X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/395ee15d9fa6be4c26be4a1ecda5926cf1172b65..cdf7b162906cb37d4ecf88ff6c72433bcdd8fc84:/services/api/app/controllers/user_sessions_controller.rb diff --git a/services/api/app/controllers/user_sessions_controller.rb b/services/api/app/controllers/user_sessions_controller.rb index 3674c010cb..0b80877bc2 100644 --- a/services/api/app/controllers/user_sessions_controller.rb +++ b/services/api/app/controllers/user_sessions_controller.rb @@ -1,5 +1,5 @@ class UserSessionsController < ApplicationController - before_filter :require_auth_scope_all, :only => [ :destroy ] + before_filter :require_auth_scope, :only => [ :destroy ] skip_before_filter :find_object_by_uuid skip_before_filter :render_404_if_no_object @@ -9,7 +9,6 @@ class UserSessionsController < ApplicationController # omniauth callback method def create omniauth = env['omniauth.auth'] - #logger.debug "+++ #{omniauth}" identity_url_ok = (omniauth['info']['identity_url'].length > 0) rescue false unless identity_url_ok @@ -24,11 +23,11 @@ class UserSessionsController < ApplicationController if not user # Check for permission to log in to an existing User record with # a different identity_url - Link.where(link_class: 'permission', - name: 'can_login', - tail_kind: 'email', - tail_uuid: omniauth['info']['email'], - head_kind: 'arvados#user').each do |link| + Link.where("link_class = ? and name = ? and tail_uuid = ? and head_uuid like ?", + 'permission', + 'can_login', + omniauth['info']['email'], + User.uuid_like_pattern).each do |link| if prefix = link.properties['identity_url_prefix'] if prefix == omniauth['info']['identity_url'][0..prefix.size-1] user = User.find_by_uuid(link.head_uuid) @@ -58,7 +57,7 @@ class UserSessionsController < ApplicationController # "unauthorized": Thread.current[:user] = user - user.save! + user.save or raise Exception.new(user.errors.messages) omniauth.delete('extra')