projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
:none dispatcher only runs one job at a time.
[arvados.git]
/
services
/
api
/
app
/
models
/
user.rb
diff --git
a/services/api/app/models/user.rb
b/services/api/app/models/user.rb
index 2e146872d6278da84b8177c96014964c4567a81c..52dd8d79ff47014a9bfe0896a818b28c4d83395d 100644
(file)
--- a/
services/api/app/models/user.rb
+++ b/
services/api/app/models/user.rb
@@
-1,7
+1,11
@@
+require 'can_be_an_owner'
+
class User < ArvadosModel
class User < ArvadosModel
- include
Assign
Uuid
+ include
Has
Uuid
include KindAndEtag
include CommonApiTemplate
include KindAndEtag
include CommonApiTemplate
+ include CanBeAnOwner
+
serialize :prefs, Hash
has_many :api_client_authorizations
before_update :prevent_privilege_escalation
serialize :prefs, Hash
has_many :api_client_authorizations
before_update :prevent_privilege_escalation
@@
-177,6
+181,10
@@
class User < ArvadosModel
protected
protected
+ def ensure_ownership_path_leads_to_user
+ true
+ end
+
def permission_to_update
# users must be able to update themselves (even if they are
# inactive) in order to create sessions
def permission_to_update
# users must be able to update themselves (even if they are
# inactive) in order to create sessions
@@
-330,21
+338,21
@@
class User < ArvadosModel
perm_exists = false
login_perms.each do |perm|
perm_exists = false
login_perms.each do |perm|
- if perm.properties[
:username
] == repo_name
- perm_exists =
true
+ if perm.properties[
'username'
] == repo_name
+ perm_exists =
perm
break
end
end
break
end
end
- if !perm_exists
+ if perm_exists
+ login_perm = perm_exists
+ else
login_perm = Link.create(tail_uuid: self.uuid,
head_uuid: vm[:uuid],
link_class: 'permission',
name: 'can_login',
login_perm = Link.create(tail_uuid: self.uuid,
head_uuid: vm[:uuid],
link_class: 'permission',
name: 'can_login',
- properties: {
username:
repo_name})
+ properties: {
'username' =>
repo_name})
logger.info { "login permission: " + login_perm[:uuid] }
logger.info { "login permission: " + login_perm[:uuid] }
- else
- login_perm = login_perms.first
end
return login_perm
end
return login_perm