Commit 75548af8 authored by MARGERY David's avatar MARGERY David
Browse files

Explicitly handle anonymous users

They get a forced value of job_details param when calling
sites/<>/status and are not considered authenticated users
parent a7117ad8
......@@ -82,8 +82,12 @@ class ApplicationController < ActionController::Base
end
end
def is_anonymous?
@credentials[:cn]=="anonymous"
end
def ensure_authenticated!
@credentials[:cn] || raise(Forbidden)
(@credentials[:cn] && @credentials[:cn] != "anonymous") || raise(Forbidden)
end
def authorize!(user_id)
......
......@@ -19,7 +19,9 @@ class SitesController < ResourcesController
def status
# fetch valid clusters
enrich_params(params)
params[:job_details]='no' if is_anonymous?
site_clusters=lookup_path("/sites/#{params[:id]}/clusters", params)
valid_clusters = site_clusters['items'].map{|i| i['uid']}
Rails.logger.info "Valid clusters=#{valid_clusters.inspect}"
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment