Modify API discovery document and CLI tool so resource objects can be

[arvados.git] / services / api / app / controllers / user_sessions_controller.rb

diff --git a/services/api/app/controllers/user_sessions_controller.rb b/services/api/app/controllers/user_sessions_controller.rb
index 28e7e795cd83307f66a32f2a130016dea8dfcc9a..2c22cb893284b9e985b97321a45c6ab2e04ef3d3 100644 (file)
--- a/services/api/app/controllers/user_sessions_controller.rb
+++ b/services/api/app/controllers/user_sessions_controller.rb
@@ -1,5 +1,5 @@
 class UserSessionsController < ApplicationController
-  before_filter :login_required, :only => [ :destroy ]
+  before_filter :require_auth_scope_all, :only => [ :destroy ]
 
   skip_before_filter :uncamelcase_params_hash_keys
   skip_before_filter :find_object_by_uuid
@@ -28,14 +28,15 @@ class UserSessionsController < ApplicationController
       user = User.new(:email => omniauth['info']['email'],
                       :first_name => omniauth['info']['first_name'],
                       :last_name => omniauth['info']['last_name'],
-                      :identity_url => omniauth['info']['identity_url'])
+                      :identity_url => omniauth['info']['identity_url'],
+                      :is_active => Rails.configuration.new_users_are_active)
     else
       user.email = omniauth['info']['email']
       user.first_name = omniauth['info']['first_name']
       user.last_name = omniauth['info']['last_name']
     end
 
-    # prevent OrvosModel#before_create and _update from throwing
+    # prevent ArvadosModel#before_create and _update from throwing
     # "unauthorized":
     Thread.current[:user] = user