before_filter :admin_required, only: [:setup, :unsetup]
def current
- @object = current_user
- show
+ if current_user
+ @object = current_user
+ show
+ else
+ send_error("Not logged in", status: 401)
+ end
end
+
def system
@object = system_user
show
end
end
+ # It's not always possible for the client to know the user's
+ # username when submitting this request: the username might have
+ # been assigned automatically in create!() above. If client
+ # provided a plain repository name, prefix it with the username
+ # now that we know what it is.
+ if params[:repo_name].nil?
+ full_repo_name = nil
+ elsif @object.username.nil?
+ raise ArgumentError.
+ new("cannot setup a repository because user has no username")
+ elsif object_found and
+ params[:repo_name].start_with?("#{@object.username}/")
+ full_repo_name = params[:repo_name]
+ else
+ full_repo_name = "#{@object.username}/#{params[:repo_name]}"
+ end
+
if object_found
- @response = @object.setup_repo_vm_links params[:repo_name],
+ @response = @object.setup_repo_vm_links full_repo_name,
params[:vm_uuid], params[:openid_prefix]
else
@response = User.setup @object, params[:openid_prefix],
- params[:repo_name], params[:vm_uuid]
+ full_repo_name, params[:vm_uuid]
end
# setup succeeded. send email to user
}
end
- def apply_filters
- return super if @read_users.any? &:is_admin
+ def apply_filters(model_class=nil)
+ return super if @read_users.any?(&:is_admin)
if params[:uuid] != current_user.andand.uuid
# Non-admin index/show returns very basic information about readable users.
safe_attrs = ["uuid", "is_active", "email", "first_name", "last_name"]
projects / arvados.git / blobdiff