return sshconn, err
}
ctxRoot := auth.NewContext(ctx, &auth.Credentials{Tokens: []string{conn.cluster.SystemRootToken}})
- if !user.IsAdmin || !conn.cluster.Containers.ShellAccess.Admin {
+ if !*user.IsAdmin || !conn.cluster.Containers.ShellAccess.Admin {
if !conn.cluster.Containers.ShellAccess.User {
return sshconn, httpserver.ErrorWithStatus(errors.New("shell access is disabled in config"), http.StatusServiceUnavailable)
}
UUID string `json:"uuid"`
Etag string `json:"etag"`
IsActive bool `json:"is_active"`
- IsAdmin bool `json:"is_admin"`
+ IsAdmin *bool `json:"is_admin,omitempty"`
Username string `json:"username"`
Email string `json:"email"`
FullName string `json:"full_name"`
FirstName string `json:"first_name"`
LastName string `json:"last_name"`
IdentityURL string `json:"identity_url"`
- IsInvited bool `json:"is_invited"`
+ IsInvited *bool `json:"is_invited,omitempty"`
OwnerUUID string `json:"owner_uuid"`
CreatedAt time.Time `json:"created_at"`
ModifiedAt time.Time `json:"modified_at"`
as.appendCall(ctx, as.VocabularyGet, nil)
return arvados.Vocabulary{}, as.Error
}
+func (as *APIStub) DiscoveryDocument(ctx context.Context) (arvados.DiscoveryDocument, error) {
+ as.appendCall(ctx, as.DiscoveryDocument, nil)
+ return arvados.DiscoveryDocument{}, as.Error
+}
func (as *APIStub) Login(ctx context.Context, options arvados.LoginOptions) (arvados.LoginResponse, error) {
as.appendCall(ctx, as.Login, options)
return arvados.LoginResponse{}, as.Error
# format is YYYYMMDD, must be fixed width (needs to be lexically
# sortable), updated manually, may be used by clients to
# determine availability of API server features.
- revision: "20220510",
+ revision: "20231117",
source_version: AppVersion.hash,
sourceVersion: AppVersion.hash, # source_version should be deprecated in the future
packageVersion: AppVersion.package_version,
if err != nil {
return fmt.Errorf("CurrentUser(): %v", err)
}
- if !u.IsActive || !u.IsAdmin {
+ if !u.IsActive || !*u.IsAdmin {
return fmt.Errorf("current user (%s) is not an active admin user", u.UUID)
}
for _, srv := range bal.KeepServices {
func (h *handler) userPermittedToUploadOrDownload(method string, tokenUser *arvados.User) bool {
var permitDownload bool
var permitUpload bool
- if tokenUser != nil && tokenUser.IsAdmin {
+ if tokenUser != nil && tokenUser.IsAdmin != nil && *tokenUser.IsAdmin {
permitUpload = h.Cluster.Collections.WebDAVPermission.Admin.Upload
permitDownload = h.Cluster.Collections.WebDAVPermission.Admin.Download
} else {
return false, "", nil
}
- if userCurrentError == nil && user.IsAdmin {
+ if userCurrentError == nil && *user.IsAdmin {
// checking userCurrentError is probably redundant,
// IsAdmin would be false anyway. But can't hurt.
if op == "read" && !h.cluster.Collections.KeepproxyPermission.Admin.Download {