Various user_or_id fixes

NickLaMuro · NickLaMuro · commit db287afeddc7 · 2021-01-29T11:13:24.000-06:00
There are a few places in the API where we re-fetch the User when it is
already available.

These fixes allow for making use of the existing user that already
exists instead of calling another lookup.  The two places involved are:

- When authenticating using .basic_authentication
- When generating a token for the user (on login)
diff --git a/app/controllers/api/auth_controller.rb b/app/controllers/api/auth_controller.rb
@@ -5,7 +5,7 @@ class AuthController < BaseController
     def show
       requester_type = fetch_and_validate_requester_type
       token_service = Environment.user_token_service
-      auth_token = token_service.generate_token(User.current_user.userid, requester_type)
+      auth_token = token_service.generate_token(User.current_user, requester_type)
       token_info = token_service.token_mgr(requester_type).token_get_info(auth_token)
       res = {
         :auth_token => auth_token,
diff --git a/app/controllers/api/base_controller/authentication.rb b/app/controllers/api/base_controller/authentication.rb
@@ -86,8 +86,13 @@ def api_token_mgr
         Environment.user_token_service.token_mgr('api')
       end
 
-      def auth_user(userid)
-        auth_user_obj = User.lookup_by_identity(userid, lookup_scope: :api_includes)
+      def auth_user(user_or_id)
+        auth_user_obj = if user_or_id.kind_of?(User)
+                          user_or_id
+                        else
+                          User.lookup_by_identity(user_or_id, lookup_scope: :api_includes)
+                        end
+
         authorize_user_group(auth_user_obj)
         validate_user_identity(auth_user_obj)
         User.current_user = auth_user_obj
@@ -155,7 +160,7 @@ def authenticate_with_jwt
       def basic_authentication(username, password)
         timeout = ::Settings.api.authentication_timeout.to_i_with_method
         user = User.authenticate(username, password, request, :require_user => true, :timeout => timeout, :lookup_scope => :api_includes)
-        auth_user(user.userid)
+        auth_user(user)
       rescue MiqException::MiqEVMLoginError => e
         raise AuthenticationError, e.message
       end
diff --git a/lib/services/api/user_token_service.rb b/lib/services/api/user_token_service.rb
@@ -23,9 +23,13 @@ def api_config
       @api_config ||= ::Settings[base_config[:module]].to_hash
     end
 
-    def generate_token(userid, requester_type, token_ttl: nil)
-      userid = userid.downcase
-      validate_userid(userid)
+    def generate_token(user_or_id, requester_type, token_ttl: nil)
+      if user_or_id.kind_of?(User)
+        userid = user_or_id.userid.downcase
+      else
+        userid = user_or_id.downcase
+        validate_userid(userid)
+      end
       validate_requester_type(requester_type)
 
       # Additional Requester type token ttl's for authentication
