Possible regression of #292

[MrCreosote]

This is with shock 0.9.21 pulled from the docker image obtained via docker pull mgrast/shock

Background: #292

It appears, unless I'm doing something incorrectly, that now even restarting shock doesn't result in the proper permissions being given to admin users:

Conf:

$ head shock.cfg
[Address]
# IP and port for api
# Note: use of port 80 may require root access
# 0.0.0.0 will bind Shock to all IP's
api-ip=0.0.0.0
api-port=7044

[Admin]
email=shock-admin@kbase.us
users=kbasetest2

First start:

$ ./shock-server --conf shock.cfg
read shock.cfg
conf.LOG_OUTPUT: console
[05/26/17 11:27:08] [INFO] Starting...

 +-------------+  +----+    +----+  +--------------+  +--------------+  +----+      +----+
 |             |  |    |    |    |  |              |  |              |  |    |      |    |
 |    +--------+  |    |    |    |  |    +----+    |  |    +---------+  |    |      |    |
 |    |           |    +----+    |  |    |    |    |  |    |            |    |     |    |
 |    +--------+  |              |  |    |    |    |  |    |            |    |    |    |
 |             |  |    +----+    |  |    |    |    |  |    |            |    |   |    |
 +--------+    |  |    |    |    |  |    |    |    |  |    |            |    +---+    +-+
          |    |  |    |    |    |  |    |    |    |  |    |            |               |
 +--------+    |  |    |    |    |  |    +----+    |  |    +---------+  |    +-----+    |
 |             |  |    |    |    |  |              |  |              |  |    |     |    |
 +-------------+  +----+    +----+  +--------------+  +--------------+  +----+     +----+
####### Anonymous ######
read:	false
write:	false
delete:	false

##### Auth #####
type:	globus
token_url:	https://nexus.api.globusonline.org/goauth/token?grant_type=client_credentials
profile_url:	https://nexus.api.globusonline.org/users

##### Admin #####
users:	kbasetest2

##### Paths #####
*snip*

kbasetest2 is not recognized as an admin:

$ curl -X POST -H "Authorization: OAuth $KBASETEST_TOKEN" http://localhost:7044/node
{"status":200,"data":{"id":"2b968abd-3ec8-4002-8b4c-4701dc629ebf","version":"be501822649bdaff0373d9c25bf9f8b3","file":{"name":"","size":0,"checksum":{},"format":"","virtual":false,"virtual_parts":null,"created_on":"0001-01-01T00:00:00Z"},"attributes":null,"indexes":{},"version_parts":{"acl_ver":"fc2f8e6613c1c26aa359c63d492d24c7","attributes_ver":"2d7c3414972b950f3d6fa91b32e7920f","file_ver":"3923024235a8a78eacd25de78bff7d2e","indexes_ver":"99914b932bd37a50b983c5e7c90ae93b"},"tags":null,"linkage":null,"priority":0,"created_on":"2017-05-26T11:27:29.16138828-07:00","last_modified":"0001-01-01T00:00:00Z","expiration":"0001-01-01T00:00:00Z","type":"basic","parts":null},"error":null}

$ curl -X PUT -H "Authorization: OAuth $KBASETEST2_TOKEN" http://localhost:7044/node/2b968abd-3ec8-4002-8b4c-4701dc629ebf/acl/read?users=kbasetest8
{"status":400,"data":null,"error":["Users that are not node owners can only delete themselves from ACLs."]}

After restarting shock, kbasetest2 is still not recognized as an admin:

$ curl -X PUT -H "Authorization: OAuth $KBASETEST2_TOKEN" http://localhost:7044/node/2b968abd-3ec8-4002-8b4c-4701dc629ebf/acl/read?users=kbasetest8
{"status":400,"data":null,"error":["Users that are not node owners can only delete themselves from ACLs."]}

> db.Users.find().pretty()
{
	"_id" : ObjectId("59287391b7fa0cf2c2ed538f"),
	"uuid" : "8fcea642-149b-4bd2-b660-366589916461",
	"username" : "kbasetest",
	"fullname" : "KBase Test Account",
	"email" : [censored],
	"password" : "",
	"shock_admin" : false
}
{
	"_id" : ObjectId("592873a6b7fa0cf2c2ed5391"),
	"uuid" : "c370f5ec-0cf7-4b2c-bc96-2a226b277c43",
	"username" : "kbasetest2",
	"fullname" : "kbase test account #2",
	"email" : [censored],
	"password" : "",
	"shock_admin" : false
}
{
	"_id" : ObjectId("592873a6b7fa0cf2c2ed5392"),
	"uuid" : "e2d41d69-dad5-4c16-951a-584361fdd8e0",
	"username" : "kbasetest8",
	"fullname" : "",
	"email" : "",
	"password" : "",
	"shock_admin" : false
}

Is there something I'm missing here? I can't seem to get an admin account working.

[MrCreosote]

Here's the node record, if that's useful (probably not...):

> db.Nodes.find().pretty()
{
	"_id" : ObjectId("59287391b7fa0cf2c2ed5390"),
	"id" : "2b968abd-3ec8-4002-8b4c-4701dc629ebf",
	"version" : "be501822649bdaff0373d9c25bf9f8b3",
	"file" : {
		"name" : "",
		"size" : NumberLong(0),
		"checksum" : {
			
		},
		"format" : "",
		"path" : "",
		"virtual" : false,
		"virtual_parts" : [ ],
		"created_on" : ISODate("0001-01-01T00:00:00Z")
	},
	"attributes" : null,
	"indexes" : {
		
	},
	"acl" : {
		"owner" : "8fcea642-149b-4bd2-b660-366589916461",
		"read" : [
			"8fcea642-149b-4bd2-b660-366589916461"
		],
		"write" : [
			"8fcea642-149b-4bd2-b660-366589916461"
		],
		"delete" : [
			"8fcea642-149b-4bd2-b660-366589916461"
		]
	},
	"version_parts" : {
		"acl_ver" : "fc2f8e6613c1c26aa359c63d492d24c7",
		"attributes_ver" : "2d7c3414972b950f3d6fa91b32e7920f",
		"file_ver" : "3923024235a8a78eacd25de78bff7d2e",
		"indexes_ver" : "99914b932bd37a50b983c5e7c90ae93b"
	},
	"tags" : [ ],
	"revisions" : [ ],
	"linkage" : [ ],
	"priority" : 0,
	"created_on" : ISODate("2017-05-26T18:27:29.161Z"),
	"last_modified" : ISODate("0001-01-01T00:00:00Z"),
	"expiration" : ISODate("0001-01-01T00:00:00Z"),
	"type" : "basic",
	"subset" : {
		"parent" : {
			"id" : "",
			"index_name" : ""
		},
		"index" : {
			"path" : "",
			"total_units" : NumberLong(0),
			"average_unit_size" : NumberLong(0),
			"format" : ""
		}
	},
	"parts" : null
}

[teharrison]

Not sure if this fixes the above problem, but I patched the latest version (0.9.23) to fix a bug that did not create new admin users that were in the config file.