Various user_or_id fixes

There are a few places in the API where we re-fetch the User when it is already available. These fixes allow for making use of the existing user that already exists instead of calling another lookup. The two places involved are: - When authenticating using .basic_authentication - When generating a token for the user (on login)
ManageIQ · Jan 29, 2021 · db287af · db287af
1 parent 4810302
commit db287af
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 7 deletions.
diff --git a/app/controllers/api/auth_controller.rb b/app/controllers/api/auth_controller.rb
@@ -5,7 +5,7 @@ class AuthController < BaseController
     def show
       requester_type = fetch_and_validate_requester_type
       token_service = Environment.user_token_service
-      auth_token = token_service.generate_token(User.current_user.userid, requester_type)
+      auth_token = token_service.generate_token(User.current_user, requester_type)
       token_info = token_service.token_mgr(requester_type).token_get_info(auth_token)
       res = {
         :auth_token => auth_token,

diff --git a/app/controllers/api/base_controller/authentication.rb b/app/controllers/api/base_controller/authentication.rb
@@ -86,8 +86,13 @@ def api_token_mgr
         Environment.user_token_service.token_mgr('api')
       end
 
-      def auth_user(userid)
-        auth_user_obj = User.lookup_by_identity(userid, lookup_scope: :api_includes)
+      def auth_user(user_or_id)
+        auth_user_obj = if user_or_id.kind_of?(User)
+                          user_or_id
+                        else
+                          User.lookup_by_identity(user_or_id, lookup_scope: :api_includes)
+                        end
+
         authorize_user_group(auth_user_obj)
         validate_user_identity(auth_user_obj)
         User.current_user = auth_user_obj
@@ -155,7 +160,7 @@ def authenticate_with_jwt
       def basic_authentication(username, password)
         timeout = ::Settings.api.authentication_timeout.to_i_with_method
         user = User.authenticate(username, password, request, :require_user => true, :timeout => timeout, :lookup_scope => :api_includes)
-        auth_user(user.userid)
+        auth_user(user)
       rescue MiqException::MiqEVMLoginError => e
         raise AuthenticationError, e.message
       end

diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb
@@ -23,9 +23,13 @@ def api_config
       @api_config ||= ::Settings[base_config[:module]].to_hash
     end
 
-    def generate_token(userid, requester_type, token_ttl: nil)
-      userid = userid.downcase
-      validate_userid(userid)
+    def generate_token(user_or_id, requester_type, token_ttl: nil)
+      if user_or_id.kind_of?(User)
+        userid = user_or_id.userid.downcase
+      else
+        userid = user_or_id.downcase
+        validate_userid(userid)
+      end
       validate_requester_type(requester_type)
 
       # Additional Requester type token ttl's for authentication