[ARVADOS] created: 1.3.0-1868-g943827578

Git user git at public.curoverse.com
Fri Nov 15 04:33:38 UTC 2019 

        at  943827578884b09a155443a9d2bb685a327070f9 (commit)


commit 943827578884b09a155443a9d2bb685a327070f9
Author: Tom Clegg <tclegg at veritasgenetics.com>
Date:   Thu Nov 14 23:32:40 2019 -0500

    15107: Add Users.PreferDomainForUsername config.
    
    Corresponds to get_username_from_domain feature in sso-provider.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg at veritasgenetics.com>

diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml
index 81c36b9bf..6afbf429c 100644
--- a/lib/config/config.default.yml
+++ b/lib/config/config.default.yml
@@ -275,6 +275,12 @@ Clusters:
       # in the directory where your API server is running.
       AnonymousUserToken: ""
 
+      # If a new user has an alternate email address (local at domain)
+      # with the domain given here, its local part becomes the new
+      # user's default username. Otherwise, the user's primary email
+      # address is used.
+      PreferDomainForUsername: ""
+
     AuditLogs:
       # Time to keep audit logs, in seconds. (An audit log is a row added
       # to the "logs" table in the PostgreSQL database each time an
diff --git a/lib/config/export.go b/lib/config/export.go
index 7adacab4c..413ff9578 100644
--- a/lib/config/export.go
+++ b/lib/config/export.go
@@ -167,6 +167,7 @@ var whitelist = map[string]bool{
 	"Users.NewInactiveUserNotificationRecipients":  false,
 	"Users.NewUserNotificationRecipients":          false,
 	"Users.NewUsersAreActive":                      false,
+	"Users.PreferDomainForUsername":                false,
 	"Users.UserNotifierEmailFrom":                  false,
 	"Users.UserProfileNotificationAddress":         false,
 	"Volumes":                                      true,
diff --git a/lib/config/generated_config.go b/lib/config/generated_config.go
index 68dea169f..43f29a2c1 100644
--- a/lib/config/generated_config.go
+++ b/lib/config/generated_config.go
@@ -281,6 +281,12 @@ Clusters:
       # in the directory where your API server is running.
       AnonymousUserToken: ""
 
+      # If a new user has an alternate email address (local at domain)
+      # with the domain given here, its local part becomes the new
+      # user's default username. Otherwise, the user's primary email
+      # address is used.
+      PreferDomainForUsername: ""
+
     AuditLogs:
       # Time to keep audit logs, in seconds. (An audit log is a row added
       # to the "logs" table in the PostgreSQL database each time an
diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index 13ae366eb..dc634e8d8 100644
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -207,6 +207,9 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
 	for ae := range altEmails {
 		if ae != ret.Email {
 			ret.AlternateEmails = append(ret.AlternateEmails, ae)
+			if i := strings.Index(ae, "@"); i > 0 && strings.ToLower(ae[i+1:]) == strings.ToLower(cluster.Users.PreferDomainForUsername) {
+				ret.Username = strings.SplitN(ae[:i], "+", 2)[0]
+			}
 		}
 	}
 	return &ret, nil
diff --git a/lib/controller/localdb/login_test.go b/lib/controller/localdb/login_test.go
index c5b9ee068..3cc4c380c 100644
--- a/lib/controller/localdb/login_test.go
+++ b/lib/controller/localdb/login_test.go
@@ -148,6 +148,7 @@ func (s *LoginSuite) SetUpTest(c *check.C) {
 	s.cluster, err = cfg.GetCluster("")
 	s.cluster.Login.GoogleClientID = "test%client$id"
 	s.cluster.Login.GoogleClientSecret = "test#client/secret"
+	s.cluster.Users.PreferDomainForUsername = "PreferDomainForUsername.example.com"
 	c.Assert(err, check.IsNil)
 
 	s.localdb = NewConn(s.cluster)
@@ -364,6 +365,10 @@ func (s *LoginSuite) TestGoogleLogin_AlternateEmailAddresses_Primary(c *check.C)
 				"metadata": map[string]interface{}{"verified": true},
 				"value":    "joe.smith at alternate.example.com",
 			},
+			{
+				"metadata": map[string]interface{}{"verified": true},
+				"value":    "joe.smith at preferdomainforusername.example.com",
+			},
 		},
 	}
 	state := s.startLogin(c)
@@ -373,7 +378,8 @@ func (s *LoginSuite) TestGoogleLogin_AlternateEmailAddresses_Primary(c *check.C)
 	})
 	authinfo := s.getCallbackAuthInfo(c)
 	c.Check(authinfo.Email, check.Equals, "joe.smith at primary.example.com")
-	c.Check(authinfo.AlternateEmails, check.DeepEquals, []string{"joe.smith at alternate.example.com"})
+	c.Check(authinfo.AlternateEmails, check.DeepEquals, []string{"joe.smith at alternate.example.com", "joe.smith at preferdomainforusername.example.com"})
+	c.Check(authinfo.Username, check.Equals, "joe.smith")
 }
 
 func (s *LoginSuite) TestGoogleLogin_NoPrimaryEmailAddress(c *check.C) {
@@ -400,6 +406,7 @@ func (s *LoginSuite) TestGoogleLogin_NoPrimaryEmailAddress(c *check.C) {
 	authinfo := s.getCallbackAuthInfo(c)
 	c.Check(authinfo.Email, check.Equals, "joe.smith at work.example.com") // first verified email in People response
 	c.Check(authinfo.AlternateEmails, check.DeepEquals, []string{"joe.smith at home.example.com"})
+	c.Check(authinfo.Username, check.Equals, "")
 }
 
 func (s *LoginSuite) getCallbackAuthInfo(c *check.C) (authinfo rpc.UserSessionAuthInfo) {
diff --git a/lib/controller/rpc/conn.go b/lib/controller/rpc/conn.go
index 7d7cb486f..3d6a98520 100644
--- a/lib/controller/rpc/conn.go
+++ b/lib/controller/rpc/conn.go
@@ -320,6 +320,7 @@ type UserSessionAuthInfo struct {
 	AlternateEmails []string `json:"alternate_emails"`
 	FirstName       string   `json:"first_name"`
 	LastName        string   `json:"last_name"`
+	Username        string   `json:"username"`
 }
 
 type UserSessionCreateOptions struct {
diff --git a/sdk/go/arvados/config.go b/sdk/go/arvados/config.go
index 805efb7db..72128a9dc 100644
--- a/sdk/go/arvados/config.go
+++ b/sdk/go/arvados/config.go
@@ -174,6 +174,7 @@ type Cluster struct {
 		NewUsersAreActive                     bool
 		UserNotifierEmailFrom                 string
 		UserProfileNotificationAddress        string
+		PreferDomainForUsername               string
 	}
 	Volumes   map[string]Volume
 	Workbench struct {
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 7a3a854b3..a49aa6f56 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -435,7 +435,7 @@ class User < ArvadosModel
                               :is_admin => false,
                               :is_active => Rails.configuration.Users.NewUsersAreActive)
 
-      primary_user.set_initial_username(requested: info['username']) if info['username']
+      primary_user.set_initial_username(requested: info['username']) if info['username'] && !info['username'].blank?
       primary_user.identity_url = info['identity_url'] if identity_url
     end
 

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list