auth: Fixed incorrect error reporting on permissions mismatching, added ensuring of user in auth.FindUser.

internal/auth/token.go

@@ -29,7 +29,7 @@ var ErrExpired = errors.New("Claims have already expired")
 var ErrWrongUser = errors.New("Key is not valid for this user")
 
 // ErrWrongPermissions is returned by CheckToken if the key cannot claim one or more of its permissions
-var ErrWrongPermissions = errors.New("Key is not valid for this user")
+var ErrWrongPermissions = errors.New("User does not have these permissions")
 
 // ErrDeletedUser is returned by CheckToken if the key can represent this user, but the user doesn't exist.
 var ErrDeletedUser = errors.New("User was not found")

internal/auth/user.go

@@ -34,6 +34,25 @@ func FindUser(userid string) (User, error) {
 	user := User{}
 	err := userCollection.FindId(userid).One(&user)
 
+	if err == mgo.ErrNotFound {
+		user := User{
+			ID:   userid,
+			Nick: "",
+			Permissions: []string{
+				"member",
+				"log.edit",
+				"post.edit",
+				"post.move",
+				"file.upload",
+			},
+		}
+
+		err := userCollection.Insert(user)
+		if err != nil {
+			return User{}, err
+		}
+	}
+
 	return user, err
 }