Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@tomclegg.ca>
@object = current_user
end
if not @object.is_active
@object = current_user
end
if not @object.is_active
- if @object.uuid[0..4] != Rails.configuration.ClusterID
- logger.warn "Remote user #{@object.uuid} called users.activate"
- raise ArgumentError.new "cannot activate remote account"
+ if @object.uuid[0..4] == Rails.configuration.Login.LoginCluster &&
+ @object.uuid[0..4] != Rails.configuration.ClusterID
+ logger.warn "Local user #{@object.uuid} called users#activate but only LoginCluster can do that"
+ raise ArgumentError.new "cannot activate user #{@object.uuid} here, only the #{@object.uuid[0..4]} cluster can do that"
elsif not (current_user.is_admin or @object.is_invited)
logger.warn "User #{@object.uuid} called users.activate " +
"but is not invited"
elsif not (current_user.is_admin or @object.is_invited)
logger.warn "User #{@object.uuid} called users.activate " +
"but is not invited"
end
def must_unsetup_to_deactivate
end
def must_unsetup_to_deactivate
- if self.is_active_changed? &&
+ if !self.new_record? &&
+ self.uuid[0..4] == Rails.configuration.Login.LoginCluster &&
+ self.uuid[0..4] != Rails.configuration.ClusterID
+ # OK to update our local record to whatever the LoginCluster
+ # reports, because self-activate is not allowed.
+ return
+ elsif self.is_active_changed? &&
- !self.is_active &&
- self.uuid[0..4] == Rails.configuration.ClusterID
group = Group.where(name: 'All users').select do |g|
g[:uuid].match(/-f+$/)
group = Group.where(name: 'All users').select do |g|
g[:uuid].match(/-f+$/)
projects / arvados.git / commitdiff