X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/3dccfa028282d8b667a7b447ea061b7eecc8618f..0eb72b526bf8bbb011551ecf019f604e17a534f1:/services/api/app/models/authorized_key.rb

diff --git a/services/api/app/models/authorized_key.rb b/services/api/app/models/authorized_key.rb
index 5856e0c8e8..a5c5081c40 100644
--- a/services/api/app/models/authorized_key.rb
+++ b/services/api/app/models/authorized_key.rb
@@ -1,3 +1,7 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
 class AuthorizedKey < ArvadosModel
   include HasUuid
   include KindAndEtag
@@ -33,13 +37,14 @@ class AuthorizedKey < ArvadosModel
 
   def public_key_must_be_unique
     if self.public_key
-      key = /^ssh-(rsa|dss) [A-Za-z0-9+\/=\+]+\b/.match(self.public_key)
-      
-      if not key
+      valid_key = SSHKey.valid_ssh_public_key? self.public_key
+
+      if not valid_key
         errors.add(:public_key, "does not appear to be a valid ssh-rsa or dsa public key")
       else
         # Valid if no other rows have this public key
-        if self.class.where('public_key like ?', "%#{key[0]}%").any?
+        if self.class.where('uuid != ? and public_key like ?',
+                            uuid || '', "%#{self.public_key}%").any?
           errors.add(:public_key, "already exists in the database, use a different key.")
           return false
         end