From 3581aa3ccbb2470ad9925068b66781ea5e987a44 Mon Sep 17 00:00:00 2001
From: Tim Alby <timothee.alby@gmail.com>
Date: Wed, 4 Jul 2018 12:47:05 +0200
Subject: [PATCH] disable emails endpoint when externalAuthenticationSystemUsed
 is true

---
 services/web/app/coffee/router.coffee | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee
index 8993bb45dc..ed6ea83c10 100644
--- a/services/web/app/coffee/router.coffee
+++ b/services/web/app/coffee/router.coffee
@@ -111,20 +111,23 @@ module.exports = class Router
 		webRouter.get '/user/emails',
 			AuthenticationController.requireLogin(),
 			UserEmailsController.list
-		webRouter.post '/user/emails',
-			AuthenticationController.requireLogin(),
-			UserEmailsController.add
-		webRouter.post '/user/emails/delete',
-			AuthenticationController.requireLogin(),
-			UserEmailsController.remove
-		webRouter.post '/user/emails/default',
-			AuthenticationController.requireLogin(),
-			UserEmailsController.setDefault
 		webRouter.get '/user/emails/confirm',
 			UserEmailsController.showConfirm
 		webRouter.post '/user/emails/confirm',
 			UserEmailsController.confirm
 
+		unless Features.externalAuthenticationSystemUsed()
+			webRouter.post '/user/emails',
+				AuthenticationController.requireLogin(),
+				UserEmailsController.add
+			webRouter.post '/user/emails/delete',
+				AuthenticationController.requireLogin(),
+				UserEmailsController.remove
+			webRouter.post '/user/emails/default',
+				AuthenticationController.requireLogin(),
+				UserEmailsController.setDefault
+
+
 		webRouter.get  '/user/sessions',
 			AuthenticationController.requireLogin(),
 			SudoModeMiddlewear.protectPage,