From f28b015039f2c481aee10131fac62b5d92f3e020 Mon Sep 17 00:00:00 2001
From: Nick LaMuro <nicklamuro@gmail.com>
Date: Mon, 31 Aug 2020 19:54:29 -0500
Subject: [PATCH] Various user_or_id fixes

There are a few places in the API where we re-fetch the User when it is
already available.

These fixes allow for making use of the existing user that already
exists instead of calling another lookup.  The two places involved are:

- When authenticating using .basic_authentication
- When generating a token for the user (on login)
---
 app/controllers/api/auth_controller.rb                |  2 +-
 app/controllers/api/base_controller/authentication.rb | 11 ++++++++---
 lib/services/api/user_token_service.rb                | 10 +++++++---
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/app/controllers/api/auth_controller.rb b/app/controllers/api/auth_controller.rb
index 2266fd567f..66127a141e 100644
--- a/app/controllers/api/auth_controller.rb
+++ b/app/controllers/api/auth_controller.rb
@@ -5,7 +5,7 @@ class AuthController < BaseController
     def show
       requester_type = fetch_and_validate_requester_type
       token_service = Environment.user_token_service
-      auth_token = token_service.generate_token(User.current_user.userid, requester_type)
+      auth_token = token_service.generate_token(User.current_user, requester_type)
       token_info = token_service.token_mgr(requester_type).token_get_info(auth_token)
       res = {
         :auth_token => auth_token,
diff --git a/app/controllers/api/base_controller/authentication.rb b/app/controllers/api/base_controller/authentication.rb
index 64b80122d2..b478a12c8f 100644
--- a/app/controllers/api/base_controller/authentication.rb
+++ b/app/controllers/api/base_controller/authentication.rb
@@ -91,8 +91,13 @@ def api_token_mgr
         Environment.user_token_service.token_mgr('api')
       end
 
-      def auth_user(userid)
-        auth_user_obj = User.lookup_by_identity(userid, lookup_scope: :api_includes)
+      def auth_user(user_or_id)
+        if user_or_id.kind_of?(User)
+          auth_user_obj = user_or_id
+        else
+          auth_user_obj = User.lookup_by_identity(user_or_id, lookup_scope: :api_includes)
+        end
+
         authorize_user_group(auth_user_obj)
         validate_user_identity(auth_user_obj)
         User.current_user = auth_user_obj
@@ -160,7 +165,7 @@ def authenticate_with_jwt
       def basic_authentication(username, password)
         timeout = ::Settings.api.authentication_timeout.to_i_with_method
         user = User.authenticate(username, password, request, :require_user => true, :timeout => timeout, :lookup_scope => :api_includes)
-        auth_user(user.userid)
+        auth_user(user)
       rescue MiqException::MiqEVMLoginError => e
         raise AuthenticationError, e.message
       end
diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb
index fb6dd1b389..eca720a10a 100644
--- a/lib/services/api/user_token_service.rb
+++ b/lib/services/api/user_token_service.rb
@@ -23,9 +23,13 @@ def api_config
       @api_config ||= ::Settings[base_config[:module]].to_hash
     end
 
-    def generate_token(userid, requester_type, token_ttl: nil)
-      userid = userid.downcase
-      validate_userid(userid)
+    def generate_token(user_or_id, requester_type, token_ttl: nil)
+      if user_or_id.kind_of?(User)
+        userid = user_or_id.userid.downcase
+      else
+        userid = user_or_id.downcase
+        validate_userid(userid)
+      end
       validate_requester_type(requester_type)
 
       # Additional Requester type token ttl's for authentication