X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/83a8512fad199107ff54762658a55176d479a5bb..525c942524426cb3ddc48ea63c18c4f300d47cb3:/services/api/app/models/user.rb diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb index b6b7e67ff1..52dd8d79ff 100644 --- a/services/api/app/models/user.rb +++ b/services/api/app/models/user.rb @@ -1,7 +1,11 @@ +require 'can_be_an_owner' + class User < ArvadosModel - include AssignUuid + include HasUuid include KindAndEtag include CommonApiTemplate + include CanBeAnOwner + serialize :prefs, Hash has_many :api_client_authorizations before_update :prevent_privilege_escalation @@ -9,7 +13,6 @@ class User < ArvadosModel before_create :check_auto_admin after_create :add_system_group_permission_link after_create :send_admin_notifications - after_create AdminNotifier has_many :authorized_keys, :foreign_key => :authorized_user_uuid, :primary_key => :uuid @@ -178,6 +181,10 @@ class User < ArvadosModel protected + def ensure_ownership_path_leads_to_user + true + end + def permission_to_update # users must be able to update themselves (even if they are # inactive) in order to create sessions @@ -331,21 +338,21 @@ class User < ArvadosModel perm_exists = false login_perms.each do |perm| - if perm.properties[:username] == repo_name - perm_exists = true + if perm.properties['username'] == repo_name + perm_exists = perm break end end - if !perm_exists + if perm_exists + login_perm = perm_exists + else login_perm = Link.create(tail_uuid: self.uuid, head_uuid: vm[:uuid], link_class: 'permission', name: 'can_login', - properties: {username: repo_name}) + properties: {'username' => repo_name}) logger.info { "login permission: " + login_perm[:uuid] } - else - login_perm = login_perms.first end return login_perm @@ -396,7 +403,9 @@ class User < ArvadosModel end end + # Send admin notifications def send_admin_notifications + AdminNotifier.new_user(self).deliver if not self.is_active then AdminNotifier.new_inactive_user(self).deliver end