X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/0510460e9c5ad8f3d8cf20aa9428115e43284659..f2574ec2e4ddef03c9504cd58741e73426ea1b17:/services/api/app/models/user.rb

diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 50dc668448..8743b92b25 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -1,7 +1,11 @@
+require 'can_be_an_owner'
+
 class User < ArvadosModel
-  include AssignUuid
+  include HasUuid
   include KindAndEtag
   include CommonApiTemplate
+  include CanBeAnOwner
+
   serialize :prefs, Hash
   has_many :api_client_authorizations
   before_update :prevent_privilege_escalation
@@ -27,7 +31,7 @@ class User < ArvadosModel
   ALL_PERMISSIONS = {read: true, write: true, manage: true}
 
   def full_name
-    "#{first_name} #{last_name}"
+    "#{first_name} #{last_name}".strip
   end
 
   def is_invited
@@ -177,6 +181,10 @@ class User < ArvadosModel
 
   protected
 
+  def ensure_ownership_path_leads_to_user
+    true
+  end
+
   def permission_to_update
     # users must be able to update themselves (even if they are
     # inactive) in order to create sessions
@@ -245,12 +253,12 @@ class User < ArvadosModel
   end
 
   def create_oid_login_perm (openid_prefix)
-    login_perm_props = {identity_url_prefix: openid_prefix}
+    login_perm_props = { "identity_url_prefix" => openid_prefix}
 
     # Check oid_login_perm
     oid_login_perms = Link.where(tail_uuid: self.email,
                                    link_class: 'permission',
-                                   name: 'can_login').where("head_uuid like ?", User.uuid_like_pattern)
+                                   name: 'can_login').where("head_uuid = ?", self.uuid)
 
     if !oid_login_perms.any?
       # create openid login permission