Merge branch '4533-lock-tables-first' refs #4533

[arvados.git] / services / api / app / controllers / user_sessions_controller.rb

diff --git a/services/api/app/controllers/user_sessions_controller.rb b/services/api/app/controllers/user_sessions_controller.rb
index 0b80877bc25624e9b66a38f8c0c35c75b468cc0f..f6efda167e5cbcdb1a69475bc3baed222905da62 100644 (file)
--- a/services/api/app/controllers/user_sessions_controller.rb
+++ b/services/api/app/controllers/user_sessions_controller.rb
@@ -1,6 +1,7 @@
 class UserSessionsController < ApplicationController
   before_filter :require_auth_scope, :only => [ :destroy ]
 
+  skip_before_filter :set_cors_headers
   skip_before_filter :find_object_by_uuid
   skip_before_filter :render_404_if_no_object
 
@@ -42,7 +43,11 @@ class UserSessionsController < ApplicationController
                       :first_name => omniauth['info']['first_name'],
                       :last_name => omniauth['info']['last_name'],
                       :identity_url => omniauth['info']['identity_url'],
-                      :is_active => Rails.configuration.new_users_are_active)
+                      :is_active => Rails.configuration.new_users_are_active,
+                      :owner_uuid => system_user_uuid)
+      act_as_system_user do
+        user.save or raise Exception.new(user.errors.messages)
+      end
     else
       user.email = omniauth['info']['email']
       user.first_name = omniauth['info']['first_name']
@@ -53,6 +58,9 @@ class UserSessionsController < ApplicationController
       end
     end
 
+    # For the benefit of functional and integration tests:
+    @user = user
+
     # prevent ArvadosModel#before_create and _update from throwing
     # "unauthorized":
     Thread.current[:user] = user
@@ -132,4 +140,8 @@ class UserSessionsController < ApplicationController
     callback_url += 'api_token=' + api_client_auth.api_token
     redirect_to callback_url
   end
+
+  def cross_origin_forbidden
+    send_error 'Forbidden', status: 403
+  end
 end