projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' into 2903-remove-pi-active-and-success
[arvados.git] / services / api / app / models / authorized_key.rb
diff --git a/services/api/app/models/authorized_key.rb b/services/api/app/models/authorized_key.rb
index 88f8dc8a993b03d97979f4a1df84b7cd11dbab20..5856e0c8e8d9a6a2c0b7e0edb9c01e782b3dfc77 100644 (file)
--- a/services/api/app/models/authorized_key.rb
+++ b/services/api/app/models/authorized_key.rb
@@ -1,5 +1,5 @@
 class AuthorizedKey < ArvadosModel
-  include AssignUuid
+  include HasUuid
   include KindAndEtag
   include CommonApiTemplate
   before_create :permission_to_set_authorized_user_uuid
@@ -32,9 +32,19 @@ class AuthorizedKey < ArvadosModel
   end
 
   def public_key_must_be_unique
-    key = /ssh-rsa [A-Za-z0-9+\/]+/.match(self.public_key)[0]
-
-    # Valid if no other rows have this public key
-    self.class.where('public_key like ? and uuid <> ?', "%#{key}%", self.uuid).empty?
+    if self.public_key
+      key = /^ssh-(rsa|dss) [A-Za-z0-9+\/=\+]+\b/.match(self.public_key)
+      
+      if not key
+        errors.add(:public_key, "does not appear to be a valid ssh-rsa or dsa public key")
+      else
+        # Valid if no other rows have this public key
+        if self.class.where('public_key like ?', "%#{key[0]}%").any?
+          errors.add(:public_key, "already exists in the database, use a different key.")
+          return false
+        end
+      end
+    end
+    return true
   end
 end