From d8dd271e43550ab043c2db36c274092d7819fcab Mon Sep 17 00:00:00 2001 From: Christopher Speller Date: Thu, 10 May 2018 09:46:09 -0700 Subject: MM-4998 Adding LoginIdAttribute to allow LDAP users to change their login ID without losing their account (#8756) * Adding LoginIdAttribute * Modifying LDAP to use loginIDAttribute. * Adding IDAttribute migration and AD objectGUID support. * Removing unused idea. * Fix typo. --- store/storetest/user_store.go | 46 ++++--------------------------------------- 1 file changed, 4 insertions(+), 42 deletions(-) (limited to 'store/storetest/user_store.go') diff --git a/store/storetest/user_store.go b/store/storetest/user_store.go index 2fd7d4190..66f54df39 100644 --- a/store/storetest/user_store.go +++ b/store/storetest/user_store.go @@ -1091,64 +1091,26 @@ func testUserStoreGetForLogin(t *testing.T, ss store.Store) { } store.Must(ss.User().Save(u2)) - if result := <-ss.User().GetForLogin(u1.Username, true, true, true); result.Err != nil { + if result := <-ss.User().GetForLogin(u1.Username, true, true); result.Err != nil { t.Fatal("Should have gotten user by username", result.Err) } else if result.Data.(*model.User).Id != u1.Id { t.Fatal("Should have gotten user1 by username") } - if result := <-ss.User().GetForLogin(u1.Email, true, true, true); result.Err != nil { + if result := <-ss.User().GetForLogin(u1.Email, true, true); result.Err != nil { t.Fatal("Should have gotten user by email", result.Err) } else if result.Data.(*model.User).Id != u1.Id { t.Fatal("Should have gotten user1 by email") } - if result := <-ss.User().GetForLogin(*u2.AuthData, true, true, true); result.Err != nil { - t.Fatal("Should have gotten user by AD/LDAP AuthData", result.Err) - } else if result.Data.(*model.User).Id != u2.Id { - t.Fatal("Should have gotten user2 by AD/LDAP AuthData") - } - - // prevent getting user by AuthData when they're not an LDAP user - if result := <-ss.User().GetForLogin(*u1.AuthData, true, true, true); result.Err == nil { - t.Fatal("Should not have gotten user by non-AD/LDAP AuthData") - } - // prevent getting user when different login methods are disabled - if result := <-ss.User().GetForLogin(u1.Username, false, true, true); result.Err == nil { + if result := <-ss.User().GetForLogin(u1.Username, false, true); result.Err == nil { t.Fatal("Should have failed to get user1 by username") } - if result := <-ss.User().GetForLogin(u1.Email, true, false, true); result.Err == nil { + if result := <-ss.User().GetForLogin(u1.Email, true, false); result.Err == nil { t.Fatal("Should have failed to get user1 by email") } - - if result := <-ss.User().GetForLogin(*u2.AuthData, true, true, false); result.Err == nil { - t.Fatal("Should have failed to get user3 by AD/LDAP AuthData") - } - - auth3 := model.NewId() - - // test a special case where two users will have conflicting login information so we throw a special error - u3 := &model.User{ - Email: model.NewId(), - Username: model.NewId(), - AuthService: model.USER_AUTH_SERVICE_LDAP, - AuthData: &auth3, - } - store.Must(ss.User().Save(u3)) - - u4 := &model.User{ - Email: model.NewId(), - Username: model.NewId(), - AuthService: model.USER_AUTH_SERVICE_LDAP, - AuthData: &u3.Username, - } - store.Must(ss.User().Save(u4)) - - if err := (<-ss.User().GetForLogin(u3.Username, true, true, true)).Err; err == nil { - t.Fatal("Should have failed to get users with conflicting login information") - } } func testUserStoreUpdatePassword(t *testing.T, ss store.Store) { -- cgit v1.2.3-1-g7c22