X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/1cfe69550c0cf25bc9dd8d2fc1468906f2b7e0e1..9151ad624bef1ae076940298c6890deadd79e2dd:/services/api/script/get_anonymous_user_token.rb diff --git a/services/api/script/get_anonymous_user_token.rb b/services/api/script/get_anonymous_user_token.rb index 6964af0b63..96619ef364 100755 --- a/services/api/script/get_anonymous_user_token.rb +++ b/services/api/script/get_anonymous_user_token.rb @@ -1,4 +1,7 @@ #!/usr/bin/env ruby +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 # Get or Create an anonymous user token. # If get option is used, an existing anonymous user token is returned. If none exist, one is created. @@ -14,23 +17,40 @@ opts = Trollop::options do Get an existing anonymous user token. If no such token exists \ or if this option is omitted, a new token is created and returned. eos + opt :token, "token to create (optional)", :type => :string end get_existing = opts[:get] +supplied_token = opts[:token] require File.dirname(__FILE__) + '/../config/environment' include ApplicationHelper act_as_system_user -def create_api_client_auth +def create_api_client_auth(supplied_token=nil) + + # If token is supplied, verify that it indeed is a superuser token + if supplied_token + api_client_auth = ApiClientAuthorization. + where(api_token: supplied_token). + first + if !api_client_auth + # fall through to create a token + else + raise "Token exists, aborting!" + end + end + api_client_auth = ApiClientAuthorization. new(user: anonymous_user, api_client_id: 0, expires_at: Time.now + 100.years, - scopes: ['GET /']) + scopes: ['GET /'], + api_token: supplied_token) api_client_auth.save! api_client_auth.reload + api_client_auth end if get_existing @@ -43,7 +63,7 @@ end # either not a get or no api_client_auth was found if !api_client_auth - api_client_auth = create_api_client_auth + api_client_auth = create_api_client_auth(supplied_token) end # print it to the console