From 5e78d7fe12a39e28a6520b023b0df0fc66a826d5 Mon Sep 17 00:00:00 2001
From: Chris Duarte <csduarte@users.noreply.github.com>
Date: Thu, 4 Jan 2018 09:45:59 -0800
Subject: Add admin update endpoint that can update authservice and authdata
 (#7842)

* add admin update endpoint that can upate authservice and authdata

* Control only SystemAdmin access

* Refactored AdminUpdate endpoint to only be able to update AuthData, AuthService and Password by User.Id

* Refactor to move `PUT /api/v4/users/{user_id}/auth`. Created a struct to hold UserAuth info.
---
 app/user.go | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'app/user.go')

diff --git a/app/user.go b/app/user.go
index 626f6310f..493b391ae 100644
--- a/app/user.go
+++ b/app/user.go
@@ -969,6 +969,30 @@ func (a *App) PatchUser(userId string, patch *model.UserPatch, asAdmin bool) (*m
 	return updatedUser, nil
 }
 
+func (a *App) UpdateUserAuth(userId string, userAuth *model.UserAuth) (*model.UserAuth, *model.AppError) {
+	if userAuth.AuthData == nil || *userAuth.AuthData == "" || userAuth.AuthService == "" {
+		userAuth.AuthData = nil
+		userAuth.AuthService = ""
+
+		if err := a.IsPasswordValid(userAuth.Password); err != nil {
+			return nil, err
+		}
+		password := model.HashPassword(userAuth.Password)
+
+		if result := <-a.Srv.Store.User().UpdatePassword(userId, password); result.Err != nil {
+			return nil, result.Err
+		}
+	} else {
+		userAuth.Password = ""
+
+		if result := <-a.Srv.Store.User().UpdateAuthData(userId, userAuth.AuthService, userAuth.AuthData, "", false); result.Err != nil {
+			return nil, result.Err
+		}
+	}
+
+	return userAuth, nil
+}
+
 func (a *App) sendUpdatedUserEvent(user model.User, asAdmin bool) {
 	a.SanitizeProfile(&user, asAdmin)
 
-- 
cgit v1.2.3-1-g7c22