before_update :prevent_inactive_admin
before_create :check_auto_admin
after_create :add_system_group_permission_link
+ after_create :auto_setup_new_user
after_create :send_admin_notifications
after_update :send_profile_created_notification
end
end
+ # Automatically setup new user during creation
+ def auto_setup_new_user
+ return true if !Rails.configuration.auto_setup_new_users
+ return true if !self.email
+
+ if Rails.configuration.auto_setup_new_users_with_vm_uuid ||
+ Rails.configuration.auto_setup_new_users_with_repository
+ username = self.email.partition('@')[0] if self.email
+ return true if !username
+
+ blacklisted_usernames = Rails.configuration.auto_setup_name_blacklist
+ if blacklisted_usernames.include?(username)
+ return true
+ elsif !(/^[a-zA-Z][-._a-zA-Z0-9]{0,30}[a-zA-Z0-9]$/.match(username))
+ return true
+ else
+ return true if !(username = derive_unique_username username)
+ end
+ end
+
+ # setup user
+ setup_repo_vm_links(username,
+ Rails.configuration.auto_setup_new_users_with_vm_uuid,
+ Rails.configuration.default_openid_prefix)
+ end
+
+ # Find a username that starts with the given string and does not collide
+ # with any existing repository name or VM login name
+ def derive_unique_username username
+ while true
+ if Repository.where(name: username).empty?
+ login_collisions = Link.where(link_class: 'permission',
+ name: 'can_login').select do |perm|
+ perm.properties['username'] == username
+ end
+ return username if login_collisions.empty?
+ end
+ username = username + SecureRandom.random_number(10).to_s
+ end
+ end
+
# Send notification if the user saved profile for the first time
def send_profile_created_notification
if self.prefs_changed?
projects / arvados.git / blobdiff