tim/fluke
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

fix bug with changing user password and email

Browse Source
This commit is contained in:
Anton Chuchkalov 2015-10-12 17:21:16 +03:00
parent dfe171abfe
commit a9a70e8375
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
devops-service/app/api2/parsers/user.rb
View File

@ -21,12 +21,14 @@ module Devops
end end
def change_password def change_password
user = @request.path_info.match(/(?<=^\/user\/)\w+/)[0]
raise InvalidPrivileges.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME raise InvalidPrivileges.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME
body = create_object_from_json_body body = create_object_from_json_body
check_string(body["password"], "Parameter 'password' must be a not empty string") check_string(body["password"], "Parameter 'password' must be a not empty string")
end end
def change_email def change_email
user = @request.path_info.match(/(?<=^\/user\/)\w+/)[0]
raise InvalidPrivileges.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME raise InvalidPrivileges.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME
body = create_object_from_json_body body = create_object_from_json_body
check_string(body["email"], "Parameter 'email' must be a not empty string") check_string(body["email"], "Parameter 'email' must be a not empty string")

4
devops-service/app/api2/routes/user.rb
View File

@ -112,7 +112,7 @@ module Devops
# #
# * *Returns* : # * *Returns* :
# 200 - Updated # 200 - Updated
app.put_with_headers %r{\A/user/#{DevopsConfig::OBJECT_NAME}/email\z}, :headers => [:accept, :content_type] do |user| app.put_with_headers %r{\A/user/(#{DevopsConfig::OBJECT_NAME})/email\z}, :headers => [:accept, :content_type] do |user|
check_privileges("user", "w") unless request.env['REMOTE_USER'] == user check_privileges("user", "w") unless request.env['REMOTE_USER'] == user
Devops::API2_0::Handler::User.new(request).change_email(user) Devops::API2_0::Handler::User.new(request).change_email(user)
create_response("Updated") create_response("Updated")
@ -132,7 +132,7 @@ module Devops
# #
# * *Returns* : # * *Returns* :
# 200 - Updated # 200 - Updated
app.put_with_headers %r{\A/user/#{DevopsConfig::OBJECT_NAME}/password\z}, :headers => [:accept, :content_type] do |user| app.put_with_headers %r{\A/user/(#{DevopsConfig::OBJECT_NAME})/password\z}, :headers => [:accept, :content_type] do |user|
check_privileges("user", "w") unless request.env['REMOTE_USER'] == user check_privileges("user", "w") unless request.env['REMOTE_USER'] == user
Devops::API2_0::Handler::User.new(request).change_password(user) Devops::API2_0::Handler::User.new(request).change_password(user)
create_response("Updated") create_response("Updated")