14260: secret_mounts works with runtime_token

author Peter Amstutz <pamstutz@veritasgenetics.com>

Mon, 15 Oct 2018 20:53:40 +0000 (16:53 -0400)

committer Peter Amstutz <pamstutz@veritasgenetics.com>

Mon, 15 Oct 2018 20:53:40 +0000 (16:53 -0400)
author Peter Amstutz <pamstutz@veritasgenetics.com>
Mon, 15 Oct 2018 20:53:40 +0000 (16:53 -0400)
committer Peter Amstutz <pamstutz@veritasgenetics.com>
Mon, 15 Oct 2018 20:53:40 +0000 (16:53 -0400)
diff --git a/services/api/app/controllers/arvados/v1/containers_controller.rb b/services/api/app/controllers/arvados/v1/containers_controller.rb

index 064a829db9468e0fa1f73d544fb1529ed01cd593..98b987639bea61574423ae34322351569c803175 100644 (file)
--- a/services/api/app/controllers/arvados/v1/containers_controller.rb
+++ b/services/api/app/controllers/arvados/v1/containers_controller.rb
@@ -69,9 +69,8 @@ class Arvados::V1::ContainersController < ApplicationController
    end
  
    def secret_mounts
-    if @object &&
-       @object.auth_uuid &&
-       @object.auth_uuid == Thread.current[:api_client_authorization].uuid
+    c = Container.for_current_token
+    if @object && c && @object.uuid == c.uuid
        send_json({"secret_mounts" => @object.secret_mounts})
      else
        send_error("Token is not associated with this container.", status: 403)
author	Peter Amstutz <pamstutz@veritasgenetics.com>
	Mon, 15 Oct 2018 20:53:40 +0000 (16:53 -0400)
committer	Peter Amstutz <pamstutz@veritasgenetics.com>
	Mon, 15 Oct 2018 20:53:40 +0000 (16:53 -0400)