[ARVADOS] updated: 5390a8a8578538ad3b2bf0e7e541485c342acbea

git at public.curoverse.com git at public.curoverse.com
Thu Mar 27 14:49:24 EDT 2014 

Summary of changes:
 .../app/controllers/arvados/v1/users_controller.rb |   18 +++++-------------
 .../functional/arvados/v1/users_controller_test.rb |    4 ++--
 2 files changed, 7 insertions(+), 15 deletions(-)

       via  5390a8a8578538ad3b2bf0e7e541485c342acbea (commit)
       via  8a265d208908cd8fbfa808add745c3e842557dc0 (commit)
       via  1158c797ee6479ec6d6b90b0512fbfa38da89a72 (commit)
      from  06d0c1434c815ff2f00e5723f902fdf11b51ab14 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 5390a8a8578538ad3b2bf0e7e541485c342acbea
Author: radhika chippada <radhika at radhika.curoverse>
Date:   Thu Mar 27 14:48:39 2014 -0400

    Clean up the users controller

diff --git a/services/api/app/controllers/arvados/v1/users_controller.rb b/services/api/app/controllers/arvados/v1/users_controller.rb
index ecf4a57..b28db7c 100644
--- a/services/api/app/controllers/arvados/v1/users_controller.rb
+++ b/services/api/app/controllers/arvados/v1/users_controller.rb
@@ -135,16 +135,7 @@ class Arvados::V1::UsersController < ApplicationController
 
   # delete user agreements, vm, repository, login links; set state to inactive
   def unsetup
-    if current_user.andand.is_admin && params[:uuid]
-      @object = User.find_by_uuid params[:uuid]
-    else
-      @object = current_user
-    end
-
-    if !@object
-      return render_404_if_no_object
-    end
-
+    @object = User.find_by_uuid params[:uuid]
     @object = @object.unsetup
     show
   end
diff --git a/services/api/test/functional/arvados/v1/users_controller_test.rb b/services/api/test/functional/arvados/v1/users_controller_test.rb
index 55677cd..b15b99b 100644
--- a/services/api/test/functional/arvados/v1/users_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/users_controller_test.rb
@@ -530,7 +530,6 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase
 
     response_body = JSON.parse(@response.body)
     response_errors = response_body['errors']
-puts "\n*********response_errors = #{response_errors.inspect}"
     assert_not_nil response_errors, 'Expected error in response'
     assert (response_errors.first.include? 'Forbidden'), 
           'Expected Forbidden error'

commit 8a265d208908cd8fbfa808add745c3e842557dc0
Author: radhika chippada <radhika at radhika.curoverse>
Date:   Thu Mar 27 13:47:48 2014 -0400

    Update tests to match controller updates towards admin_required

diff --git a/services/api/test/functional/arvados/v1/users_controller_test.rb b/services/api/test/functional/arvados/v1/users_controller_test.rb
index 7085d47..55677cd 100644
--- a/services/api/test/functional/arvados/v1/users_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/users_controller_test.rb
@@ -530,9 +530,10 @@ class Arvados::V1::UsersControllerTest < ActionController::TestCase
 
     response_body = JSON.parse(@response.body)
     response_errors = response_body['errors']
+puts "\n*********response_errors = #{response_errors.inspect}"
     assert_not_nil response_errors, 'Expected error in response'
-    assert (response_errors.first.include? 'PermissionDenied'), 
-          'Expected PermissionDeniedError'
+    assert (response_errors.first.include? 'Forbidden'), 
+          'Expected Forbidden error'
   end
 
   test "setup user in multiple steps and verify response" do

commit 1158c797ee6479ec6d6b90b0512fbfa38da89a72
Author: radhika chippada <radhika at radhika.curoverse>
Date:   Thu Mar 27 12:30:55 2014 -0400

    Use before_filter admin_required in the users controller for setup and unsetup actions

diff --git a/services/api/app/controllers/arvados/v1/users_controller.rb b/services/api/app/controllers/arvados/v1/users_controller.rb
index a7fa631..ecf4a57 100644
--- a/services/api/app/controllers/arvados/v1/users_controller.rb
+++ b/services/api/app/controllers/arvados/v1/users_controller.rb
@@ -1,9 +1,10 @@
 class Arvados::V1::UsersController < ApplicationController
   skip_before_filter :find_object_by_uuid, only:
-    [:activate, :event_stream, :current, :system, :setup, :unsetup]
+    [:activate, :event_stream, :current, :system, :setup]
   skip_before_filter :render_404_if_no_object, only:
-    [:activate, :event_stream, :current, :system, :setup, :unsetup]
-
+    [:activate, :event_stream, :current, :system, :setup]
+  before_filter :admin_required, only: [:setup, :unsetup]
+  
   def current
     @object = current_user
     show

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list