projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Respond with an error status if save fails during create method.
[arvados.git] / services / api / app / models / authorized_key.rb
diff --git a/services/api/app/models/authorized_key.rb b/services/api/app/models/authorized_key.rb
index afb33e60f8121229c15d003129a3d4492f250055..2b30d4b7e3320d73d23642d9876f0494df7beb94 100644 (file)
--- a/services/api/app/models/authorized_key.rb
+++ b/services/api/app/models/authorized_key.rb
@@ -7,6 +7,8 @@ class AuthorizedKey < ArvadosModel
 
   belongs_to :authorized_user, :foreign_key => :authorized_user_uuid, :class_name => 'User', :primary_key => :uuid
 
+  validate :public_key_must_be_unique
+
   api_accessible :user, extend: :common do |t|
     t.add :name
     t.add :key_type
@@ -28,4 +30,21 @@ class AuthorizedKey < ArvadosModel
     # Default = deny.
     false
   end
+
+  def public_key_must_be_unique
+    if self.public_key
+      key = /ssh-rsa [A-Za-z0-9+\/]+/.match(self.public_key)
+      
+      if not key
+        errors.add(:public_key, "Does not appear to be a valid ssh-rsa key")
+      else
+        # Valid if no other rows have this public key
+        if self.class.where('public_key like ?', "%#{key[0]}%").any?
+          errors.add(:public_key, "Key already exists in the database, use a different key.")
+          return false
+        end
+      end
+    end
+    return true
+  end
 end