From d2aacdbb07c0c0b97c0f45c99cfbbd2f28c56e7b Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Fri, 27 May 2016 11:36:53 -0400
Subject: Don't allow gitlab users to activate mfa (#3125)

---
 api/user.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'api/user.go')

diff --git a/api/user.go b/api/user.go
index c1b40852d..caf573463 100644
--- a/api/user.go
+++ b/api/user.go
@@ -2336,6 +2336,10 @@ func ActivateMfa(userId, token string) *model.AppError {
 		user = result.Data.(*model.User)
 	}
 
+	if len(user.AuthService) > 0 && user.AuthService != model.USER_AUTH_SERVICE_LDAP {
+		return model.NewLocAppError("ActivateMfa", "api.user.activate_mfa.email_and_ldap_only.app_error", nil, "")
+	}
+
 	if err := mfaInterface.Activate(user, token); err != nil {
 		return err
 	}
-- 
cgit v1.2.3-1-g7c22