Permalink
Browse files

upgrade uaa, add admin scope test for upgraded uaa

Change-Id: Ie4b0a1cbc4c2e8cad294a1203ee9a7be23c393b3
  • Loading branch information...
1 parent cc41773 commit c653ead7294961323ba3e40375cb742647f62e5b Brad Midgley committed Dec 5, 2012
Showing with 16 additions and 25 deletions.
  1. +1 −1 Gemfile
  2. +3 −20 Gemfile.lock
  3. +3 −3 lib/cloud_controller.rb
  4. +9 −1 lib/cloud_controller/security_context.rb
View
@@ -12,7 +12,7 @@ gem "yajl-ruby"
gem 'vcap-concurrency', :git => 'git://github.com/cloudfoundry/vcap-concurrency.git'
gem "membrane", "~> 0.0.2"
gem "vcap_common", "~> 2.0.8", :git => 'git://github.com/cloudfoundry/vcap-common.git', :ref => 'b9024a52'
-gem "cf-uaa-client", "~> 0.2.0", :git => 'git://github.com/cloudfoundry/uaa', :ref => '792e7816'
+gem "cf-uaa-lib", "~> 1.3.0"
gem "httpclient"
gem "steno", "~> 1.0.0"
gem 'stager-client', '~> 0.0.02', :git => 'https://github.com/cloudfoundry/stager-client.git', :ref => '04c2aee9'
View
@@ -1,18 +1,4 @@
GIT
- remote: git://github.com/cloudfoundry/uaa
- revision: 792e78165f7702e1e9d512198e6cf9a035ecddab
- ref: 792e7816
- specs:
- cf-uaa-client (0.2.0)
- em-http-request (>= 1.0.0.beta.3, <= 1.0.0.beta.3)
- eventmachine
- interact
- json_pure
- launchy
- rest-client
- thor
-
-GIT
remote: git://github.com/cloudfoundry/vcap-common.git
revision: b9024a52348223b146ce51126486e88816fa03f4
ref: b9024a52
@@ -55,6 +41,8 @@ GEM
backports (2.6.1)
bcrypt-ruby (3.0.1)
builder (3.0.0)
+ cf-uaa-lib (1.3.0)
+ multi_json
ci_reporter (1.7.0)
builder (>= 2.1.2)
crack (0.3.1)
@@ -86,10 +74,7 @@ GEM
http_parser.rb (0.5.3)
httpclient (2.2.5)
i18n (0.6.1)
- interact (0.4.6)
json_pure (1.7.4)
- launchy (2.1.1)
- addressable (~> 2.3)
listen (0.5.3)
machinist (1.0.6)
membrane (0.0.2)
@@ -115,8 +100,6 @@ GEM
rack (>= 1.0)
rake (0.9.2.2)
redis (3.0.1)
- rest-client (1.6.7)
- mime-types (>= 1.16)
rfc822 (0.1.1)
rspec (2.10.0)
rspec-core (~> 2.10.0)
@@ -167,7 +150,7 @@ PLATFORMS
DEPENDENCIES
bcrypt-ruby
- cf-uaa-client (~> 0.2.0)!
+ cf-uaa-lib (~> 1.3.0)
ci_reporter
eventmachine (~> 1.0.0)
guard-rspec
View
@@ -41,7 +41,7 @@ def initialize(config)
begin
token_information = token_coder.decode(auth_token)
logger.info("Token received from the UAA #{token_information.inspect}")
- uaa_id = token_information[:user_id] if token_information
+ uaa_id = token_information['user_id'] if token_information
user = Models::User.find(:guid => uaa_id) if uaa_id
# Bootstraping mechanism..
@@ -50,8 +50,8 @@ def initialize(config)
# I'm not wild about having *any* auto-admin generation code
# in the cc.
if (user.nil? && Models::User.count == 0 &&
- @config[:bootstrap_admin_email] && token_information[:email] &&
- @config[:bootstrap_admin_email] == token_information[:email])
+ @config[:bootstrap_admin_email] && token_information['email'] &&
+ @config[:bootstrap_admin_email] == token_information['email'])
user = Models::User.create(:guid => uaa_id,
:admin => true, :active => true)
end
@@ -17,15 +17,23 @@ def self.current_user
end
def self.current_user_is_admin?
+ return admin_flag? || admin_scope?
+ end
+
+ def self.admin_flag?
return current_user && current_user.admin?
end
+ def self.admin_scope?
+ return !!(token && token['scope'] && token['scope'].include?('cloud_controller.admin'))
+ end
+
def self.token
Thread.current[:vcap_token]
end
def self.current_user_email
- return token[:email] if token
+ return token['email'] if token
end
def self.current_user_has_email?(email)

0 comments on commit c653ead

Please sign in to comment.