projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
16736: Adds tests to confirm expires_at gets properly set on runtime tokens.
[arvados.git] / services / api / app / models / container.rb
diff --git a/services/api/app/models/container.rb b/services/api/app/models/container.rb
index 8feee77ff23553eaba0429125c1b06f3f5688d50..e6d945a005c79dd3e3a30549bc43b4768aaed021 100644 (file)
--- a/services/api/app/models/container.rb
+++ b/services/api/app/models/container.rb
@@ -605,7 +605,8 @@ class Container < ArvadosModel
         self.runtime_auth_scopes = ["all"]
       end
 
-      # generate a new token
+      # Generate a new token. This runs with admin credentials as it's done by a
+      # dispatcher user, so expires_at isn't enforced by API.MaxTokenLifetime.
       self.auth = ApiClientAuthorization.
                     create!(user_id: User.find_by_uuid(self.runtime_user_uuid).id,
                             api_client_id: 0,