From 048e8a5e13033f50cce02986498fb58d9c114341 Mon Sep 17 00:00:00 2001
From: Nick Gerakines <nick.gerakines@gmail.com>
Date: Fri, 20 Mar 2020 18:07:18 -0400
Subject: [PATCH] Added error messaging when user attempts to attach a slack
 account to a user that already has the slack account attached. Added GitLab
 to settings page as oauth option.

---
 account.go                   | 10 ++++++++--
 go.mod                       |  2 ++
 go.sum                       |  4 ++++
 oauth.go                     | 19 ++++++++++++++-----
 templates/user/settings.tmpl |  3 +++
 5 files changed, 31 insertions(+), 7 deletions(-)

diff --git a/account.go b/account.go
index 2ae5bf1..e6ddc7b 100644
--- a/account.go
+++ b/account.go
@@ -27,6 +27,7 @@ import (
 	"github.com/writeas/web-core/auth"
 	"github.com/writeas/web-core/data"
 	"github.com/writeas/web-core/log"
+
 	"github.com/writeas/writefreely/author"
 	"github.com/writeas/writefreely/config"
 	"github.com/writeas/writefreely/page"
@@ -70,7 +71,7 @@ func canUserInvite(cfg *config.Config, isAdmin bool) bool {
 }
 
 func (up *UserPage) SetMessaging(u *User) {
-	//up.NeedsAuth = app.db.DoesUserNeedAuth(u.ID)
+	// up.NeedsAuth = app.db.DoesUserNeedAuth(u.ID)
 }
 
 const (
@@ -1044,6 +1045,7 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err
 
 	enableOauthSlack := app.Config().SlackOauth.ClientID != ""
 	enableOauthWriteAs := app.Config().WriteAsOauth.ClientID != ""
+	enableOauthGitLab := app.Config().GitlabOauth.ClientID != ""
 
 	oauthAccounts, err := app.db.GetOauthAccounts(r.Context(), u.ID)
 	if err != nil {
@@ -1056,10 +1058,12 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err
 			enableOauthSlack = false
 		case "write.as":
 			enableOauthWriteAs = false
+		case "gitlab":
+			enableOauthGitLab = false
 		}
 	}
 
-	displayOauthSection := enableOauthSlack || enableOauthWriteAs || len(oauthAccounts) > 0
+	displayOauthSection := enableOauthSlack || enableOauthWriteAs || enableOauthGitLab || len(oauthAccounts) > 0
 
 	obj := struct {
 		*UserPage
@@ -1071,6 +1075,7 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err
 		OauthAccounts []oauthAccountInfo
 		OauthSlack    bool
 		OauthWriteAs  bool
+		OauthGitLab   bool
 	}{
 		UserPage:      NewUserPage(app, r, u, "Account Settings", flashes),
 		Email:         fullUser.EmailClear(app.keys),
@@ -1081,6 +1086,7 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err
 		OauthAccounts: oauthAccounts,
 		OauthSlack:    enableOauthSlack,
 		OauthWriteAs:  enableOauthWriteAs,
+		OauthGitLab:   enableOauthGitLab,
 	}
 
 	showUserPage(w, "settings", obj)
diff --git a/go.mod b/go.mod
index fe5b548..bb23137 100644
--- a/go.mod
+++ b/go.mod
@@ -21,6 +21,7 @@ require (
 	github.com/guregu/null v3.4.0+incompatible
 	github.com/hashicorp/go-multierror v1.0.0
 	github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2
+	github.com/jteeuwen/go-bindata v3.0.7+incompatible // indirect
 	github.com/jtolds/gls v4.2.1+incompatible // indirect
 	github.com/kylemcc/twitter-text-go v0.0.0-20180726194232-7f582f6736ec
 	github.com/lunixbochs/vtclean v1.0.0 // indirect
@@ -51,6 +52,7 @@ require (
 	github.com/writeas/slug v1.2.0
 	github.com/writeas/web-core v1.2.0
 	github.com/writefreely/go-nodeinfo v1.2.0
+	golang.org/dl v0.0.0-20200319204010-bf12898a6070 // indirect
 	golang.org/x/crypto v0.0.0-20200109152110-61a87790db17
 	golang.org/x/lint v0.0.0-20181217174547-8f45f776aaf1 // indirect
 	golang.org/x/tools v0.0.0-20190208222737-3744606dbb67 // indirect
diff --git a/go.sum b/go.sum
index b0a423a..1de5654 100644
--- a/go.sum
+++ b/go.sum
@@ -73,6 +73,8 @@ github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uP
 github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
 github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2 h1:wIdDEle9HEy7vBPjC6oKz6ejs3Ut+jmsYvuOoAW2pSM=
 github.com/ikeikeikeike/go-sitemap-generator/v2 v2.0.2/go.mod h1:WtaVKD9TeruTED9ydiaOJU08qGoEPP/LyzTKiD3jEsw=
+github.com/jteeuwen/go-bindata v3.0.7+incompatible h1:91Uy4d9SYVr1kyTJ15wJsog+esAZZl7JmEfTkwmhJts=
+github.com/jteeuwen/go-bindata v3.0.7+incompatible/go.mod h1:JVvhzYOiGBnFSYRyV00iY8q7/0PThjIYav1p9h5dmKs=
 github.com/jtolds/gls v4.2.1+incompatible h1:fSuqC+Gmlu6l/ZYAoZzx2pyucC8Xza35fpRVWLVmUEE=
 github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a h1:FaWFmfWdAUKbSCtOU2QjDaorUexogfaMgbipgYATUMU=
@@ -165,6 +167,8 @@ github.com/writeas/web-core v1.2.0 h1:CYqvBd+byi1cK4mCr1NZ6CjILuMOFmiFecv+OACcmG
 github.com/writeas/web-core v1.2.0/go.mod h1:vTYajviuNBAxjctPp2NUYdgjofywVkxUGpeaERF3SfI=
 github.com/writefreely/go-nodeinfo v1.2.0 h1:La+YbTCvmpTwFhBSlebWDDL81N88Qf/SCAvRLR7F8ss=
 github.com/writefreely/go-nodeinfo v1.2.0/go.mod h1:UTvE78KpcjYOlRHupZIiSEFcXHioTXuacCbHU+CAcPg=
+golang.org/dl v0.0.0-20200319204010-bf12898a6070 h1:m3RoSUFYtel4F/gCw0tosY5Exe7hm2NbeNv/737FbSo=
+golang.org/dl v0.0.0-20200319204010-bf12898a6070/go.mod h1:IUMfjQLJQd4UTqG1Z90tenwKoCX93Gn3MAQJMOSBsDQ=
 golang.org/x/crypto v0.0.0-20180527072434-ab813273cd59 h1:hk3yo72LXLapY9EXVttc3Z1rLOxT9IuAPPX3GpY2+jo=
 golang.org/x/crypto v0.0.0-20180527072434-ab813273cd59/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
diff --git a/oauth.go b/oauth.go
index 59350bd..80f3e1d 100644
--- a/oauth.go
+++ b/oauth.go
@@ -4,17 +4,19 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/gorilla/mux"
-	"github.com/gorilla/sessions"
-	"github.com/writeas/impart"
-	"github.com/writeas/web-core/log"
-	"github.com/writeas/writefreely/config"
 	"io"
 	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strings"
 	"time"
+
+	"github.com/gorilla/mux"
+	"github.com/gorilla/sessions"
+	"github.com/writeas/impart"
+	"github.com/writeas/web-core/log"
+
+	"github.com/writeas/writefreely/config"
 )
 
 // TokenResponse contains data returned when a token is created either
@@ -252,6 +254,13 @@ func (h oauthHandler) viewOauthCallback(app *App, w http.ResponseWriter, r *http
 		return impart.HTTPError{http.StatusInternalServerError, err.Error()}
 	}
 
+	if localUserID != -1 && attachUserID > 0 {
+		if err = addSessionFlash(app, w, r, "Slack account is already attached to a user.", nil); err != nil {
+			return impart.HTTPError{Status: http.StatusInternalServerError, Message: err.Error()}
+		}
+		return impart.HTTPError{http.StatusFound, "/me/settings"}
+	}
+
 	if localUserID != -1 {
 		user, err := h.DB.GetUserByID(localUserID)
 		if err != nil {
diff --git a/templates/user/settings.tmpl b/templates/user/settings.tmpl
index 3b91c83..14f8e47 100644
--- a/templates/user/settings.tmpl
+++ b/templates/user/settings.tmpl
@@ -92,6 +92,9 @@ h3 { font-weight: normal; }
             {{ if .OauthWriteAs }}
                 <a class="btn cta loginbtn" id="writeas-login" href="/oauth/write.as?attach=t">Link your <strong>Write.as</strong> account.</a>
             {{ end }}
+            {{ if .OauthGitLab }}
+                <a class="btn cta loginbtn" id="gitlab-login" href="/oauth/gitlab?attach=t">Link your <strong>GitLab</strong> account.</a>
+            {{ end }}
             </p>
         {{ end }}
     {{ end }}