X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/696e9cc71bb82411bb73148e5cdf1d68b11b709b..8e69317214ad56a6255f56725fa3b966c663eda3:/services/api/app/controllers/user_sessions_controller.rb diff --git a/services/api/app/controllers/user_sessions_controller.rb b/services/api/app/controllers/user_sessions_controller.rb index 3ac47d46cf..a7391bd732 100644 --- a/services/api/app/controllers/user_sessions_controller.rb +++ b/services/api/app/controllers/user_sessions_controller.rb @@ -2,6 +2,7 @@ class UserSessionsController < ApplicationController before_filter :require_auth_scope_all, :only => [ :destroy ] skip_before_filter :find_object_by_uuid + skip_before_filter :render_404_if_no_object respond_to :html @@ -23,12 +24,12 @@ class UserSessionsController < ApplicationController if not user # Check for permission to log in to an existing User record with # a different identity_url - Link.where(link_class: 'permission', - name: 'can_login', - tail_kind: 'email', - tail_uuid: omniauth['info']['email'], - head_kind: 'arvados#user').each do |link| - if prefix = link.properties[:identity_url_prefix] + Link.where("link_class = ? and name = ? and tail_uuid = ? and head_uuid like ?", + 'permission', + 'can_login', + omniauth['info']['email'], + User.uuid_like_pattern).each do |link| + if prefix = link.properties['identity_url_prefix'] if prefix == omniauth['info']['identity_url'][0..prefix.size-1] user = User.find_by_uuid(link.head_uuid) break if user @@ -120,7 +121,8 @@ class UserSessionsController < ApplicationController api_client_auth = ApiClientAuthorization. new(user: user, api_client: @api_client, - created_by_ip_address: remote_ip) + created_by_ip_address: remote_ip, + scopes: ["all"]) api_client_auth.save! if callback_url.index('?')