[ARVADOS] updated: 2.1.0-970-g2ffe1a900

Fri Jun 18 19:58:25 UTC 2021

Summary of changes:
 services/keep-web/handler.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

       via  2ffe1a900d4cfcceac02b44768a13a47edf18184 (commit)
       via  60457ce8efe39a0929fd5e103ab8c042d322a1cb (commit)
      from  891783a0a90b37336455c81748dd3fe002e95a9c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 2ffe1a900d4cfcceac02b44768a13a47edf18184
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Fri Jun 18 15:58:03 2021 -0400

    17464: keep-web handles cases where user is unknown
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index d76cedaec..97ec95e3a 100644
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -897,9 +897,13 @@ func (h *handler) logUploadOrDownload(
 	log := ctxlog.FromContext(r.Context())
 	props := make(map[string]string)
 	props["reqPath"] = r.URL.Path
+	var useruuid string
 	if user != nil {
 		log = log.WithField("user_uuid", user.UUID).
 			WithField("user_full_name", user.FullName)
+		useruuid = user.UUID
+	} else {
+		useruuid = fmt.Sprintf("%s-tpzed-anonymouspublic", h.Config.cluster.ClusterID)
 	}
 	if collection == nil && fs != nil {
 		collection, filepath = h.determineCollection(fs, filepath)
@@ -915,7 +919,7 @@ func (h *handler) logUploadOrDownload(
 		if h.Config.cluster.Collections.WebDAVLogEvents {
 			go func() {
 				lr := arvadosclient.Dict{"log": arvadosclient.Dict{
-					"object_uuid": user.UUID,
+					"object_uuid": useruuid,
 					"event_type":  "file_upload",
 					"properties":  props}}
 				err := client.Create("logs", lr, nil)
@@ -933,7 +937,7 @@ func (h *handler) logUploadOrDownload(
 		if h.Config.cluster.Collections.WebDAVLogEvents {
 			go func() {
 				lr := arvadosclient.Dict{"log": arvadosclient.Dict{
-					"object_uuid": user.UUID,
+					"object_uuid": useruuid,
 					"event_type":  "file_download",
 					"properties":  props}}
 				err := client.Create("logs", lr, nil)

commit 60457ce8efe39a0929fd5e103ab8c042d322a1cb
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Fri Jun 18 15:43:26 2021 -0400

    17464: Unknown user gets "User" permission check instead of failure
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index 6f6ff542b..d76cedaec 100644
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -864,12 +864,9 @@ func (h *handler) seeOtherWithCookie(w http.ResponseWriter, r *http.Request, loc
 }
 
 func (h *handler) userPermittedToUploadOrDownload(method string, tokenUser *arvados.User) bool {
-	if tokenUser == nil {
-		return false
-	}
 	var permitDownload bool
 	var permitUpload bool
-	if tokenUser.IsAdmin {
+	if tokenUser != nil && tokenUser.IsAdmin {
 		permitUpload = h.Config.cluster.Collections.WebDAVPermission.Admin.Upload
 		permitDownload = h.Config.cluster.Collections.WebDAVPermission.Admin.Download
 	} else {

-----------------------------------------------------------------------


hooks/post-receive
-- 


