[ARVADOS] created: 09898bcec15c30328ae9e720e9a0c7be1595a004

git at public.curoverse.com git at public.curoverse.com
Thu Jan 16 17:07:06 EST 2014


        at  09898bcec15c30328ae9e720e9a0c7be1595a004 (commit)


commit 09898bcec15c30328ae9e720e9a0c7be1595a004
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Jan 16 17:07:46 2014 -0500

    Adds validate :public_key_must_be_unique to AuthorizedKey which checks to see if the key
    a) looks like a ssh-rsa key
    b) that the key isn't already in the table

diff --git a/services/api/app/models/authorized_key.rb b/services/api/app/models/authorized_key.rb
index 88f8dc8..2b30d4b 100644
--- a/services/api/app/models/authorized_key.rb
+++ b/services/api/app/models/authorized_key.rb
@@ -32,9 +32,19 @@ class AuthorizedKey < ArvadosModel
   end
 
   def public_key_must_be_unique
-    key = /ssh-rsa [A-Za-z0-9+\/]+/.match(self.public_key)[0]
-
-    # Valid if no other rows have this public key
-    self.class.where('public_key like ? and uuid <> ?', "%#{key}%", self.uuid).empty?
+    if self.public_key
+      key = /ssh-rsa [A-Za-z0-9+\/]+/.match(self.public_key)
+      
+      if not key
+        errors.add(:public_key, "Does not appear to be a valid ssh-rsa key")
+      else
+        # Valid if no other rows have this public key
+        if self.class.where('public_key like ?', "%#{key[0]}%").any?
+          errors.add(:public_key, "Key already exists in the database, use a different key.")
+          return false
+        end
+      end
+    end
+    return true
   end
 end

commit 7ad430f157028a8f8ab52c6f17c4864ada271667
Merge: d8fde97 1cb10e7
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Jan 16 16:06:14 2014 -0500

    Merge branch 'master' into 1880-check-duplicate-public-key


commit d8fde97325067566bcdb877795eaa56a8ee8c201
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date:   Thu Jan 16 13:38:44 2014 -0500

    Added validate step, needs testing

diff --git a/services/api/app/models/authorized_key.rb b/services/api/app/models/authorized_key.rb
index afb33e6..88f8dc8 100644
--- a/services/api/app/models/authorized_key.rb
+++ b/services/api/app/models/authorized_key.rb
@@ -7,6 +7,8 @@ class AuthorizedKey < ArvadosModel
 
   belongs_to :authorized_user, :foreign_key => :authorized_user_uuid, :class_name => 'User', :primary_key => :uuid
 
+  validate :public_key_must_be_unique
+
   api_accessible :user, extend: :common do |t|
     t.add :name
     t.add :key_type
@@ -28,4 +30,11 @@ class AuthorizedKey < ArvadosModel
     # Default = deny.
     false
   end
+
+  def public_key_must_be_unique
+    key = /ssh-rsa [A-Za-z0-9+\/]+/.match(self.public_key)[0]
+
+    # Valid if no other rows have this public key
+    self.class.where('public_key like ? and uuid <> ?', "%#{key}%", self.uuid).empty?
+  end
 end

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list