diff --git a/store/sql_user_store_test.go b/store/sql_user_store_test.go index 2d17c5888..9fed32dc8 100644 --- a/store/sql_user_store_test.go +++ b/store/sql_user_store_test.go @@ -77,6 +77,12 @@ func TestUserStoreUpdate(t *testing.T) { Must(store.User().Save(u1)) Must(store.Team().SaveMember(&model.TeamMember{TeamId: model.NewId(), UserId: u1.Id})) + u2 := &model.User{} + u2.Email = model.NewId() + u2.AuthService = "ldap" + Must(store.User().Save(u2)) + Must(store.Team().SaveMember(&model.TeamMember{TeamId: model.NewId(), UserId: u2.Id})) + time.Sleep(100 * time.Millisecond) if err := (<-store.User().Update(u1, false)).Err; err != nil { @@ -92,6 +98,11 @@ func TestUserStoreUpdate(t *testing.T) { if err := (<-store.User().Update(u1, false)).Err; err == nil { t.Fatal("Update should have faile because id change") } + + u2.Email = model.NewId() + if err := (<-store.User().Update(u2, false)).Err; err == nil { + t.Fatal("Update should have failed because you can't modify LDAP fields") + } } func TestUserStoreUpdateLastPingAt(t *testing.T) { |