+require 'can_be_an_owner'
+
class User < ArvadosModel
- include AssignUuid
+ include HasUuid
include KindAndEtag
include CommonApiTemplate
+ include CanBeAnOwner
+
serialize :prefs, Hash
has_many :api_client_authorizations
before_update :prevent_privilege_escalation
ALL_PERMISSIONS = {read: true, write: true, manage: true}
def full_name
- "#{first_name} #{last_name}"
+ "#{first_name} #{last_name}".strip
end
def is_invited
protected
+ def ensure_ownership_path_leads_to_user
+ true
+ end
+
def permission_to_update
# users must be able to update themselves (even if they are
# inactive) in order to create sessions
end
def create_oid_login_perm (openid_prefix)
- login_perm_props = {identity_url_prefix: openid_prefix}
+ login_perm_props = { "identity_url_prefix" => openid_prefix}
# Check oid_login_perm
oid_login_perms = Link.where(tail_uuid: self.email,
link_class: 'permission',
- name: 'can_login').where("head_uuid like ?", User.uuid_like_pattern)
+ name: 'can_login').where("head_uuid = ?", self.uuid)
if !oid_login_perms.any?
# create openid login permission
projects / arvados.git / blobdiff