diff options
Diffstat (limited to 'lib/chef_zero')
-rw-r--r-- | lib/chef_zero/endpoints/system_recovery_endpoint.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/chef_zero/endpoints/system_recovery_endpoint.rb b/lib/chef_zero/endpoints/system_recovery_endpoint.rb index 066a493..cc7d760 100644 --- a/lib/chef_zero/endpoints/system_recovery_endpoint.rb +++ b/lib/chef_zero/endpoints/system_recovery_endpoint.rb @@ -9,9 +9,13 @@ module ChefZero request_json = JSON.parse(request.body, :create_additions => false) name = request_json['username'] password = request_json['password'] - user = get_data(request, request.rest_path[0..-2] + ['users', name]) + user = get_data(request, request.rest_path[0..-2] + ['users', name], :nil) + if !user + raise RestErrorResponse.new(403, "Nonexistent user") + end + user = JSON.parse(user, :create_additions => false) - user = DataNormalizer.normalize_user(user, name, 'username') + user = DataNormalizer.normalize_user(user, name, [ 'username' ]) if !user['recovery_authentication_enabled'] raise RestErrorResponse.new(403, "Only users with recovery_authentication_enabled=true may use /system_recovery to log in") end |