From e26b77faf10c6ca18f12df573d36d4e4676ffcf9 Mon Sep 17 00:00:00 2001
From: =Corey Hulen <corey@hulen.com>
Date: Mon, 5 Oct 2015 17:33:45 -0700
Subject: PLT-518 check for security bulletins

---
 store/sql_user_store.go      | 31 +++++++++++++++++++++++++++++++
 store/sql_user_store_test.go | 23 +++++++++++++++++++++++
 store/store.go               |  1 +
 3 files changed, 55 insertions(+)

(limited to 'store')

diff --git a/store/sql_user_store.go b/store/sql_user_store.go
index 0a723d965..f82f87290 100644
--- a/store/sql_user_store.go
+++ b/store/sql_user_store.go
@@ -370,6 +370,37 @@ func (us SqlUserStore) GetProfiles(teamId string) StoreChannel {
 	return storeChannel
 }
 
+func (us SqlUserStore) GetSystemAdminProfiles() StoreChannel {
+
+	storeChannel := make(StoreChannel)
+
+	go func() {
+		result := StoreResult{}
+
+		var users []*model.User
+
+		if _, err := us.GetReplica().Select(&users, "SELECT * FROM Users WHERE Roles = :Roles", map[string]interface{}{"Roles": "system_admin"}); err != nil {
+			result.Err = model.NewAppError("SqlUserStore.GetSystemAdminProfiles", "We encounted an error while finding user profiles", err.Error())
+		} else {
+
+			userMap := make(map[string]*model.User)
+
+			for _, u := range users {
+				u.Password = ""
+				u.AuthData = ""
+				userMap[u.Id] = u
+			}
+
+			result.Data = userMap
+		}
+
+		storeChannel <- result
+		close(storeChannel)
+	}()
+
+	return storeChannel
+}
+
 func (us SqlUserStore) GetByEmail(teamId string, email string) StoreChannel {
 
 	storeChannel := make(StoreChannel)
diff --git a/store/sql_user_store_test.go b/store/sql_user_store_test.go
index e2a454023..bfdd14fef 100644
--- a/store/sql_user_store_test.go
+++ b/store/sql_user_store_test.go
@@ -259,6 +259,29 @@ func TestUserStoreGetProfiles(t *testing.T) {
 	}
 }
 
+func TestUserStoreGetSystemAdminProfiles(t *testing.T) {
+	Setup()
+
+	u1 := model.User{}
+	u1.TeamId = model.NewId()
+	u1.Email = model.NewId()
+	Must(store.User().Save(&u1))
+
+	u2 := model.User{}
+	u2.TeamId = u1.TeamId
+	u2.Email = model.NewId()
+	Must(store.User().Save(&u2))
+
+	if r1 := <-store.User().GetSystemAdminProfiles(); r1.Err != nil {
+		t.Fatal(r1.Err)
+	} else {
+		users := r1.Data.(map[string]*model.User)
+		if len(users) <= 0 {
+			t.Fatal("invalid returned system admin users")
+		}
+	}
+}
+
 func TestUserStoreGetByEmail(t *testing.T) {
 	Setup()
 
diff --git a/store/store.go b/store/store.go
index 887913bc6..fc088ce74 100644
--- a/store/store.go
+++ b/store/store.go
@@ -104,6 +104,7 @@ type UserStore interface {
 	UpdateFailedPasswordAttempts(userId string, attempts int) StoreChannel
 	GetForExport(teamId string) StoreChannel
 	GetTotalUsersCount() StoreChannel
+	GetSystemAdminProfiles() StoreChannel
 }
 
 type SessionStore interface {
-- 
cgit v1.2.3-1-g7c22