Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <pamstutz@veritasgenetics.com>
"fmt"
"io/ioutil"
"net/http"
+ "strings"
"git.curoverse.com/arvados.git/sdk/go/auth"
"git.curoverse.com/arvados.git/sdk/go/httpserver"
}
// Must be home cluster for this authorization
- if currentUser.Authorization.UUID[0:5] == h.handler.Cluster.ClusterID {
+ if strings.HasPrefix(currentUser.Authorization.UUID, h.handler.Cluster.ClusterID) {
newtok, err := h.handler.createAPItoken(req, currentUser.UUID, nil)
if err != nil {
httpserver.Error(w, err.Error(), http.StatusForbidden)
if op == "in" {
if rhs, ok := filter[2].([]interface{}); ok {
for _, i := range rhs {
- if u, ok := i.(string); ok {
+ if u, ok := i.(string); ok && len(u) == 27 {
*clusterId = u[0:5]
queryClusters[u[0:5]] = append(queryClusters[u[0:5]], u)
expectCount += 1
}
}
} else if op == "=" {
- if u, ok := filter[2].(string); ok {
+ if u, ok := filter[2].(string); ok && len(u) == 27 {
*clusterId = u[0:5]
queryClusters[u[0:5]] = append(queryClusters[u[0:5]], u)
expectCount += 1