From 27ba68a7894d5204b8d75dc7353774977d62fa15 Mon Sep 17 00:00:00 2001
From: Chris Duarte <csduarte@users.noreply.github.com>
Date: Tue, 28 Nov 2017 11:46:48 -0800
Subject: Add Config to disable Auth Transfers. (#7843)

* Add Config to disable Auth Transfers.

* Set config ExperimentalEnableAuthenticationTransfer behind an E20 license restriction
---
 app/ldap.go | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'app/ldap.go')

diff --git a/app/ldap.go b/app/ldap.go
index a01a4aeb6..49f3d034a 100644
--- a/app/ldap.go
+++ b/app/ldap.go
@@ -39,6 +39,10 @@ func (a *App) TestLdap() *model.AppError {
 }
 
 func (a *App) SwitchEmailToLdap(email, password, code, ldapId, ldapPassword string) (string, *model.AppError) {
+	if utils.IsLicensed() && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
+		return "", model.NewAppError("emailToLdap", "api.user.email_to_ldap.not_available.app_error", nil, "", http.StatusForbidden)
+	}
+
 	user, err := a.GetUserByEmail(email)
 	if err != nil {
 		return "", err
@@ -71,6 +75,10 @@ func (a *App) SwitchEmailToLdap(email, password, code, ldapId, ldapPassword stri
 }
 
 func (a *App) SwitchLdapToEmail(ldapPassword, code, email, newPassword string) (string, *model.AppError) {
+	if utils.IsLicensed() && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
+		return "", model.NewAppError("ldapToEmail", "api.user.ldap_to_email.not_available.app_error", nil, "", http.StatusForbidden)
+	}
+
 	user, err := a.GetUserByEmail(email)
 	if err != nil {
 		return "", err
-- 
cgit v1.2.3-1-g7c22