[ARVADOS] created: 2.1.0-2096-g38492988c
Git user
git at public.arvados.org
Tue Mar 22 12:17:41 UTC 2022
at 38492988c92cdf1d4c606f67b19e7cd7d13a3dba (commit)
commit 38492988c92cdf1d4c606f67b19e7cd7d13a3dba
Author: Ward Vandewege <ward at curii.com>
Date: Mon Mar 21 17:56:00 2022 -0400
18887: in a login federation, when autogenerating the uuid for the
anonymous user, make sure to generate the anonymous user uuid for
the LoginCluster.
Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward at curii.com>
diff --git a/services/api/app/models/api_client_authorization.rb b/services/api/app/models/api_client_authorization.rb
index 993a49e5b..47665e6ae 100644
--- a/services/api/app/models/api_client_authorization.rb
+++ b/services/api/app/models/api_client_authorization.rb
@@ -132,8 +132,14 @@ class ApiClientAuthorization < ArvadosModel
# The anonymous token content and minimum length is verified in lib/config
if secret.length >= 0 && secret == Rails.configuration.Users.AnonymousUserToken
+ clusterID = Rails.configuration.ClusterID
+ # In a login federation, use the LoginCluster anonymous user UUID
+ if !Rails.configuration.Login.LoginCluster.blank? && Rails.configuration.Login.LoginCluster != Rails.configuration.ClusterID
+ clusterID = Rails.configuration.Login.LoginCluster
+ end
+
return ApiClientAuthorization.new(user: User.find_by_uuid(anonymous_user_uuid),
- uuid: Rails.configuration.ClusterID+"-gj3su-anonymouspublic",
+ uuid: clusterID+"-gj3su-anonymouspublic",
api_token: token,
api_client: anonymous_user_token_api_client,
scopes: ['GET /'])
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list