[ARVADOS] updated: e057c658850fad7612472d28df4d428fed61f301

Mon Mar 14 10:25:34 EDT 2016

Summary of changes:
 .../controllers/arvados/v1/api_client_authorizations_controller.rb    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

       via  e057c658850fad7612472d28df4d428fed61f301 (commit)
      from  ffd4f2337be24dd318f761c70cd9e41280e76d8f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit e057c658850fad7612472d28df4d428fed61f301
Author: Tom Clegg <tom at curoverse.com>
Date:   Mon Mar 14 10:24:37 2016 -0400

    8079: Allow where(api_token: foo) and disallow where(api_token: ["contains", "f"])

diff --git a/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb b/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
index 0040ee0..99fc9d0 100644
--- a/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
+++ b/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
@@ -61,7 +61,9 @@ class Arvados::V1::ApiClientAuthorizationsController < ApplicationController
     end
     if @where
       wanted_scopes << @where['scopes']
-      @where.select! { |attr, val| attr == 'uuid' }
+      @where.select! { |attr, val|
+        val.is_a? String && (attr == 'uuid' || attr == 'api_token')
+      }
     end
     @objects = model_class.
       includes(:user, :api_client).

-----------------------------------------------------------------------


hooks/post-receive
-- 


