Merge branch 'release-3.9' into merge-3.9

author: JoramWilander <jwawilander@gmail.com> 2017-05-12 08:00:28 -0400
committer: JoramWilander <jwawilander@gmail.com> 2017-05-12 08:00:28 -0400
commit: 9d109b070037951fcd0832b785eba8a3db9a157c (patch)
tree: 5d109da2e9e088f16eff0ad1421876a3d3da412e /api4/context.go
parent: b1c39204a63a87d2cbc57f66cf9db50c938b2ee5 (diff)
parent: a21a06afd9907e9911dcb166d902cba9f405c7cb (diff)
download: chat-9d109b070037951fcd0832b785eba8a3db9a157c.tar.gz
chat-9d109b070037951fcd0832b785eba8a3db9a157c.tar.bz2
chat-9d109b070037951fcd0832b785eba8a3db9a157c.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/api4/context.go b/api4/context.go
index 32db0ed7d..37af2c6d4 100644
--- a/api4/context.go
+++ b/api4/context.go
@@ -271,9 +271,13 @@ func (c *Context) MfaRequired() {
 			return
 		}
 
+		// Special case to let user get themself
+		if c.Path == "/api/v4/users/me" {
+			return
+		}
+
 		if !user.MfaActive {
-			c.Err = model.NewLocAppError("", "api.context.mfa_required.app_error", nil, "MfaRequired")
-			c.Err.StatusCode = http.StatusUnauthorized
+			c.Err = model.NewAppError("", "api.context.mfa_required.app_error", nil, "MfaRequired", http.StatusForbidden)
 			return
 		}
 	}
author	JoramWilander <jwawilander@gmail.com>	2017-05-12 08:00:28 -0400
committer	JoramWilander <jwawilander@gmail.com>	2017-05-12 08:00:28 -0400
commit	9d109b070037951fcd0832b785eba8a3db9a157c (patch)
tree	5d109da2e9e088f16eff0ad1421876a3d3da412e /api4/context.go
parent	b1c39204a63a87d2cbc57f66cf9db50c938b2ee5 (diff)
parent	a21a06afd9907e9911dcb166d902cba9f405c7cb (diff)
download	chat-9d109b070037951fcd0832b785eba8a3db9a157c.tar.gz chat-9d109b070037951fcd0832b785eba8a3db9a157c.tar.bz2 chat-9d109b070037951fcd0832b785eba8a3db9a157c.zip