fix bug with changing user password and email

2015-10-12 17:21:16 +03:00 · 2015-10-12 17:21:16 +03:00 · a9a70e8375
commit a9a70e8375
parent dfe171abfe
2 changed files with 4 additions and 2 deletions
--- a/devops-service/app/api2/parsers/user.rb
+++ b/devops-service/app/api2/parsers/user.rb
@ -21,12 +21,14 @@ module Devops
        end

        def change_password
+          user = @request.path_info.match(/(?<=^\/user\/)\w+/)[0]
          raise InvalidPrivileges.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME
          body = create_object_from_json_body
          check_string(body["password"], "Parameter 'password' must be a not empty string")
        end

        def change_email
+          user = @request.path_info.match(/(?<=^\/user\/)\w+/)[0]
          raise InvalidPrivileges.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME
          body = create_object_from_json_body
          check_string(body["email"], "Parameter 'email' must be a not empty string")
--- a/devops-service/app/api2/routes/user.rb
+++ b/devops-service/app/api2/routes/user.rb
@ -112,7 +112,7 @@ module Devops
          #
          # * *Returns* :
          #   200 - Updated
-          app.put_with_headers %r{\A/user/#{DevopsConfig::OBJECT_NAME}/email\z}, :headers => [:accept, :content_type] do |user|
+          app.put_with_headers %r{\A/user/(#{DevopsConfig::OBJECT_NAME})/email\z}, :headers => [:accept, :content_type] do |user|
            check_privileges("user", "w") unless request.env['REMOTE_USER'] == user
            Devops::API2_0::Handler::User.new(request).change_email(user)
            create_response("Updated")
@ -132,7 +132,7 @@ module Devops
          #
          # * *Returns* :
          #   200 - Updated
-          app.put_with_headers %r{\A/user/#{DevopsConfig::OBJECT_NAME}/password\z}, :headers => [:accept, :content_type] do |user|
+          app.put_with_headers %r{\A/user/(#{DevopsConfig::OBJECT_NAME})/password\z}, :headers => [:accept, :content_type] do |user|
            check_privileges("user", "w") unless request.env['REMOTE_USER'] == user
            Devops::API2_0::Handler::User.new(request).change_password(user)
            create_response("Updated")