From 90fca4f47d762744b88923ff7404157f7027d235 Mon Sep 17 00:00:00 2001
From: Eric Rasche <rasche.eric@gmail.com>
Date: Thu, 8 Oct 2015 10:15:14 -0500
Subject: [PATCH] Expose all API keys to admins under REMOTE_USER

This is the default setting for non-remote-user setups, this commit
adjusts the middleware to behave as expected.

Issue raised in http://dev.list.galaxyproject.org/User-API-keys-with-External-LDAP-authentication-disabled-td4668052.html
---
 lib/galaxy/web/framework/middleware/remoteuser.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/galaxy/web/framework/middleware/remoteuser.py b/lib/galaxy/web/framework/middleware/remoteuser.py
index 10bd432df713..fb6c26a389f7 100644
--- a/lib/galaxy/web/framework/middleware/remoteuser.py
+++ b/lib/galaxy/web/framework/middleware/remoteuser.py
@@ -118,6 +118,8 @@ def __call__( self, environ, start_response ):
                 pass  # Admin users need to be able to change user information
             elif path_info.startswith( '/user/edit_info' ) and environ[ self.remote_user_header ] in self.admin_users:
                 pass  # Admin users need to be able to change user information
+            elif path_info.startswith( '/userskeys/all_users' ) and environ[ self.remote_user_header ] in self.admin_users:
+                pass  # Admin users need to be able to manage API keys for all users.
             elif path_info.startswith( '/user/api_keys' ):
                 pass  # api keys can be managed when remote_user is in use
             elif path_info.startswith( '/user/edit_username' ):