X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/5fcebaf9f4c05cf63f2cfa6d69b5bf16e0a73b96..82b46502f25b6992c93bfe7689acc095aa447e5b:/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb?ds=sidebyside diff --git a/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb b/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb index b0853021a5..e176348121 100644 --- a/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb +++ b/services/api/app/controllers/arvados/v1/virtual_machines_controller.rb @@ -1,11 +1,8 @@ class Arvados::V1::VirtualMachinesController < ApplicationController - skip_before_filter(:require_auth_scope_all, - :only => [:logins, :get_all_logins]) + skip_before_filter :find_object_by_uuid, :only => :get_all_logins + skip_before_filter :render_404_if_no_object, :only => :get_all_logins before_filter(:admin_required, :only => [:logins, :get_all_logins]) - before_filter(:find_object_by_uuid, :only => :logins) - before_filter(:require_auth_scope_for_get_all_logins, - :only => [:logins, :get_all_logins]) def logins get_all_logins @@ -26,7 +23,7 @@ class Arvados::V1::VirtualMachinesController < ApplicationController @vms.each do |vm| vm.login_permissions.each do |perm| user_uuid = perm.tail_uuid - @users[user_uuid].andand.authorized_keys.each do |ak| + @users[user_uuid].andand.authorized_keys.andand.each do |ak| username = perm.properties.andand['username'] if username @response << { @@ -43,16 +40,4 @@ class Arvados::V1::VirtualMachinesController < ApplicationController end render json: { kind: "arvados#HashList", items: @response } end - - protected - - def require_auth_scope_for_get_all_logins - if @object - # Client wants all logins for a single VM. - require_auth_scope(['all', arvados_v1_virtual_machine_url(@object.uuid)]) - else - # ...for a non-existent VM, or all VMs. - require_auth_scope(['all']) - end - end end