class Arvados::V1::UsersController < ApplicationController
+ skip_before_filter :find_object_by_uuid, only:
+ [:activate, :event_stream, :current, :system]
+ skip_before_filter :render_404_if_no_object, only:
+ [:activate, :event_stream, :current, :system]
+
def current
@object = current_user
show
def activate
if current_user.andand.is_admin && params[:uuid]
- @user = User.find params[:uuid]
+ @object = User.find params[:uuid]
else
- @user = current_user
+ @object = current_user
end
- if not @user.is_active
- target_user_uuid = @user.uuid
+ if not @object.is_active
+ if not (current_user.is_admin or @object.is_invited)
+ logger.warn "User #{@object.uuid} called users.activate " +
+ "but is not invited"
+ raise ArgumentError.new "Cannot activate without being invited."
+ end
act_as_system_user do
required_uuids = Link.where(owner_uuid: system_user_uuid,
link_class: 'signature',
link_class: 'signature',
name: 'click',
tail_kind: 'arvados#user',
- tail_uuid: target_user_uuid,
+ tail_uuid: @object.uuid,
head_kind: 'arvados#collection',
head_uuid: required_uuids).
collect(&:head_uuid)
todo_uuids = required_uuids - signed_uuids
if todo_uuids == []
- @user.update_attributes is_active: true
- logger.info "User #{@user.uuid} activated"
+ @object.update_attributes is_active: true
+ logger.info "User #{@object.uuid} activated"
else
- logger.warn "User #{@user.uuid} called users.activate " +
+ logger.warn "User #{@object.uuid} called users.activate " +
"before signing agreements #{todo_uuids.inspect}"
- raise ArgumentError.new \
+ raise ArvadosModel::PermissionDeniedError.new \
"Cannot activate without user agreements #{todo_uuids.inspect}."
end
end
end
- @object = @user
show
end
end