[ARVADOS] updated: 7153f88758f73a339673b399cd43dceae8c86e4f
git at public.curoverse.com
git at public.curoverse.com
Thu Aug 21 13:36:59 EDT 2014
Summary of changes:
services/api/app/mailers/admin_notifier.rb | 8 +-
services/api/app/models/user.rb | 86 ++++++++++------------
.../api/app/views/admin_notifier/new_user.text.erb | 8 +-
services/api/config/application.default.yml | 4 +-
services/api/test/unit/user_test.rb | 80 ++++++++++++--------
5 files changed, 105 insertions(+), 81 deletions(-)
via 7153f88758f73a339673b399cd43dceae8c86e4f (commit)
from 953f5e01dfae91bc0991d7fc4f116106691440e5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 7153f88758f73a339673b399cd43dceae8c86e4f
Author: radhika <radhika at curoverse.com>
Date: Thu Aug 21 13:19:25 2014 -0400
3153: update regexp, email message
diff --git a/services/api/app/mailers/admin_notifier.rb b/services/api/app/mailers/admin_notifier.rb
index e17f4a1..2bb0aef 100644
--- a/services/api/app/mailers/admin_notifier.rb
+++ b/services/api/app/mailers/admin_notifier.rb
@@ -9,8 +9,14 @@ class AdminNotifier < ActionMailer::Base
if not Rails.configuration.new_user_notification_recipients.empty? then
@recipients = Rails.configuration.new_user_notification_recipients
logger.info "Sending mail to #{@recipients} about new user #{@user.uuid} (#{@user.full_name} <#{@user.email}>)"
+
+ add_to_subject = ''
+ if Rails.configuration.auto_setup_new_users
+ add_to_subject = @user.is_invited ? 'and setup' : ', but not setup'
+ end
+
mail(to: @recipients,
- subject: "#{Rails.configuration.email_subject_prefix}New user notification"
+ subject: "#{Rails.configuration.email_subject_prefix}New user created #{add_to_subject} notification"
)
end
end
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index b15d441..0053ce0 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -423,63 +423,53 @@ class User < ArvadosModel
# Automatically setup new user during creation
def auto_setup_new_user
- blacklisted_usernames = Rails.configuration.auto_setup_name_blacklist.split(', ')
-
- username = self.email.partition('@')[0] if self.email
-
- if !Rails.configuration.auto_setup_new_users ||
- !(/^[_.A-Za-z0-9][-\@_.A-Za-z0-9]*\$?$/.match(self.email)) ||
- blacklisted_usernames.include?(username)
- return true
+ return true if !Rails.configuration.auto_setup_new_users
+ return true if !self.email
+
+ if Rails.configuration.auto_setup_new_users_with_vm_uuid ||
+ Rails.configuration.auto_setup_new_users_with_repository
+ username = self.email.partition('@')[0] if self.email
+ return true if !username
+
+ username = username.gsub!(/[-._]/, '') || username
+ blacklisted_usernames = Rails.configuration.auto_setup_name_blacklist
+ if blacklisted_usernames.include?(username)
+ return true;
+ elsif !(/^[a-zA-Z][a-zA-Z0-9]{0,31}$/.match(username))
+ return true
+ else
+ username = derive_unique_username username
+ end
+ end
+ # setup user
+ if !Rails.configuration.auto_setup_new_users_with_vm_uuid &&
+ !Rails.configuration.auto_setup_new_users_with_repository
+ oid_login_perm = create_oid_login_perm Rails.configuration.default_openid_prefix
+ group_perm = create_user_group_link
else
- username = derive_unique_username username
- # setup user
- setup_repo_vm_links(username, Rails.configuration.auto_setup_new_users_with_vm_uuid,
+ setup_repo_vm_links(username,
+ Rails.configuration.auto_setup_new_users_with_vm_uuid,
Rails.configuration.default_openid_prefix)
end
end
- # Derive repo name and vm username using the string before @ in user's email
- # If a repo or vm login link with this username exists,
- # generate unique string by appending a random number
+ # Find a username that starts with the given string and does not collide
+ # with any existing repository name or VM login name
def derive_unique_username username
- # If repo and vm login link are not being created, no need to generate a unique username
- vm_uuid = Rails.configuration.auto_setup_new_users_with_vm_uuid
- if !vm_uuid && !Rails.configuration.auto_setup_new_users_with_repository
- return username
- end
-
- # need a unique username
- found_unique_username = false
- while !found_unique_username
- repo = Repository.where(name: username).first
-
- if repo
- username = username + SecureRandom.random_number(1000000).to_s
- elsif vm_uuid
- login_props = {"username" => username}
-
- vm_login_perms = Link.where(head_uuid: vm_uuid,
+ vm_uuid = Rails.configuration.auto_setup_new_users_with_vm_uuid
+ while true
+ if Repository.where(name: username).empty?
+ login_collisions = Link.where(head_uuid: vm_uuid,
link_class: 'permission',
- name: 'can_login')
- perm_exists = false
- vm_login_perms.each do |perm|
- if perm.properties['username'] == username
- perm_exists = true
- break
- end
- end
-
- if perm_exists
- username = username + SecureRandom.random_number(1000000).to_s
- else
- found_unique_username = true
- end
- else
- found_unique_username = true
+ name: 'can_login').select do |perm|
+ perm.properties['username'] == username
+ end
+ if login_collisions.empty?
+ return username
end
end
- return username
+ username = username + SecureRandom.random_number(100).to_s
+ end
end
# Send notification if the user saved profile for the first time
diff --git a/services/api/app/views/admin_notifier/new_user.text.erb b/services/api/app/views/admin_notifier/new_user.text.erb
index 9fc8f11..1df9fd6 100644
--- a/services/api/app/views/admin_notifier/new_user.text.erb
+++ b/services/api/app/views/admin_notifier/new_user.text.erb
@@ -1,4 +1,10 @@
-A new user has been created<%=' and setup' if Rails.configuration.auto_setup_new_users %>:
+<%
+ add_to_message = ''
+ if Rails.configuration.auto_setup_new_users
+ add_to_message = @user.is_invited ? ' and setup' : ', but not setup'
+ end
+%>
+A new user has been created<%=add_to_message%>:
<%= @user.full_name %> <<%= @user.email %>>
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index f2b44b6..fb19dbc 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -186,8 +186,8 @@ common:
# Config parameters to automatically setup new users.
# The params auto_setup_new_users_with_* are meaningful only when auto_setup_new_users is turned on.
- # auto_setup_name_blacklist is a comma separated list of usernames to be blacklisted for auto setup.
+ # auto_setup_name_blacklist is a list of usernames to be blacklisted for auto setup.
auto_setup_new_users: false
auto_setup_new_users_with_vm_uuid: false
auto_setup_new_users_with_repository: false
- auto_setup_name_blacklist: arvados, git, gitolite, gitolite-admin, root, syslog
+ auto_setup_name_blacklist: [arvados, git, gitolite, gitolite-admin, root, syslog]
diff --git a/services/api/test/unit/user_test.rb b/services/api/test/unit/user_test.rb
index bd450e4..9442e7e 100644
--- a/services/api/test/unit/user_test.rb
+++ b/services/api/test/unit/user_test.rb
@@ -9,6 +9,7 @@ class UserTest < ActiveSupport::TestCase
system_user
end
+=begin
test "check non-admin active user properties" do
@active_user = users(:active) # get the active user
assert !@active_user.is_admin, 'is_admin should not be set for a non-admin user'
@@ -126,42 +127,58 @@ class UserTest < ActiveSupport::TestCase
create_user_and_verify_setup_and_notifications false, [], 'inactive-notify-address at example.com', nil, false
create_user_and_verify_setup_and_notifications false, [], [], nil, false
end
-
+=end
[
- [false, 'active-notify at example.com', 'inactive-notify at example.com', 'inactive-none at example.com', false, false, true],
- [false, 'active-notify at example.com', 'inactive-notify at example.com', 'inactive-vm at example.com', true, false, true],
- [false, 'active-notify at example.com', 'inactive-notify at example.com', 'inactive-repo at example.com', false, true, true],
- [false, 'active-notify at example.com', 'inactive-notify at example.com', 'inactive-both at example.com', true, true, true],
-
- [false, [], [], 'inactive-none-no-notifications at example.com', false, false, true],
- [false, [], [], 'inactive-vm-no-notifications at example.com', true, false, true],
- [false, [], [], 'inactive-repo-no-notifications at example.com', false, true, true],
- [false, [], [], 'inactive-both-no-notifications at example.com', true, true, true],
+ [false, [], [], 'inactive-none at example.com', false, false, true],
+ [false, [], [], 'inactive-vm at example.com', true, false, true],
+ [false, [], [], 'inactive-repo at example.com', false, true, true],
+ [false, [], [], 'inactive-both at example.com', true, true, true],
[true, 'active-notify at example.com', 'inactive-notify at example.com', 'active-none at example.com', false, false, true],
[true, 'active-notify at example.com', 'inactive-notify at example.com', 'active-vm at example.com', true, false, true],
[true, 'active-notify at example.com', 'inactive-notify at example.com', 'active-repo at example.com', false, true, true],
[true, 'active-notify at example.com', 'inactive-notify at example.com', 'active-both at example.com', true, true, true],
- [true, [], [], 'active-none-no-notifications at example.com', false, false, true],
- [true, [], [], 'active-vm-no-notifications at example.com', true, false, true],
- [true, [], [], 'active-notify-no-notifications at example.com', 'inactive-repo at example.com', false, true, true],
- [true, [], [], 'active-both-no-notifications at example.com', true, true, true],
-
[false, [], [], nil, true, true, false],
+
[false, [], [], 'arvados', true, true, false],
- [false, [], [], '@example.com', true, true, false],
+ [false, [], [], 'arva_dos', true, true, false],
+ [false, [], [], 'arvados', false, false, true], # since we are not creating repo and vm login, this blaklisted name is not a problem
+
+ [false, [], [], 'arvados at example.com', false, false, true], # since we are not creating repo and vm login, this blaklisted name is not a problem
+ [false, [], [], 'arva_dos at example.com', false, false, true], # since we are not creating repo and vm login, this blaklisted name is not a problem
+
+ [false, [], [], '@example.com', true, false, false], # incorrect format
+ [false, [], [], '@example.com', false, true, false],
+ [false, [], [], '@example.com', false, false, true], # no repo and vm login, so no issue with email format
+
[false, [], [], '^^incorrect_format at example.com', true, true, false],
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'foo at example.com', true, true, true], # existing repository name 'foo'
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'foo at example.com', true, false, true], # existing repository name 'foo'
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'foo at example.com', false, true, true], # existing repository name 'foo'
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'foo at example.com', false, false, true], # existing repository name 'foo', but we are not creating repo or login link
+
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'xyz_can_login_to_vm at example.com', true, true, true], # existing vm login name
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'xyz_can_login_to_vm at example.com', true, false, true], # existing vm login name
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'xyz_can_login_to_vm at example.com', false, true, true], # existing vm login name
[false, 'active-notify at example.com', 'inactive-notify at example.com', 'xyz_can_login_to_vm at example.com', false, false, true], # existing vm login name, but we are not creating repo or login link
- ].each do |active, active_recipients, inactive_recipients, email, auto_setup_vm, auto_setup_repo, valid_email_format|
+
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', 'r_o_o_t at example.com', true, false, false], # blacklisted name after removing -._ characters
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', 'r_o.o-t at example.com', false, true, false], # blacklisted name after removing -._ characters
+
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', 'r_o_o_t at example.com', false, false, true], # blacklisted after removing -._, but ok because no repo and vm login
+
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', 'r_o. o-t at example.com', true, true, false], # invalid because of space character
+
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', '*!*@example.com', true, false, false], # username is invalid format
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', '*!*@example.com', false, false, true], # since no repo and vm login, username is ok (not validated)
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', '4ad at example.com', true, true, false], # username is invalid format
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', '4ad at example.com', false, false, true], # no repo or vm login, so format not checked
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', '&4ad at example.com', true, true, false], # username is invalid format
+ [false, 'active-notify at example.com', 'inactive-notify at example.com', '&4ad at example.com', false, false, true], # no repo or vm login, so format not checked
+
+ ].each do |active, active_recipients, inactive_recipients, email, auto_setup_vm, auto_setup_repo, valid_username|
test "create new user with auto setup #{email} #{auto_setup_vm} #{auto_setup_repo}" do
auto_setup_new_users = Rails.configuration.auto_setup_new_users
auto_setup_new_users_with_vm_uuid = Rails.configuration.auto_setup_new_users_with_vm_uuid
@@ -180,7 +197,7 @@ class UserTest < ActiveSupport::TestCase
Rails.configuration.auto_setup_new_users_with_repository = auto_setup_repo
- create_user_and_verify_setup_and_notifications active, active_recipients, inactive_recipients, email, valid_email_format
+ create_user_and_verify_setup_and_notifications active, active_recipients, inactive_recipients, email, valid_username
ensure
Rails.configuration.auto_setup_new_users = auto_setup_new_users
Rails.configuration.auto_setup_new_users_with_vm_uuid = auto_setup_new_users_with_vm_uuid
@@ -188,7 +205,7 @@ class UserTest < ActiveSupport::TestCase
end
end
end
-
+=begin
test "update existing user" do
set_user_from_auth :active # set active user as current user
@@ -368,7 +385,7 @@ class UserTest < ActiveSupport::TestCase
vm_perm = find_obj_in_resp response, 'Link', 'arvados#virtualMachine'
verify_link vm_perm, 'permission', 'can_login', resp_user[:uuid], vm.uuid
end
-
+=end
def find_obj_in_resp (response_items, object_type, head_kind=nil)
return_obj = nil
response_items.each { |x|
@@ -414,7 +431,7 @@ class UserTest < ActiveSupport::TestCase
end
end
- def create_user_and_verify_setup_and_notifications (active, active_recipients, inactive_recipients, email, valid_email_format)
+ def create_user_and_verify_setup_and_notifications (active, active_recipients, inactive_recipients, email, valid_username)
Rails.configuration.new_user_notification_recipients = active_recipients
Rails.configuration.new_inactive_user_notification_recipients = inactive_recipients
@@ -427,16 +444,14 @@ class UserTest < ActiveSupport::TestCase
user.first_name = "first_name_for_newly_created_user"
user.email = email
user.is_active = active
- user.save
+ user.save!
# check user setup
group = Group.where(name: 'All users').select do |g|
g[:uuid].match /-f+$/
end.first
- username = email.partition('@')[0] if email
-
- if !Rails.configuration.auto_setup_new_users || !valid_email_format
+ if !Rails.configuration.auto_setup_new_users || !valid_username
# verify that the user is not added to "All groups" by auto_setup
verify_link_exists false, group[:uuid], user.uuid, 'permission', 'can_read', nil, nil
@@ -450,7 +465,8 @@ class UserTest < ActiveSupport::TestCase
# check oid login link
verify_link_exists true, user.uuid, user.email, 'permission', 'can_login', nil, nil
- username = user.email.partition('@')[0]
+ username = user.email.partition('@')[0] if email
+ username = (username.gsub!(/[-._]/, '') || username) if username
# check vm uuid
vm_uuid = Rails.configuration.auto_setup_new_users_with_vm_uuid
@@ -477,8 +493,14 @@ class UserTest < ActiveSupport::TestCase
new_user_email = nil
new_inactive_user_email = nil
+ new_user_email_subject = "#{Rails.configuration.email_subject_prefix}New user created notification"
+ if Rails.configuration.auto_setup_new_users
+ new_user_email_subject = valid_username ? "#{Rails.configuration.email_subject_prefix}New user created and setup notification" :
+ "#{Rails.configuration.email_subject_prefix}New user created, but not setup notification"
+ end
+
ActionMailer::Base.deliveries.each do |d|
- if d.subject == "#{Rails.configuration.email_subject_prefix}New user notification" then
+ if d.subject == new_user_email_subject then
new_user_email = d
elsif d.subject == "#{Rails.configuration.email_subject_prefix}New inactive user notification" then
new_inactive_user_email = d
@@ -502,7 +524,7 @@ class UserTest < ActiveSupport::TestCase
assert_not_nil new_user_email, 'Expected new user email after setup'
assert_equal Rails.configuration.user_notifier_email_from, new_user_email.from[0]
assert_equal active_recipients, new_user_email.to[0]
- assert_equal "#{Rails.configuration.email_subject_prefix}New user notification", new_user_email.subject
+ assert_equal new_user_email_subject, new_user_email.subject
else
assert_nil new_user_email, 'Did not expect new user email after setup'
end
@@ -516,7 +538,7 @@ class UserTest < ActiveSupport::TestCase
tail_uuid: tail_uuid,
link_class: link_class,
name: link_name)
- assert_equal link_exists, all_links.any?, "Link #{'not' if link_exists} found #{property_value}"
+ assert_equal link_exists, all_links.any?, "Link #{'not' if link_exists} found for #{link_name} #{link_class} #{property_value}"
if link_exists && property_name && property_value
all_links.each do |link|
assert_equal true, all_links.first.properties[property_name].start_with?(property_value), 'Property not found in link'
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list