From cd3e8d1ea25a83f22f45ec1640534d957643dfc4 Mon Sep 17 00:00:00 2001 From: Nick LaMuro Date: Mon, 31 Aug 2020 19:54:29 -0500 Subject: [PATCH] Various user_or_id fixes There are a few places in the API where we re-fetch the User when it is already available. These fixes allow for making use of the existing user that already exists instead of calling another lookup. The two places involved are: - When authenticating using .basic_authentication - When generating a token for the user (on login) --- app/controllers/api/auth_controller.rb | 2 +- app/controllers/api/base_controller/authentication.rb | 11 ++++++++--- lib/services/api/user_token_service.rb | 10 +++++++--- 3 files changed, 16 insertions(+), 7 deletions(-) diff --git a/app/controllers/api/auth_controller.rb b/app/controllers/api/auth_controller.rb index 2266fd567f..66127a141e 100644 --- a/app/controllers/api/auth_controller.rb +++ b/app/controllers/api/auth_controller.rb @@ -5,7 +5,7 @@ class AuthController < BaseController def show requester_type = fetch_and_validate_requester_type token_service = Environment.user_token_service - auth_token = token_service.generate_token(User.current_user.userid, requester_type) + auth_token = token_service.generate_token(User.current_user, requester_type) token_info = token_service.token_mgr(requester_type).token_get_info(auth_token) res = { :auth_token => auth_token, diff --git a/app/controllers/api/base_controller/authentication.rb b/app/controllers/api/base_controller/authentication.rb index 9daa35cd6d..c5c6502719 100644 --- a/app/controllers/api/base_controller/authentication.rb +++ b/app/controllers/api/base_controller/authentication.rb @@ -86,8 +86,13 @@ def api_token_mgr Environment.user_token_service.token_mgr('api') end - def auth_user(userid) - auth_user_obj = User.lookup_by_identity(userid, lookup_scope: :api_includes) + def auth_user(user_or_id) + if user_or_id.kind_of?(User) + auth_user_obj = user_or_id + else + auth_user_obj = User.lookup_by_identity(user_or_id, lookup_scope: :api_includes) + end + authorize_user_group(auth_user_obj) validate_user_identity(auth_user_obj) User.current_user = auth_user_obj @@ -155,7 +160,7 @@ def authenticate_with_jwt def basic_authentication(username, password) timeout = ::Settings.api.authentication_timeout.to_i_with_method user = User.authenticate(username, password, request, :require_user => true, :timeout => timeout, :lookup_scope => :api_includes) - auth_user(user.userid) + auth_user(user) rescue MiqException::MiqEVMLoginError => e raise AuthenticationError, e.message end diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb index fb6dd1b389..eca720a10a 100644 --- a/lib/services/api/user_token_service.rb +++ b/lib/services/api/user_token_service.rb @@ -23,9 +23,13 @@ def api_config @api_config ||= ::Settings[base_config[:module]].to_hash end - def generate_token(userid, requester_type, token_ttl: nil) - userid = userid.downcase - validate_userid(userid) + def generate_token(user_or_id, requester_type, token_ttl: nil) + if user_or_id.kind_of?(User) + userid = user_or_id.userid.downcase + else + userid = user_or_id.downcase + validate_userid(userid) + end validate_requester_type(requester_type) # Additional Requester type token ttl's for authentication