X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/df5c912a9eb5af7222e5446bc437ee97262542c8..91f7e961f18c0ef8ae584d1c8a53d322b617efee:/lib/controller/fed_containers.go?ds=sidebyside diff --git a/lib/controller/fed_containers.go b/lib/controller/fed_containers.go index 7fd5b25ad2..fd4f0521bc 100644 --- a/lib/controller/fed_containers.go +++ b/lib/controller/fed_containers.go @@ -12,14 +12,14 @@ import ( "net/http" "strings" - "git.curoverse.com/arvados.git/sdk/go/auth" - "git.curoverse.com/arvados.git/sdk/go/httpserver" + "git.arvados.org/arvados.git/sdk/go/auth" + "git.arvados.org/arvados.git/sdk/go/httpserver" ) func remoteContainerRequestCreate( h *genericFederatedRequestHandler, effectiveMethod string, - clusterId *string, + clusterID *string, uuid string, remainder string, w http.ResponseWriter, @@ -33,19 +33,20 @@ func remoteContainerRequestCreate( creds := auth.NewCredentials() creds.LoadTokensFromHTTPRequest(req) - currentUser, err := h.handler.validateAPItoken(req, creds.Tokens[0]) + currentUser, ok, err := h.handler.validateAPItoken(req, creds.Tokens[0]) if err != nil { - httpserver.Error(w, err.Error(), http.StatusForbidden) + httpserver.Error(w, err.Error(), http.StatusInternalServerError) + return true + } else if !ok { + httpserver.Error(w, "invalid API token", http.StatusForbidden) return true } - if *clusterId == "" { - *clusterId = h.handler.Cluster.ClusterID - } - - if strings.HasPrefix(currentUser.Authorization.UUID, h.handler.Cluster.ClusterID) && - *clusterId == h.handler.Cluster.ClusterID { - // local user submitting container request to local cluster + if *clusterID == "" || *clusterID == h.handler.Cluster.ClusterID { + // Submitting container request to local cluster. No + // need to set a runtime_token (rails api will create + // one when the container runs) or do a remote cluster + // request. return false } @@ -65,14 +66,14 @@ func remoteContainerRequestCreate( crString, ok := request["container_request"].(string) if ok { - var crJson map[string]interface{} - err := json.Unmarshal([]byte(crString), &crJson) + var crJSON map[string]interface{} + err := json.Unmarshal([]byte(crString), &crJSON) if err != nil { httpserver.Error(w, err.Error(), http.StatusBadRequest) return true } - request["container_request"] = crJson + request["container_request"] = crJSON } containerRequest, ok := request["container_request"].(map[string]interface{}) @@ -116,7 +117,7 @@ func remoteContainerRequestCreate( req.ContentLength = int64(buf.Len()) req.Header.Set("Content-Length", fmt.Sprintf("%v", buf.Len())) - resp, err := h.handler.remoteClusterRequest(*clusterId, req) + resp, err := h.handler.remoteClusterRequest(*clusterID, req) h.handler.proxy.ForwardResponse(w, resp, err) return true }