Simspace · shterrett · Jun 24, 2021 · Jun 24, 2021 · Jun 28, 2021 · Jun 29, 2021
diff --git a/app/oauth.go b/app/oauth.go
@@ -921,7 +921,7 @@ func (a *App) AuthorizeOAuthUser(w http.ResponseWriter, r *http.Request, service
 }
 
 func (a *App) SwitchEmailToOAuth(w http.ResponseWriter, r *http.Request, email, password, code, service string) (string, *model.AppError) {
-	if a.Srv().License() != nil && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
+	if !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
 		return "", model.NewAppError("emailToOAuth", "api.user.email_to_oauth.not_available.app_error", nil, "", http.StatusForbidden)
 	}
 
@@ -951,7 +951,7 @@ func (a *App) SwitchEmailToOAuth(w http.ResponseWriter, r *http.Request, email,
 }
 
 func (a *App) SwitchOAuthToEmail(email, password, requesterId string) (string, *model.AppError) {
-	if a.Srv().License() != nil && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
+	if !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
 		return "", model.NewAppError("oauthToEmail", "api.user.oauth_to_email.not_available.app_error", nil, "", http.StatusForbidden)
 	}
 

diff --git a/app/security_update_check.go b/app/security_update_check.go
diff --git a/app/server.go b/app/server.go
@@ -710,9 +710,6 @@ func maxInt(a, b int) int {
 }
 
 func (s *Server) runJobs() {
-	s.Go(func() {
-		runSecurityJob(s)
-	})
 	s.Go(func() {
 		firstRun, err := s.getFirstServerRunTimestamp()
 		if err != nil {
@@ -1410,13 +1407,6 @@ func (s *Server) checkPushNotificationServerUrl() {
 	}
 }
 
-func runSecurityJob(s *Server) {
-	doSecurity(s)
-	model.CreateRecurringTask("Security", func() {
-		doSecurity(s)
-	}, time.Hour*4)
-}
-
 func runTokenCleanupJob(s *Server) {
 	doTokenCleanup(s)
 	model.CreateRecurringTask("Token Cleanup", func() {
@@ -1478,10 +1468,6 @@ func runCheckAdminSupportStatusJob(a *App, c *request.Context) {
 	}, time.Hour*model.WARN_METRIC_JOB_INTERVAL)
 }
 
-func doSecurity(s *Server) {
-	s.DoSecurityUpdateCheck()
-}
-
 func doTokenCleanup(s *Server) {
 	s.Store.Token().Cleanup()
 }
@@ -1766,28 +1752,6 @@ func (s *Server) doLicenseExpirationCheck() {
 		return
 	}
 
-	users, err := s.Store.User().GetSystemAdminProfiles()
-	if err != nil {
-		mlog.Error("Failed to get system admins for license expired message from Mattermost.")
-		return
-	}
-
-	//send email to admin(s)
-	for _, user := range users {
-		user := user
-		if user.Email == "" {
-			mlog.Error("Invalid system admin email.", mlog.String("user_email", user.Email))
-			continue
-		}
-
-		mlog.Debug("Sending license expired email.", mlog.String("user_email", user.Email))
-		s.Go(func() {
-			if err := s.EmailService.SendRemoveExpiredLicenseEmail(user.Email, user.Locale, *s.Config().ServiceSettings.SiteURL); err != nil {
-				mlog.Error("Error while sending the license expired email.", mlog.String("user_email", user.Email), mlog.Err(err))
-			}
-		})
-	}
-
 	//remove the license
 	s.RemoveLicense()
 }

diff --git a/app/user.go b/app/user.go
@@ -2017,6 +2017,11 @@ func (a *App) UpdateOAuthUserAttrs(userData io.Reader, user *model.User, provide
 		}
 	}
 
+	if oauthUser.Roles != user.Roles {
+		user.Roles = oauthUser.Roles
+		userAttrsChanged = true
+	}
+
 	if user.DeleteAt > 0 {
 		// Make sure they are not disabled
 		user.DeleteAt = 0

diff --git a/cmd/mattermost/main.go b/cmd/mattermost/main.go
@@ -23,6 +23,7 @@ import (
 	_ "github.com/mattermost/mattermost-server/v5/app/slashcommands"
 	// Plugins
 	_ "github.com/mattermost/mattermost-server/v5/model/gitlab"
+	_ "github.com/mattermost/mattermost-server/v5/model/openid"
 	// Enterprise Imports
 	_ "github.com/mattermost/mattermost-server/v5/imports"
 )

diff --git a/config/client.go b/config/client.go
@@ -312,6 +312,10 @@ func GenerateLimitedClientConfig(c *model.Config, telemetryID string, license *m
 	props["EnableGuestAccounts"] = strconv.FormatBool(*c.GuestAccountsSettings.Enable)
 	props["GuestAccountsEnforceMultifactorAuthentication"] = strconv.FormatBool(*c.GuestAccountsSettings.EnforceMultifactorAuthentication)
 
+	props["EnableSignUpWithOpenId"] = strconv.FormatBool(*c.OpenIdSettings.Enable)
+	props["OpenIdButtonColor"] = *c.OpenIdSettings.ButtonColor
+	props["OpenIdButtonText"] = *c.OpenIdSettings.ButtonText
+
 	if license != nil {
 		if *license.Features.LDAP {
 			props["EnableLdap"] = strconv.FormatBool(*c.LdapSettings.Enable)
@@ -337,12 +341,6 @@ func GenerateLimitedClientConfig(c *model.Config, telemetryID string, license *m
 			props["EnableSignUpWithOffice365"] = strconv.FormatBool(*c.Office365Settings.Enable)
 		}
 
-		if *license.Features.OpenId {
-			props["EnableSignUpWithOpenId"] = strconv.FormatBool(*c.OpenIdSettings.Enable)
-			props["OpenIdButtonColor"] = *c.OpenIdSettings.ButtonColor
-			props["OpenIdButtonText"] = *c.OpenIdSettings.ButtonText
-		}
-
 		if *license.Features.CustomTermsOfService {
 			props["EnableCustomTermsOfService"] = strconv.FormatBool(*c.SupportSettings.CustomTermsOfServiceEnabled)
 			props["CustomTermsOfServiceReAcceptancePeriod"] = strconv.FormatInt(int64(*c.SupportSettings.CustomTermsOfServiceReAcceptancePeriod), 10)