foreman_remote_execution 3.3.5 → 4.2.0

data/app/models/remote_execution_feature.rb

@@ -1,5 +1,5 @@
 class RemoteExecutionFeature < ApplicationRecord
-  VALID_OPTIONS = [:provided_inputs, :description, :host_action_button, :notification_builder].freeze
+  VALID_OPTIONS = [:provided_inputs, :description, :host_action_button, :notification_builder, :proxy_selector_override].freeze
   validates :label, :name, :presence => true, :uniqueness => true
 
   belongs_to :job_template
@@ -24,8 +24,10 @@ class RemoteExecutionFeature < ApplicationRecord
   end
 
   def self.register(label, name, options = {})
+    pending_migrations = ::Foreman::Plugin.registered_plugins[:foreman_remote_execution]&.pending_migrations
     begin
-      return false unless RemoteExecutionFeature.table_exists?
+      # Let's not try to register features if rex is not registered as a plugin
+      return false if pending_migrations || pending_migrations.nil?
     rescue ActiveRecord::NoDatabaseError => e
       # just ignore the problem if DB does not exist yet (rake db:create call)
       return false
@@ -41,6 +43,7 @@ class RemoteExecutionFeature < ApplicationRecord
                    :provided_input_names => options[:provided_inputs],
                    :description => options[:description],
                    :host_action_button => options[:host_action_button],
+                   :proxy_selector_override => options[:proxy_selector_override],
                    :notification_builder => builder }
     # in case DB does not have the attribute created yet but plugin initializer registers the feature, we need to skip this attribute
     attrs = [ :host_action_button, :notification_builder ]

data/app/models/remote_execution_provider.rb

@@ -57,8 +57,8 @@ class RemoteExecutionProvider
       [true, 'true', 'True', 'TRUE', '1'].include?(setting)
     end
 
-    def sudo_password(host)
-      host_setting(host, :remote_execution_sudo_password)
+    def effective_user_password(host)
+      host_setting(host, :remote_execution_effective_user_password)
     end
 
     def effective_interfaces(host)
@@ -101,7 +101,12 @@ class RemoteExecutionProvider
 
     # Return a specific proxy selector to use for running a given template
     # Returns either nil to use the default selector or an instance of a (sub)class of ::ForemanTasks::ProxySelector
-    def required_proxy_selector_for(_template)
+    def required_proxy_selector_for(template)
+      if template.remote_execution_features
+                 .where(:proxy_selector_override => ::RemoteExecutionProxySelector::INTERNAL_PROXY)
+                 .any?
+        ::DefaultProxyProxySelector.new
+      end
     end
   end
 end

data/app/models/setting/remote_execution.rb

@@ -1,6 +1,6 @@
 class Setting::RemoteExecution < Setting
 
-  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password remote_execution_cockpit_url remote_execution_form_job_template}
+  ::Setting::BLANK_ATTRS.concat %w{remote_execution_ssh_password remote_execution_ssh_key_passphrase remote_execution_sudo_password remote_execution_effective_user_password remote_execution_cockpit_url remote_execution_form_job_template}
 
   def self.default_settings
     [
@@ -27,7 +27,7 @@ class Setting::RemoteExecution < Setting
         N_('Effective User Method'),
         nil,
         { :collection => proc { Hash[SSHExecutionProvider::EFFECTIVE_USER_METHODS.map { |method| [method, method] }] } }),
-      self.set('remote_execution_sudo_password', N_("Sudo password"), '', N_("Sudo password"), nil, {:encrypted => true}),
+      self.set('remote_execution_effective_user_password', N_("Effective user password"), '', N_("Effective user password"), nil, {:encrypted => true}),
       self.set('remote_execution_sync_templates',
         N_('Whether we should sync templates from disk when running db:seed.'),
         true,

data/app/models/ssh_execution_provider.rb

@@ -32,7 +32,7 @@ class SSHExecutionProvider < RemoteExecutionProvider
       {
         :ssh_password => ssh_password(host),
         :key_passphrase => ssh_key_passphrase(host),
-        :sudo_password => sudo_password(host),
+        :effective_user_password => effective_user_password(host),
       }
     end
 

data/app/services/remote_execution_proxy_selector.rb

@@ -1,4 +1,7 @@
 class RemoteExecutionProxySelector < ::ForemanTasks::ProxySelector
+
+  INTERNAL_PROXY = 'internal'.freeze
+
   def available_proxies(host, provider)
     host.remote_execution_proxies(provider)
   end

data/app/views/api/v2/interfaces/execution_flag.json.rabl

@@ -0,0 +1 @@
+attributes :execution

data/app/views/api/v2/job_invocations/base.json.rabl

@@ -8,6 +8,7 @@ node do |invocation|
     :failed    => invocation_count(invocation, :output_key => :failed_count),
     :pending   => invocation_count(invocation, :output_key => :pending_count),
     :total     => invocation_count(invocation, :output_key => :total_count),
+    :missing   => invocation.missing_hosts_count,
   }
 end
 

data/app/views/api/v2/job_invocations/main.json.rabl

@@ -19,7 +19,7 @@ child :targeting do
   attributes :bookmark_id, :search_query, :targeting_type, :user_id, :status, :status_label,
     :randomized_ordering
 
-  child @hosts do
+  child @hosts => :hosts do
     extends 'api/v2/hosts/base'
 
     if params[:host_status] == 'true'
@@ -35,7 +35,7 @@ child :task do
 end
 
 child @template_invocations do
-  attributes :template_id, :template_name
+  attributes :template_id, :template_name, :host_id
   child :input_values do
     attributes :template_input_name, :template_input_id
     node :value do |iv|

data/app/views/api/v2/registration/_form.html.erb

@@ -0,0 +1,12 @@
+<div class='form-group'>
+  <label class='col-md-2 control-label'>
+    <%= _('Remote Execution Interface') %>
+    <% help = _('Identifier of the Host interface for Remote execution') %>
+    <a rel="popover" data-content="<%= help %>" data-trigger="focus" data-container="body" data-html="true" tabindex="-1">
+      <span class="pficon pficon-info "></span>
+    </a>
+  </label>
+  <div class='col-md-4'>
+    <%= text_field_tag 'remote_execution_interface', params[:remote_execution_interface], class: 'form-control' %>
+  </div>
+</div>

data/app/views/api/v2/subnets/remote_execution_proxies.json.rabl

@@ -0,0 +1,3 @@
+child :remote_execution_proxies => :remote_execution_proxies do
+  attributes :name, :id
+end

data/app/views/job_invocations/_form.html.erb

@@ -95,7 +95,7 @@
     <div class="advanced hidden">
       <%= password_f f, :password, :placeholder => '*****', :label => _('Password'), :label_help => N_('Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
       <%= password_f f, :key_passphrase, :placeholder => '*****', :label => _('Private key passphrase'), :label_help => N_('Key passhprase is only applicable for SSH provider. Other providers ignore this field. <br> Passphrase is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
-      <%= password_f f, :sudo_password, :placeholder => '*****', :label => _('Sudo password'), :label_help => N_('Sudo password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
+      <%= password_f f, :effective_user_password, :placeholder => '*****', :label => _('Effective user password'), :label_help => N_('Effective user password is only applicable for SSH provider. Other providers ignore this field. <br> Password is stored encrypted in DB until the job finishes. For future or recurring executions, it is removed after the last execution.') %>
     </div>
 
     <div class="advanced hidden">

data/app/views/job_invocations/_tab_hosts.html.erb

@@ -1,24 +1,5 @@
 <% if job_invocation.resolved? %>
-  <%= form_with url: job_invocation_path(job_invocation), method: "get", id: "search-form" do |f| %>
-    <div class="row">
-      <div class="title_filter col-md-6">
-        <div class="input-group">
-            <%= autocomplete_f(f, :search, value: params[:search].try(:squeeze, " "), placeholder: _("Filter") + ' ...', path: hosts_path, only_input: true) %>
-            <span class="input-group-btn">
-              <button class="btn btn-default" type="submit">
-                <%= icon_text('search', content_tag(:span, _('Search'), :class => 'hidden-xs', :kind => 'fa')) %>
-              </button>
-            </span>
-        </div>
-      </div>
-    </div>
-  <% end %>
-  <br>
-
-  <div id="targeting_hosts">
-    <%= mount_react_component('TargetingHosts', '#targeting_hosts') %>
-  </div>
-  <%= will_paginate_with_info @hosts, :container => true %>
+  <%= react_component('TargetingHosts' ) %>
 <% else %>
   <div class="alert alert-warning">
     <%=

data/app/views/job_invocations/_tab_overview.html.erb

@@ -9,7 +9,19 @@
   <% template_invocations.each do |template_invocation| %>
     <%= minicard('user', template_invocation.effective_user || Setting[:remote_execution_effective_user],
                  template_invocation.template.name + ' ' + _('effective user')) %>
-    <%= minicard('cluster', job_invocation.total_hosts_count, _('Total hosts')) %>
+    <div class="row">
+      <% missing = job_invocation.missing_hosts_count %>
+      <% size = missing.zero? ? 12 : 6 %>
+      <div class="col-xs-12 col-sm-<%= size %> col-md-<%= size %>" >
+        <%= minicard('cluster', job_invocation.total_hosts_count, _('Total hosts')) %>
+      </div>
+      <% unless missing.zero? %>
+      <div class="col-xs-12 col-sm-6 col-md-6" >
+          <%= minicard('warning-triangle-o', missing, _('Hosts gone missing'),
+                       :tooltip => _('This can happen if the host is removed or moved to another organization or location after the job was started')) %>
+      </div>
+    <% end %>
+    </div>
     <% if template_invocation.input_values.present? %>
       <%= render :partial => 'card_user_input', :locals => { :template_invocation => template_invocation } %>
     <% end %>

data/app/views/job_invocations/show.html.erb

@@ -2,6 +2,9 @@
 <% stylesheet 'foreman_remote_execution/foreman_remote_execution' %>
 <% javascript 'charts', 'foreman_remote_execution/template_invocation' %>
 <% javascript *webpack_asset_paths('foreman_remote_execution', :extension => 'js') %>
+<% content_for(:stylesheets) do %>
+  <%= webpacked_plugins_css_for :foreman_remote_execution %>
+<% end %>
 
 <%= breadcrumbs name_field: 'description' %>
 

data/app/views/job_invocations/show.json.erb

@@ -1,4 +1,5 @@
 {
   "autoRefresh": "<%= @auto_refresh %>",
-  "hosts": <%= targeting_hosts(@job_invocation, @hosts).to_json.html_safe %>
+  "hosts": <%= targeting_hosts(@job_invocation, @hosts).to_json.html_safe %>,
+  "total_hosts": <%= @total_hosts %>
 }

data/app/views/template_invocations/_output_line_set.html.erb

@@ -1,7 +1,7 @@
 <% output_line_set['output'].gsub("\r\n", "\n").sub(/\n\Z/, '').split("\n", -1).each do |line| %>
   <%= content_tag :div, :class => 'line ' + output_line_set['output_type'], :data => { :timestamp => output_line_set['timestamp'] } do %>
 
-    <%= content_tag(:span, (@line_counter += 1).to_s.rjust(4).gsub(' ', '&nbsp;').html_safe + ':', :class => 'counter', :title => (output_line_set['timestamp'] && Time.at(output_line_set['timestamp']))) %>
+    <%= content_tag(:span, (@line_counter += 1).to_s.rjust(4).gsub(' ', '&nbsp;').html_safe + ':', :class => 'counter', :title => (output_line_set['timestamp'] && Time.at(output_line_set['timestamp'].to_f))) %>
     <%= content_tag(:div, colorize_line(line.gsub(JobInvocationOutputHelper::COLOR_PATTERN, '').empty? ? "#{line}\n" : line).html_safe, :class => 'content') %>
   <% end %>
 <% end %>

data/app/views/templates/ssh/package_action.erb

@@ -98,6 +98,7 @@ handle_zypp_res_codes () {
     end
   -%>
   [ -x "$(command -v subscription-manager)" ] && subscription-manager refresh
+  export DEBIAN_FRONTEND=noninteractive
   apt-get -y update
   apt-get -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -y <%= action %> <%= input("package") %>
 <% elsif package_manager == 'zypper' -%>

data/config/routes.rb

@@ -55,6 +55,7 @@ Rails.application.routes.draw do
           post 'cancel'
           post 'rerun'
           get  'template_invocations', :to => 'template_invocations#template_invocations'
+          get 'outputs'
         end
       end
 

data/db/migrate/20200623073022_rename_sudo_password_to_effective_user_password.rb

@@ -0,0 +1,34 @@
+class RenameSudoPasswordToEffectiveUserPassword < ActiveRecord::Migration[6.0]
+  def up
+    rename_column :job_invocations, :sudo_password, :effective_user_password
+
+    Parameter.where(name: 'remote_execution_sudo_password').each do |parameter|
+      record = Parameter.find_by(type: parameter.type, reference_id: parameter.reference_id, name: "remote_execution_effective_user_password")
+      if record.nil?
+        parameter.update(name: "remote_execution_effective_user_password")
+      end
+    end
+
+    return unless (password = Setting.find_by(:name => 'remote_execution_sudo_password').try(:value))
+
+    Setting.find_by(:name => 'remote_execution_effective_user_password').update(value: password)
+
+    Setting.find_by(:name => 'remote_execution_sudo_password').delete
+  end
+
+  def down
+    rename_column :job_invocations, :effective_user_password, :sudo_password
+
+    Parameter.where(name: 'remote_execution_effective_user_password').each do |parameter|
+      record = Parameter.find_by(type: parameter.type, reference_id: parameter.reference_id, name: "remote_execution_sudo_password")
+      if record.nil?
+        parameter.update(name: "remote_execution_sudo_password")
+      end
+    end
+
+    return unless (password = Setting.find_by(:name => 'remote_execution_effective_user_password').try(:value))
+
+    Setting.create!(name: 'remote_execution_sudo_password', value: password, description: 'Sudo password', category: 'Setting::RemoteExecution', settings_type: 'string', full_name: 'Sudo password',encrypted: true, default: nil)
+    Setting.find_by(:name => 'remote_execution_effective_user_password').delete
+  end
+end

data/db/migrate/20200820122057_add_proxy_selector_override_to_remote_execution_feature.rb

@@ -0,0 +1,5 @@
+class AddProxySelectorOverrideToRemoteExecutionFeature < ActiveRecord::Migration[4.2]
+  def change
+    add_column :remote_execution_features, :proxy_selector_override, :string
+  end
+end

data/db/seeds.d/20-permissions.rb

@@ -0,0 +1,9 @@
+view_permission = Permission.find_by(name: "view_job_invocations", resource_type: 'JobInvocation')
+default_role = Role.default
+
+# the view_permissions can be nil in tests: skipping in that case
+if view_permission && !default_role.permissions.include?(view_permission)
+  default_role.filters.create(:search => 'user = current_user') do |filter|
+    filter.filterings.build { |f| f.permission = view_permission }
+  end
+end

data/lib/foreman_remote_execution/engine.rb

@@ -32,6 +32,15 @@ module ForemanRemoteExecution
       end
     end
 
+    # A workaround for https://projects.theforeman.org/issues/30685
+    initializer 'foreman_remote_execution.rails_loading_workaround' do
+      # Without this, in production environment the module gets prepended too
+      # late and the extensions do not get applied
+      # TODO: Remove this and from config.to_prepare once there is an extension
+      # point in Foreman
+      ProvisioningTemplatesHelper.prepend ForemanRemoteExecution::JobTemplatesExtensions
+    end
+
     initializer 'foreman_remote_execution.apipie' do
       Apipie.configuration.checksum_path += ['/api/']
     end
@@ -44,9 +53,12 @@ module ForemanRemoteExecution
 
     initializer 'foreman_remote_execution.register_plugin', before: :finisher_hook do |_app|
       Foreman::Plugin.register :foreman_remote_execution do
-        requires_foreman '>= 1.25'
+        requires_foreman '>= 2.2'
 
         apipie_documented_controllers ["#{ForemanRemoteExecution::Engine.root}/app/controllers/api/v2/*.rb"]
+        ApipieDSL.configuration.dsl_classes_matchers += [
+          "#{ForemanRemoteExecution::Engine.root}/app/lib/foreman_remote_execution/renderer/**/*.rb",
+        ]
 
         automatic_assets(false)
         precompile_assets(*assets_to_precompile)
@@ -71,7 +83,7 @@ module ForemanRemoteExecution
           permission :create_job_invocations, { :job_invocations => [:new, :create, :refresh, :rerun, :preview_hosts],
                                                 'api/v2/job_invocations' => [:create, :rerun] }, :resource_type => 'JobInvocation'
           permission :view_job_invocations, { :job_invocations => [:index, :chart, :show, :auto_complete_search], :template_invocations => [:show],
-                                              'api/v2/job_invocations' => [:index, :show, :output, :raw_output] }, :resource_type => 'JobInvocation'
+                                              'api/v2/job_invocations' => [:index, :show, :output, :raw_output, :outputs] }, :resource_type => 'JobInvocation'
           permission :view_template_invocations, { :template_invocations => [:show],
                                                    'api/v2/template_invocations' => [:template_invocations] }, :resource_type => 'TemplateInvocation'
           permission :create_template_invocations, {}, :resource_type => 'TemplateInvocation'
@@ -135,7 +147,16 @@ module ForemanRemoteExecution
         end
 
         extend_rabl_template 'api/v2/smart_proxies/main', 'api/v2/smart_proxies/pubkey'
+        extend_rabl_template 'api/v2/interfaces/main', 'api/v2/interfaces/execution_flag'
+        extend_rabl_template 'api/v2/subnets/show', 'api/v2/subnets/remote_execution_proxies'
+        parameter_filter ::Subnet, :remote_execution_proxy_ids
         describe_host { overview_buttons_provider :host_overview_buttons }
+
+        # Extend Registration module
+        extend_allowed_registration_vars :remote_execution_interface
+        extend_page 'registration/_form' do |cx|
+          cx.add_pagelet :global_registration, name: N_('Remote Execution'), partial: 'api/v2/registration/form', priority: 100, id: 'remote_execution_interface'
+        end
       end
     end
 
@@ -181,6 +202,7 @@ module ForemanRemoteExecution
       SmartProxy.prepend ForemanRemoteExecution::SmartProxyExtensions
       Subnet.include ForemanRemoteExecution::SubnetExtensions
 
+      ::Api::V2::InterfacesController.include Api::V2::InterfacesControllerExtensions
       # We need to explicitly force to load the Task model due to Rails loader
       # having issues with resolving it to Rake::Task otherwise
       require_dependency 'foreman_tasks/task'
@@ -189,6 +211,10 @@ module ForemanRemoteExecution
       RemoteExecutionProvider.register(:SSH, SSHExecutionProvider)
 
       ForemanRemoteExecution.register_rex_feature
+
+      ::Api::V2::SubnetsController.include ::ForemanRemoteExecution::Concerns::Api::V2::SubnetsControllerExtensions
+      ::Api::V2::RegistrationController.prepend ::ForemanRemoteExecution::Concerns::Api::V2::RegistrationControllerExtensions
+      ::Api::V2::RegistrationController.include ::ForemanRemoteExecution::Concerns::Api::V2::RegistrationControllerExtensions::ApipieExtensions
     end
 
     initializer 'foreman_remote_execution.register_gettext', after: :load_config_initializers do |_app|

data/lib/foreman_remote_execution/version.rb

@@ -1,3 +1,3 @@
 module ForemanRemoteExecution
-  VERSION = '3.3.5'.freeze
+  VERSION = '4.2.0'.freeze
 end

data/package.json

@@ -21,16 +21,16 @@
   },
   "devDependencies": {
     "@babel/core": "^7.7.0",
-    "@theforeman/builder": "^4.2.1",
-    "@theforeman/eslint-plugin-foreman": "^4.2.1",
-    "@theforeman/stories": "^4.2.1",
-    "@theforeman/test": "^4.2.1",
-    "@theforeman/vendor-dev": "^4.2.1",
+    "@theforeman/builder": "^4.14.0",
+    "@theforeman/eslint-plugin-foreman": "^4.14.0",
+    "@theforeman/stories": "^4.14.0",
+    "@theforeman/test": "^4.14.0",
+    "@theforeman/vendor-dev": "^4.14.0",
     "babel-eslint": "^10.0.0",
     "eslint": "^6.8.0",
     "prettier": "^1.19.1"
   },
   "peerDependencies": {
-    "@theforeman/vendor": ">= 4.2.1"
+    "@theforeman/vendor": ">= 4.14.0"
   }
 }

data/test/functional/api/v2/job_invocations_controller_test.rb

@@ -38,13 +38,14 @@ module Api
 
         test 'should see only permitted hosts' do
           @user = FactoryBot.create(:user, admin: false)
+          @invocation.task.update(user: @user)
           setup_user('view', 'job_invocations', nil, @user)
           setup_user('view', 'hosts', 'name ~ nope.example.com', @user)
 
-          get :show, params: { :id => @invocation.id }, session: set_session_user(@user)
+          get :show, params: { :id => @invocation.id }, session: prepare_user(@user)
           assert_response :success
           response = ActiveSupport::JSON.decode(@response.body)
-          assert_empty response['targeting']['hosts']
+          assert_equal response['targeting']['hosts'], []
         end
       end
 
@@ -159,6 +160,25 @@ module Api
         end
       end
 
+      describe '#outputs' do
+        test 'should provide outputs for hosts in the job' do
+          get :outputs, params: { :id => @invocation.id }
+          result = ActiveSupport::JSON.decode(@response.body)
+          host_output = result['outputs'].first
+          assert_equal host_output['host_id'], @invocation.targeting.host_ids.first
+          assert_equal host_output['refresh'], true
+          assert_equal host_output['output'], []
+          assert_response :success
+        end
+
+        test 'should provide outputs for hosts in the job matching a search query' do
+          get :outputs, params: { :id => @invocation.id, :search_query => "name = definitely_not_in_the_job" }
+          result = ActiveSupport::JSON.decode(@response.body)
+          assert_equal result['outputs'], []
+          assert_response :success
+        end
+      end
+
       describe 'raw output' do
         let(:fake_output) do
           (1..5).map do |i|
@@ -298,6 +318,68 @@ module Api
         post :rerun, params: { :id => @invocation.id }
         assert_response 404
       end
+
+      describe 'restricted access' do
+        setup do
+          @admin = FactoryBot.create(:user, mail: 'admin@test.foreman.com', admin: true)
+          @user = FactoryBot.create(:user, mail: 'user@test.foreman.com', admin: false)
+          @invocation = FactoryBot.create(:job_invocation, :with_template, :with_task, :with_unplanned_host)
+          @invocation2 = FactoryBot.create(:job_invocation, :with_template, :with_task, :with_unplanned_host)
+
+          @invocation.task.update(user: @admin)
+          @invocation2.task.update(user: @user)
+
+          setup_user 'view', 'hosts', nil, @user
+          setup_user 'view', 'job_invocations', 'user = current_user', @user
+          setup_user 'create', 'job_invocations', 'user = current_user', @user
+          setup_user 'cancel', 'job_invocations', 'user = current_user', @user
+        end
+
+        let(:host) { @invocation.targeting.hosts.first }
+        let(:host2) { @invocation2.targeting.hosts.first }
+
+        context 'without user filter' do
+          test '#index' do
+            get :index, session: prepare_user(@admin)
+            assert_response :success
+            assert JSON.parse(@response.body)['results'].size >= 2
+          end
+
+          test '#show' do
+            get :show, params: { id: @invocation2.id }, session: prepare_user(@admin)
+            assert_response :success
+          end
+
+          test '#output' do
+            get :output, params: { job_invocation_id: @invocation2.id, host_id: host2.id }, session: prepare_user(@admin)
+            assert_response :success
+          end
+        end
+
+        context 'with user filter' do
+          test '#index' do
+            get :index, session: prepare_user(@user)
+            assert_response :success
+            assert_equal 1, JSON.parse(@response.body)['results'].size
+          end
+
+          test '#show' do
+            get :show, params: { id: @invocation.id }, session: prepare_user(@user)
+            assert_response :not_found
+          end
+
+          test '#output' do
+            get :output, params: { job_invocation_id: @invocation.id, host_id: host.id }, session: prepare_user(@user)
+            assert_response :not_found
+            assert_includes @response.body, 'Job invocation not found'
+          end
+        end
+      end
+
+      def prepare_user(user)
+        User.current = user
+        set_session_user(user)
+      end
     end
   end
 end