# identity url is unset or didn't find matching record.
emails = [info['email']] + (info['alternate_emails'] || [])
emails.select! {|em| !em.nil? && !em.empty?}
- emails.each do |em|
- # Go through each email address, try to find a user record
- # corresponding to one of the addresses supplied.
-
- user = User.unscoped.where('email = ? and uuid like ?',
- em,
- User.uuid_like_pattern).first
- if user
+
+ User.unscoped.where('email in (?) and uuid like ?',
+ emails,
+ User.uuid_like_pattern).each do |user|
+ if !primary_user
primary_user = user.redirects_to
- break
+ elsif primary_user.uuid != user.redirects_to.uuid
+ raise "Ambigious email address, directs to both #{primary_user.uuid} and #{user.redirects_to.uuid}"
end
end
end
primary_user.first_name = info['first_name'] if info['first_name']
primary_user.last_name = info['last_name'] if info['last_name']
- if (!primary_user.email or primary_user.identity_url.empty?) and (!primary_user.identity_url or primary_user.identity_url.empty?)
+ if (!primary_user.email or primary_user.email.empty?) and (!primary_user.identity_url or primary_user.identity_url.empty?)
raise "Must have supply at least one of 'email' or 'identity_url' to User.register"
end
end
def permission_to_update
- if username_changed? || redirect_to_user_uuid_changed?
+ if username_changed? || redirect_to_user_uuid_changed? || email_changed?
current_user.andand.is_admin
else
# users must be able to update themselves (even if they are
"uuid" => "zbbbb-tpzed-000000000001234",
"email" => 'foo@example.com',
"username" => 'barney',
- "is_active" => true
+ "is_active" => true,
+ "is_admin" => false
}
},
headers: {'HTTP_AUTHORIZATION' => "OAuth2 #{api_token(:admin)}"}
params: {format: 'json'},
headers: auth(remote: 'zbbbb')
assert_response :success
+ puts json_response
assert_equal 'zbbbb-tpzed-000000000001234', json_response['uuid']
- assert_nil json_response['is_admin']
+ assert_equal false, json_response['is_admin']
assert_equal true, json_response['is_active']
assert_equal 'foo@example.com', json_response['email']
assert_equal 'barney', json_response['username']
headers: auth(remote: 'zbbbb')
assert_response :success
assert_equal 'zbbbb-tpzed-000000000001234', json_response['uuid']
- assert_nil json_response['is_admin']
+ assert_equal false, json_response['is_admin']
assert_equal false, json_response['is_active']
assert_equal 'foo@example.com', json_response['email']
assert_equal 'barney', json_response['username']
end
test "lookup user by alternate email" do
+ # register method will find that active-user@arvados.local already
+ # exists and return existing 'active' user.
u = User.register({"email" => "user@parent-company.com",
"alternate_emails" => ["active-user@arvados.local"],
"identity_url" => "different-identity-url"})
active = User.find_by_uuid(users(:active).uuid)
assert_equal active.uuid, u.uuid
+
+ # identity_url and email of 'active' should be updated
assert_equal "different-identity-url", active.identity_url
assert_equal "user@parent-company.com", active.email
end
assert_equal "Baratheon", nbs.last_name
end
+ test "fail when email address is ambigious" do
+ User.register({"email" => "active-user@arvados.local"})
+ u = User.register({"email" => "never-before-seen-user@arvados.local"})
+ u.email = "active-user@arvados.local"
+ act_as_system_user do
+ u.save!
+ end
+ assert_raises do
+ User.register({"email" => "active-user@arvados.local"})
+ end
+ end
+
test "fail lookup without identifiers" do
assert_raises do
User.register({"first_name" => "Robert", "last_name" => "Baratheon"})
end
+ assert_raises do
+ User.register({"first_name" => "Robert", "last_name" => "Baratheon", "identity_url" => "", "email" => ""})
+ end
end
+ test "user can update name" do
+ set_user_from_auth :active
+ user = users(:active)
+ user.first_name = "MyNewName"
+ assert user.save
+ end
+
+ test "user cannot update email" do
+ set_user_from_auth :active
+ user = users(:active)
+ user.email = "new-name@example.com"
+ assert_not_allowed { user.save }
+ end
+
+ test "admin can update email" do
+ set_user_from_auth :admin
+ user = users(:active)
+ user.email = "new-name@example.com"
+ assert user.save
+ end
end