projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d19180c)
2659: look for scopes and expires_at when getting anonymous token. also, update creat...
authorradhika <radhika@curoverse.com>
Mon, 30 Jun 2014 15:39:41 +0000 (11:39 -0400)
committerradhika <radhika@curoverse.com>
Mon, 30 Jun 2014 15:39:41 +0000 (11:39 -0400)
services/api/lib/current_api_client.rb patch | blob | history
services/api/script/get_anonymous_user_token.rb patch | blob | history

diff --git a/services/api/lib/current_api_client.rb b/services/api/lib/current_api_client.rb
index c5581502cf3b9e5eaa66f74271ed72c8998604ea..94bd2b56a887999fa73b6603944a45136cef4bd9 100644 (file)
--- a/services/api/lib/current_api_client.rb
+++ b/services/api/lib/current_api_client.rb
@@ -140,18 +140,18 @@ module CurrentApiClient
                                      last_name: 'anonymouspublic')
           $anonymous_user.save!
           $anonymous_user.reload
+        end
 
-          group_perms = Link.where(tail_uuid: anonymous_user_uuid,
-                                   head_uuid: anonymous_group_uuid,
-                                   link_class: 'permission',
-                                   name: 'can_read')
+        group_perms = Link.where(tail_uuid: anonymous_user_uuid,
+                                 head_uuid: anonymous_group_uuid,
+                                 link_class: 'permission',
+                                 name: 'can_read')
 
-          if !group_perms.any?
-            group_perm = Link.create(tail_uuid: anonymous_user_uuid,
-                                   head_uuid: anonymous_group_uuid,
-                                   link_class: 'permission',
-                                   name: 'can_read')
-          end
+        if !group_perms.any?
+          group_perm = Link.create!(tail_uuid: anonymous_user_uuid,
+                                    head_uuid: anonymous_group_uuid,
+                                    link_class: 'permission',
+                                    name: 'can_read')
         end
       end
     end
diff --git a/services/api/script/get_anonymous_user_token.rb b/services/api/script/get_anonymous_user_token.rb
index 76e20880a58a90037d83adbda619e3adb539e9db..6964af0b63fd5db32025c16c393a4082767eb991 100755 (executable)
--- a/services/api/script/get_anonymous_user_token.rb
+++ b/services/api/script/get_anonymous_user_token.rb
@@ -27,6 +27,7 @@ def create_api_client_auth
   api_client_auth = ApiClientAuthorization.
     new(user: anonymous_user,
         api_client_id: 0,
+        expires_at: Time.now + 100.years,
         scopes: ['GET /'])
   api_client_auth.save!
   api_client_auth.reload
@@ -34,7 +35,10 @@ end
 
 if get_existing
   api_client_auth = ApiClientAuthorization.
-    where('user_id=?', anonymous_user.id.to_i).first
+    where('user_id=?', anonymous_user.id.to_i).
+    where('expires_at>?', Time.now).
+    select { |auth| auth.scopes == ['GET /'] }.
+    first
 end
 
 # either not a get or no api_client_auth was found