projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
12626: Change variable dst_user -> new_user for consistency.
[arvados.git]
/
services
/
api
/
app
/
controllers
/
user_sessions_controller.rb
diff --git
a/services/api/app/controllers/user_sessions_controller.rb
b/services/api/app/controllers/user_sessions_controller.rb
index 5a90f4f8ead61df1bfa5ae791dd0c4354bcebb51..87967a40a5a860a47c34c52d93ae0fcbf38a23fa 100644
(file)
--- a/
services/api/app/controllers/user_sessions_controller.rb
+++ b/
services/api/app/controllers/user_sessions_controller.rb
@@
-24,7
+24,11
@@
class UserSessionsController < ApplicationController
return redirect_to login_failure_url
end
return redirect_to login_failure_url
end
- user = User.find_by_identity_url(omniauth['info']['identity_url'])
+ # Only local users can create sessions, hence uuid_like_pattern
+ # here.
+ user = User.unscoped.where('identity_url = ? and uuid like ?',
+ omniauth['info']['identity_url'],
+ User.uuid_like_pattern).first
if not user
# Check for permission to log in to an existing User record with
# a different identity_url
if not user
# Check for permission to log in to an existing User record with
# a different identity_url
@@
-41,6
+45,14
@@
class UserSessionsController < ApplicationController
end
end
end
end
end
end
+
+ while (uuid = user.andand.redirect_to_user_uuid)
+ user = User.where(uuid: uuid).first
+ if !user
+ raise Exception.new("identity_url #{omniauth['info']['identity_url']} redirects to nonexistent uuid #{uuid}")
+ end
+ end
+
if not user
# New user registration
user = User.new(:email => omniauth['info']['email'],
if not user
# New user registration
user = User.new(:email => omniauth['info']['email'],