From 69ae5cef166501dee49cd3a63d7131323796169e Mon Sep 17 00:00:00 2001
From: Chris <ccbrown112@gmail.com>
Date: Mon, 26 Jun 2017 11:33:48 -0700
Subject: verify for email domain for everything but ldap / saml (#6718)

---
 app/user.go | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'app')

diff --git a/app/user.go b/app/user.go
index 6a6050cc8..6ab6f8344 100644
--- a/app/user.go
+++ b/app/user.go
@@ -176,7 +176,7 @@ func IsFirstUserAccount() bool {
 }
 
 func CreateUser(user *model.User) (*model.User, *model.AppError) {
-	if !user.IsSSOUser() && !CheckUserDomain(user, utils.Cfg.TeamSettings.RestrictCreationToDomains) {
+	if !user.IsLDAPUser() && !user.IsSAMLUser() && !CheckUserDomain(user, utils.Cfg.TeamSettings.RestrictCreationToDomains) {
 		return nil, model.NewLocAppError("CreateUser", "api.user.create_user.accepted_domain.app_error", nil, "")
 	}
 
@@ -313,15 +313,13 @@ func CheckUserDomain(user *model.User, domains string) bool {
 
 	domainArray := strings.Fields(strings.TrimSpace(strings.ToLower(strings.Replace(strings.Replace(domains, "@", " ", -1), ",", " ", -1))))
 
-	matched := false
 	for _, d := range domainArray {
 		if strings.HasSuffix(strings.ToLower(user.Email), "@"+d) {
-			matched = true
-			break
+			return true
 		}
 	}
 
-	return matched
+	return false
 }
 
 // Check if the username is already used by another user. Return false if the username is invalid.
-- 
cgit v1.2.3-1-g7c22