projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d7597b9)
16387: Allow batch update to set is_active=false for a remote user.
authorTom Clegg <tom@tomclegg.ca>
Mon, 4 May 2020 14:53:21 +0000 (10:53 -0400)
committerPeter Amstutz <peter.amstutz@curii.com>
Mon, 8 Jun 2020 18:58:18 +0000 (14:58 -0400)
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@tomclegg.ca>

services/api/app/controllers/arvados/v1/users_controller.rb patch | blob | history
services/api/app/models/user.rb patch | blob | history

diff --git a/services/api/app/controllers/arvados/v1/users_controller.rb b/services/api/app/controllers/arvados/v1/users_controller.rb
index 6a5fbbc509cdf430ee75712cc86fa02e033c12bc..647b62fea8eb4bd533b1b9989b5fc02560909ab6 100644 (file)
--- a/services/api/app/controllers/arvados/v1/users_controller.rb
+++ b/services/api/app/controllers/arvados/v1/users_controller.rb
@@ -51,7 +51,10 @@ class Arvados::V1::UsersController < ApplicationController
       @object = current_user
     end
     if not @object.is_active
-      if not (current_user.is_admin or @object.is_invited)
+      if @object.uuid[0..4] != Rails.configuration.ClusterID
+        logger.warn "Remote user #{@object.uuid} called users.activate"
+        raise ArgumentError.new "cannot activate remote account"
+      elsif not (current_user.is_admin or @object.is_invited)
         logger.warn "User #{@object.uuid} called users.activate " +
           "but is not invited"
         raise ArgumentError.new "Cannot activate without being invited."
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 310c2ca6980d2776936321e55000ebf2b930f353..3f0a970629382d68a5cb2a06ca11634074a9f855 100644 (file)
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -239,8 +239,9 @@ class User < ArvadosModel
 
   def must_unsetup_to_deactivate
     if self.is_active_changed? &&
-       self.is_active_was == true &&
-       !self.is_active
+       self.is_active_was &&
+       !self.is_active &&
+       self.uuid[0..4] == Rails.configuration.ClusterID
 
       group = Group.where(name: 'All users').select do |g|
         g[:uuid].match(/-f+$/)