projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix 404 at api_client_authorizations.create_system_auth and add tests.
[arvados.git]
/
services
/
api
/
app
/
controllers
/
arvados
/
v1
/
users_controller.rb
diff --git
a/services/api/app/controllers/arvados/v1/users_controller.rb
b/services/api/app/controllers/arvados/v1/users_controller.rb
index 5498619729b6cbd1a5779399ea7c28aecdbff9eb..133df0f62c17125ead845cbb64331b3cb79290a2 100644
(file)
--- a/
services/api/app/controllers/arvados/v1/users_controller.rb
+++ b/
services/api/app/controllers/arvados/v1/users_controller.rb
@@
-1,4
+1,9
@@
class Arvados::V1::UsersController < ApplicationController
class Arvados::V1::UsersController < ApplicationController
+ skip_before_filter :find_object_by_uuid, only:
+ [:activate, :event_stream, :current, :system]
+ skip_before_filter :render_404_if_no_object, only:
+ [:activate, :event_stream, :current, :system]
+
def current
@object = current_user
show
def current
@object = current_user
show
@@
-43,12
+48,16
@@
class Arvados::V1::UsersController < ApplicationController
def activate
if current_user.andand.is_admin && params[:uuid]
def activate
if current_user.andand.is_admin && params[:uuid]
- @
user
= User.find params[:uuid]
+ @
object
= User.find params[:uuid]
else
else
- @
user
= current_user
+ @
object
= current_user
end
end
- if not @user.is_active
- target_user_uuid = @user.uuid
+ if not @object.is_active
+ if not (current_user.is_admin or @object.is_invited)
+ logger.warn "User #{@object.uuid} called users.activate " +
+ "but is not invited"
+ raise ArgumentError.new "Cannot activate without being invited."
+ end
act_as_system_user do
required_uuids = Link.where(owner_uuid: system_user_uuid,
link_class: 'signature',
act_as_system_user do
required_uuids = Link.where(owner_uuid: system_user_uuid,
link_class: 'signature',
@@
-60,23
+69,22
@@
class Arvados::V1::UsersController < ApplicationController
link_class: 'signature',
name: 'click',
tail_kind: 'arvados#user',
link_class: 'signature',
name: 'click',
tail_kind: 'arvados#user',
- tail_uuid:
target_user_
uuid,
+ tail_uuid:
@object.
uuid,
head_kind: 'arvados#collection',
head_uuid: required_uuids).
collect(&:head_uuid)
todo_uuids = required_uuids - signed_uuids
if todo_uuids == []
head_kind: 'arvados#collection',
head_uuid: required_uuids).
collect(&:head_uuid)
todo_uuids = required_uuids - signed_uuids
if todo_uuids == []
- @
user
.update_attributes is_active: true
- logger.info "User #{@
user
.uuid} activated"
+ @
object
.update_attributes is_active: true
+ logger.info "User #{@
object
.uuid} activated"
else
else
- logger.warn "User #{@
user
.uuid} called users.activate " +
+ logger.warn "User #{@
object
.uuid} called users.activate " +
"before signing agreements #{todo_uuids.inspect}"
"before signing agreements #{todo_uuids.inspect}"
- raise Ar
gument
Error.new \
+ raise Ar
vadosModel::PermissionDenied
Error.new \
"Cannot activate without user agreements #{todo_uuids.inspect}."
end
end
end
"Cannot activate without user agreements #{todo_uuids.inspect}."
end
end
end
- @object = @user
show
end
end
show
end
end