projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
19146: Add can_write/can_manage to users#list, fix select=can_*.
[arvados.git]
/
services
/
api
/
app
/
controllers
/
arvados
/
v1
/
users_controller.rb
diff --git
a/services/api/app/controllers/arvados/v1/users_controller.rb
b/services/api/app/controllers/arvados/v1/users_controller.rb
index 54db521768592742dd9c4406ff987f0d7c7ee496..507cb4ac339fe5fd63fbbf7fb3013411fc44b5e9 100644
(file)
--- a/
services/api/app/controllers/arvados/v1/users_controller.rb
+++ b/
services/api/app/controllers/arvados/v1/users_controller.rb
@@
-274,7
+274,7
@@
class Arvados::V1::UsersController < ApplicationController
return super if @read_users.any?(&:is_admin)
if params[:uuid] != current_user.andand.uuid
# Non-admin index/show returns very basic information about readable users.
return super if @read_users.any?(&:is_admin)
if params[:uuid] != current_user.andand.uuid
# Non-admin index/show returns very basic information about readable users.
- safe_attrs = ["uuid", "is_active", "email", "first_name", "last_name", "username"]
+ safe_attrs = ["uuid", "is_active", "email", "first_name", "last_name", "username"
, "can_write", "can_manage"
]
if @select
@select = @select & safe_attrs
else
if @select
@select = @select & safe_attrs
else