[ARVADOS] created: 2.1.0-1969-g36c6d8e6b

Git user git at public.arvados.org
Fri Feb 25 18:57:58 UTC 2022 

        at  36c6d8e6b7492fc8be203e2849afc52d9ac30fcc (commit)


commit 36c6d8e6b7492fc8be203e2849afc52d9ac30fcc
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date:   Fri Feb 25 15:54:57 2022 -0300

    18801: Fixes the regression by ignoring the case where api_token isn't there.
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>

diff --git a/services/api/app/models/api_client_authorization.rb b/services/api/app/models/api_client_authorization.rb
index c74c1ce5b..993a49e5b 100644
--- a/services/api/app/models/api_client_authorization.rb
+++ b/services/api/app/models/api_client_authorization.rb
@@ -35,7 +35,12 @@ class ApiClientAuthorization < ArvadosModel
   UNLOGGED_CHANGES = ['last_used_at', 'last_used_by_ip_address', 'updated_at']
 
   def assign_random_api_token
-    self.api_token ||= rand(2**256).to_s(36)
+    begin
+      self.api_token ||= rand(2**256).to_s(36)
+    rescue ActiveModel::MissingAttributeError
+      # Ignore the case where self.api_token doesn't exist, which happens when
+      # the select=[...] is used.
+    end
   end
 
   def owner_uuid

commit 149a57f89a0119bb66aa1482a5bd9e956c82b24e
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date:   Fri Feb 25 15:54:41 2022 -0300

    18801: Exposes the regression with a test.
    
    Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>

diff --git a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
index bf407afcd..9c70f6f41 100644
--- a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
@@ -203,4 +203,20 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes
     get :current
     assert_response 401
   end
+
+  # Tests regression #18801
+  test "select param is respected in 'show' response" do
+    authorize_with :active
+    get :show, params: {
+          id: api_client_authorizations(:active).uuid,
+          select: ["uuid"],
+        }
+    assert_response :success
+    assert_raises ActiveModel::MissingAttributeError do
+      assigns(:object).api_token
+    end
+    assert_nil json_response["expires_at"]
+    assert_nil json_response["api_token"]
+    assert_equal api_client_authorizations(:active).uuid, json_response["uuid"]
+  end
 end

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list