From 41bbbbf4462205348c978a2cce5162f73e35f6b7 Mon Sep 17 00:00:00 2001
From: JoramWilander <jwawilander@gmail.com>
Date: Wed, 22 Jul 2015 15:05:20 -0400
Subject: add changes from team review

---
 api/user.go             |  1 +
 config/config.json      | 12 ++++++------
 model/user.go           |  2 +-
 store/sql_user_store.go |  4 ++--
 web/web.go              |  6 +++---
 5 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/api/user.go b/api/user.go
index d16ad300a..7a688f28b 100644
--- a/api/user.go
+++ b/api/user.go
@@ -377,6 +377,7 @@ func login(c *Context, w http.ResponseWriter, r *http.Request) {
 		user = LoginByEmail(c, w, r, props["email"], props["name"], props["password"], props["device_id"])
 	} else {
 		c.Err = model.NewAppError("login", "Either user id or team name and user email must be provided", "")
+		c.Err.StatusCode = http.StatusForbidden
 		return
 	}
 
diff --git a/config/config.json b/config/config.json
index 84e675a72..14fd6e593 100644
--- a/config/config.json
+++ b/config/config.json
@@ -25,12 +25,12 @@
     },
     "SSOSettings": {
         "gitlab": {
-            "Allow": true,
-            "Secret" : "0495d3d6e528d91ba46605622a3645a8409ac5971ee287b1c3a6519fe27e6f6a",
-            "Id": "87a4aeb746c67e87a54df78f6eccf85229dd30a3a797bfdb423b82ba4e749cd0",
-            "AuthEndpoint": "http://dockerhost:8080/oauth/authorize",
-            "TokenEndpoint": "http://dockerhost:8080/oauth/token",
-            "UserApiEndpoint": "http://dockerhost:8080/api/v3/user"
+            "Allow": false,
+            "Secret" : "",
+            "Id": "",
+            "AuthEndpoint": "<yourgitlabdomain>/oauth/authorize",
+            "TokenEndpoint": "<yourgitlabdomain>/oauth/token",
+            "UserApiEndpoint": "<yourgitlabdomain>/api/v3/user"
         }
     },
     "SqlSettings": {
diff --git a/model/user.go b/model/user.go
index 78b033327..c71d75405 100644
--- a/model/user.go
+++ b/model/user.go
@@ -37,6 +37,7 @@ type User struct {
 	Username           string    `json:"username"`
 	Password           string    `json:"password"`
 	AuthData           string    `json:"auth_data"`
+	AuthService        string    `json:"auth_service"`
 	Email              string    `json:"email"`
 	EmailVerified      bool      `json:"email_verified"`
 	Nickname           string    `json:"nickname"`
@@ -50,7 +51,6 @@ type User struct {
 	NotifyProps        StringMap `json:"notify_props"`
 	LastPasswordUpdate int64     `json:"last_password_update"`
 	LastPictureUpdate  int64     `json:"last_picture_update"`
-	AuthService        string    `json:"auth_service"`
 }
 
 type GitLabUser struct {
diff --git a/store/sql_user_store.go b/store/sql_user_store.go
index fdc101b22..6cf12f5b8 100644
--- a/store/sql_user_store.go
+++ b/store/sql_user_store.go
@@ -24,6 +24,7 @@ func NewSqlUserStore(sqlStore *SqlStore) UserStore {
 		table.ColMap("Username").SetMaxSize(64)
 		table.ColMap("Password").SetMaxSize(128)
 		table.ColMap("AuthData").SetMaxSize(128)
+		table.ColMap("AuthService").SetMaxSize(32)
 		table.ColMap("Email").SetMaxSize(128)
 		table.ColMap("Nickname").SetMaxSize(64)
 		table.ColMap("FirstName").SetMaxSize(64)
@@ -31,7 +32,6 @@ func NewSqlUserStore(sqlStore *SqlStore) UserStore {
 		table.ColMap("Roles").SetMaxSize(64)
 		table.ColMap("Props").SetMaxSize(4000)
 		table.ColMap("NotifyProps").SetMaxSize(2000)
-		table.ColMap("AuthService").SetMaxSize(32)
 		table.SetUniqueTogether("Email", "TeamId")
 		table.SetUniqueTogether("Username", "TeamId")
 	}
@@ -59,7 +59,7 @@ func (us SqlUserStore) UpgradeSchemaIfNeeded() {
 		}
 	}
 
-	us.CreateColumnIfNotExists("Users", "AuthService", "LastPictureUpdate", "varchar(32)", "") // for OAuth Client
+	us.CreateColumnIfNotExists("Users", "AuthService", "AuthData", "varchar(32)", "") // for OAuth Client
 }
 
 //func (ss SqlStore) CreateColumnIfNotExists(tableName string, columnName string, afterName string, colType string, defaultValue string) bool {
diff --git a/web/web.go b/web/web.go
index 975b65002..6bd4d09a0 100644
--- a/web/web.go
+++ b/web/web.go
@@ -476,18 +476,18 @@ func signupWithOAuth(c *api.Context, w http.ResponseWriter, r *http.Request) {
 		props := model.MapFromJson(strings.NewReader(data))
 
 		if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.ServiceSettings.InviteSalt)) {
-			c.Err = model.NewAppError("createUser", "The signup link does not appear to be valid", "")
+			c.Err = model.NewAppError("signupWithOAuth", "The signup link does not appear to be valid", "")
 			return
 		}
 
 		t, err := strconv.ParseInt(props["time"], 10, 64)
 		if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours
-			c.Err = model.NewAppError("createUser", "The signup link has expired", "")
+			c.Err = model.NewAppError("signupWithOAuth", "The signup link has expired", "")
 			return
 		}
 
 		if team.Id != props["id"] {
-			c.Err = model.NewAppError("createUser", "Invalid team name", data)
+			c.Err = model.NewAppError("signupWithOAuth", "Invalid team name", data)
 			return
 		}
 	}
-- 
cgit v1.2.3-1-g7c22