[ARVADOS] updated: b9ad383c4e27d4e3c1945e14ba51fffdd61fdb36
git at public.curoverse.com
git at public.curoverse.com
Fri Sep 4 13:32:48 EDT 2015
Summary of changes:
services/datamanager/datamanager.go | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
via b9ad383c4e27d4e3c1945e14ba51fffdd61fdb36 (commit)
from f9ee2fb124ae78696a0a0bb2ac0f8228f7446505 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit b9ad383c4e27d4e3c1945e14ba51fffdd61fdb36
Author: radhika <radhika at curoverse.com>
Date: Fri Sep 4 13:31:45 2015 -0400
6260: add check in datamanager to ensure that the configured datamanager token belongs to an admin user.
diff --git a/services/datamanager/datamanager.go b/services/datamanager/datamanager.go
index 70a9ae7..8ca107b 100644
--- a/services/datamanager/datamanager.go
+++ b/services/datamanager/datamanager.go
@@ -84,6 +84,17 @@ func singlerun() error {
arvLogger.AddWriteHook(loggerutil.LogMemoryAlloc)
}
+ // Verify that datamanager token belongs to an admin user
+ dataManagerToken := keep.GetDataManagerToken(arvLogger)
+ origArvToken := arv.ApiToken
+ arv.ApiToken = dataManagerToken
+ if is_admin, err := util.UserIsAdmin(arv); err != nil {
+ log.Fatalf("Error querying arvados user for data manager token %s", err.Error())
+ } else if !is_admin {
+ log.Fatalf("Datamanager token does not belong to an admin user.")
+ }
+ arv.ApiToken = origArvToken
+
var (
dataFetcher summary.DataFetcher
readCollections collection.ReadCollections
@@ -154,7 +165,7 @@ func singlerun() error {
if trashErr != nil {
return err
} else {
- keep.SendTrashLists(keep.GetDataManagerToken(arvLogger), kc, trashLists)
+ keep.SendTrashLists(dataManagerToken, kc, trashLists)
}
return nil
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list