apps/workbench/app/controllers/users_controller.rb

   1 class UsersController < ApplicationController
   2   skip_before_filter :find_object_by_uuid, :only => [:welcome, :activity, :storage]
   3   before_filter :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup]
   4
   5   def welcome
   6     if current_user
   7       params[:action] = 'home'
   8       home
   9     end
  10   end
  11
  12   def activity
  13     @breadcrumb_page_name = nil
  14     @users = User.limit(params[:limit] || 1000).all
  15     @user_activity = {}
  16     @activity = {
  17       logins: {},
  18       jobs: {},
  19       pipeline_instances: {}
  20     }
  21     @total_activity = {}
  22     @spans = [['This week', Time.now.beginning_of_week, Time.now],
  23               ['Last week',
  24                Time.now.beginning_of_week.advance(weeks:-1),
  25                Time.now.beginning_of_week],
  26               ['This month', Time.now.beginning_of_month, Time.now],
  27               ['Last month',
  28                1.month.ago.beginning_of_month,
  29                Time.now.beginning_of_month]]
  30     @spans.each do |span, threshold_start, threshold_end|
  31       @activity[:logins][span] = Log.
  32         filter([[:event_type, '=', 'login'],
  33                 [:object_kind, '=', 'arvados#user'],
  34                 [:created_at, '>=', threshold_start],
  35                 [:created_at, '<', threshold_end]])
  36       @activity[:jobs][span] = Job.
  37         filter([[:created_at, '>=', threshold_start],
  38                 [:created_at, '<', threshold_end]])
  39       @activity[:pipeline_instances][span] = PipelineInstance.
  40         filter([[:created_at, '>=', threshold_start],
  41                 [:created_at, '<', threshold_end]])
  42       @activity.each do |type, act|
  43         records = act[span]
  44         @users.each do |u|
  45           @user_activity[u.uuid] ||= {}
  46           @user_activity[u.uuid][span + ' ' + type.to_s] ||= 0
  47         end
  48         records.each do |record|
  49           @user_activity[record.modified_by_user_uuid] ||= {}
  50           @user_activity[record.modified_by_user_uuid][span + ' ' + type.to_s] ||= 0
  51           @user_activity[record.modified_by_user_uuid][span + ' ' + type.to_s] += 1
  52           @total_activity[span + ' ' + type.to_s] ||= 0
  53           @total_activity[span + ' ' + type.to_s] += 1
  54         end
  55       end
  56     end
  57     @users = @users.sort_by do |a|
  58       [-@user_activity[a.uuid].values.inject(:+), a.full_name]
  59     end
  60     # Prepend a "Total" pseudo-user to the sorted list
  61     @user_activity[nil] = @total_activity
  62     @users = [OpenStruct.new(uuid: nil)] + @users
  63   end
  64
  65   def storage
  66     @breadcrumb_page_name = nil
  67     @users = User.limit(params[:limit] || 1000).all
  68     @user_storage = {}
  69     total_storage = {}
  70     @log_date = {}
  71     @users.each do |u|
  72       @user_storage[u.uuid] ||= {}
  73       storage_log = Log.
  74         filter([[:object_uuid, '=', u.uuid],
  75                 [:event_type, '=', 'user-storage-report']]).
  76         order(:created_at => :desc).
  77         limit(1)
  78       storage_log.each do |log_entry|
  79         # We expect this block to only execute once since we specified limit(1)
  80         @user_storage[u.uuid] = log_entry['properties']
  81         @log_date[u.uuid] = log_entry['event_at']
  82       end
  83       total_storage.merge!(@user_storage[u.uuid]) { |k,v1,v2| v1 + v2 }
  84     end
  85     @users = @users.sort_by { |u|
  86       [-@user_storage[u.uuid].values.push(0).inject(:+), u.full_name]}
  87     # Prepend a "Total" pseudo-user to the sorted list
  88     @users = [OpenStruct.new(uuid: nil)] + @users
  89     @user_storage[nil] = total_storage
  90   end
  91
  92   def show_pane_list
  93     if current_user.andand.is_admin
  94       super | %w(Admin)
  95     else
  96       super
  97     end
  98   end
  99
 100   def index_pane_list
 101     if current_user.andand.is_admin
 102       super | %w(Activity)
 103     else
 104       super
 105     end
 106   end
 107
 108   def sudo
 109     resp = arvados_api_client.api(ApiClientAuthorization, '', {
 110                                     api_client_authorization: {
 111                                       owner_uuid: @object.uuid
 112                                     }
 113                                   })
 114     redirect_to root_url(api_token: resp[:api_token])
 115   end
 116
 117   def home
 118     @showallalerts = false
 119     @my_ssh_keys = AuthorizedKey.where(authorized_user_uuid: current_user.uuid)
 120     @my_tag_links = {}
 121
 122     @my_jobs = Job.
 123       limit(10).
 124       order('created_at desc').
 125       where(created_by: current_user.uuid)
 126
 127     @my_collections = Collection.
 128       limit(10).
 129       order('created_at desc').
 130       where(created_by: current_user.uuid)
 131     collection_uuids = @my_collections.collect &:uuid
 132
 133     @persist_state = {}
 134     collection_uuids.each do |uuid|
 135       @persist_state[uuid] = 'cache'
 136     end
 137
 138     Link.limit(1000).filter([['head_uuid', 'in', collection_uuids],
 139                              ['link_class', 'in', ['tag', 'resources']]]).
 140       each do |link|
 141       case link.link_class
 142       when 'tag'
 143         (@my_tag_links[link.head_uuid] ||= []) << link
 144       when 'resources'
 145         if link.name == 'wants'
 146           @persist_state[link.head_uuid] = 'persistent'
 147         end
 148       end
 149     end
 150
 151     @my_pipelines = PipelineInstance.
 152       limit(10).
 153       order('created_at desc').
 154       where(created_by: current_user.uuid)
 155
 156     respond_to do |f|
 157       f.js { render template: 'users/home.js' }
 158       f.html { render template: 'users/home' }
 159     end
 160   end
 161
 162   def unsetup
 163     if current_user.andand.is_admin
 164       @object.unsetup
 165     end
 166     show
 167   end
 168
 169   def setup
 170     respond_to do |format|
 171       if current_user.andand.is_admin
 172         setup_params = {}
 173         setup_params[:send_notification_email] = "#{Rails.configuration.send_user_setup_notification_email}"
 174         if params['user_uuid'] && params['user_uuid'].size>0
 175           setup_params[:uuid] = params['user_uuid']
 176         end
 177         if params['email'] && params['email'].size>0
 178           user = {email: params['email']}
 179           setup_params[:user] = user
 180         end
 181         if params['openid_prefix'] && params['openid_prefix'].size>0
 182           setup_params[:openid_prefix] = params['openid_prefix']
 183         end
 184         if params['repo_name'] && params['repo_name'].size>0
 185           setup_params[:repo_name] = params['repo_name']
 186         end
 187         if params['vm_uuid'] && params['vm_uuid'].size>0
 188           setup_params[:vm_uuid] = params['vm_uuid']
 189         end
 190
 191         if User.setup setup_params
 192           format.js
 193         else
 194           self.render_error status: 422
 195         end
 196       else
 197         self.render_error status: 422
 198       end
 199     end
 200   end
 201
 202   def setup_popup
 203     @vms = VirtualMachine.all.results
 204
 205     @current_selections = find_current_links @object
 206
 207     respond_to do |format|
 208       format.html
 209       format.js
 210     end
 211   end
 212
 213   def manage_account
 214     # repositories current user can read / write
 215     repo_links = []
 216     Link.filter([['head_uuid', 'is_a', 'arvados#repository'],
 217                  ['tail_uuid', '=', current_user.uuid],
 218                  ['link_class', '=', 'permission'],
 219                  ['name', 'in', ['can_write', 'can_read']],
 220                ]).
 221           each do |perm_link|
 222             repo_links << perm_link[:head_uuid]
 223           end
 224     @my_repositories = Repository.where(uuid: repo_links)
 225
 226     # virtual machines the current user can login into
 227     @my_vm_logins = {}
 228     Link.where(tail_uuid: current_user.uuid,
 229                link_class: 'permission',
 230                name: 'can_login').
 231           each do |perm_link|
 232             if perm_link.properties.andand[:username]
 233               @my_vm_logins[perm_link.head_uuid] ||= []
 234               @my_vm_logins[perm_link.head_uuid] << perm_link.properties[:username]
 235             end
 236           end
 237     @my_virtual_machines = VirtualMachine.where(uuid: @my_vm_logins.keys)
 238
 239     # current user's ssh keys
 240     @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: current_user.uuid)
 241
 242     respond_to do |f|
 243       f.html { render template: 'users/manage_account' }
 244     end
 245   end
 246
 247   def add_ssh_key_popup
 248     respond_to do |format|
 249       format.html
 250       format.js
 251     end
 252   end
 253
 254   def add_ssh_key
 255     respond_to do |format|
 256       key_params = {'key_type' => 'SSH'}
 257       key_params['authorized_user_uuid'] = current_user.uuid
 258
 259       if params['name'] && params['name'].size>0
 260         key_params['name'] = params['name']
 261       end
 262       if params['public_key'] && params['public_key'].size>0
 263         key_params['public_key'] = params['public_key']
 264       end
 265
 266       new_key = AuthorizedKey.create! key_params
 267       if new_key
 268         format.js
 269       else
 270         self.render_error status: 422
 271       end
 272     end
 273   end
 274
 275   protected
 276
 277   def find_current_links user
 278     current_selections = {}
 279
 280     if !user
 281       return current_selections
 282     end
 283
 284     # oid login perm
 285     oid_login_perms = Link.where(tail_uuid: user.email,
 286                                    head_kind: 'arvados#user',
 287                                    link_class: 'permission',
 288                                    name: 'can_login')
 289
 290     if oid_login_perms.any?
 291       prefix_properties = oid_login_perms.first.properties
 292       current_selections[:identity_url_prefix] = prefix_properties[:identity_url_prefix]
 293     end
 294
 295     # repo perm
 296     repo_perms = Link.where(tail_uuid: user.uuid,
 297                             head_kind: 'arvados#repository',
 298                             link_class: 'permission',
 299                             name: 'can_write')
 300     if repo_perms.any?
 301       repo_uuid = repo_perms.first.head_uuid
 302       repos = Repository.where(head_uuid: repo_uuid)
 303       if repos.any?
 304         repo_name = repos.first.name
 305         current_selections[:repo_name] = repo_name
 306       end
 307     end
 308
 309     # vm login perm
 310     vm_login_perms = Link.where(tail_uuid: user.uuid,
 311                               head_kind: 'arvados#virtualMachine',
 312                               link_class: 'permission',
 313                               name: 'can_login')
 314     if vm_login_perms.any?
 315       vm_uuid = vm_login_perms.first.head_uuid
 316       current_selections[:vm_uuid] = vm_uuid
 317     end
 318
 319     return current_selections
 320   end
 321
 322 end