services/api/lib/current_api_client.rb

   1 $system_user = nil
   2 $system_group = nil
   3 $all_users_group = nil
   4 $anonymous_user = nil
   5 $anonymous_group = nil
   6 $anonymous_group_read_permission = nil
   7 $empty_collection = nil
   8
   9 module CurrentApiClient
  10   def current_user
  11     Thread.current[:user]
  12   end
  13
  14   def current_api_client
  15     Thread.current[:api_client]
  16   end
  17
  18   def current_api_client_authorization
  19     Thread.current[:api_client_authorization]
  20   end
  21
  22   def current_api_base
  23     Thread.current[:api_url_base]
  24   end
  25
  26   def current_default_owner
  27     # owner_uuid for newly created objects
  28     ((current_api_client_authorization &&
  29       current_api_client_authorization.default_owner_uuid) ||
  30      (current_user && current_user.default_owner_uuid) ||
  31      (current_user && current_user.uuid) ||
  32      nil)
  33   end
  34
  35   # Where is the client connecting from?
  36   def current_api_client_ip_address
  37     Thread.current[:api_client_ip_address]
  38   end
  39
  40   def system_user_uuid
  41     [Server::Application.config.uuid_prefix,
  42      User.uuid_prefix,
  43      '000000000000000'].join('-')
  44   end
  45
  46   def system_group_uuid
  47     [Server::Application.config.uuid_prefix,
  48      Group.uuid_prefix,
  49      '000000000000000'].join('-')
  50   end
  51
  52   def anonymous_group_uuid
  53     [Server::Application.config.uuid_prefix,
  54      Group.uuid_prefix,
  55      'anonymouspublic'].join('-')
  56   end
  57
  58   def anonymous_user_uuid
  59     [Server::Application.config.uuid_prefix,
  60      User.uuid_prefix,
  61      'anonymouspublic'].join('-')
  62   end
  63
  64   def system_user
  65     $system_user = check_cache $system_user do
  66       real_current_user = Thread.current[:user]
  67       begin
  68         Thread.current[:user] = User.new(is_admin: true,
  69                                          is_active: true,
  70                                          uuid: system_user_uuid)
  71         User.where(uuid: system_user_uuid).
  72           first_or_create!(is_active: true,
  73                            is_admin: true,
  74                            email: 'root',
  75                            first_name: 'root',
  76                            last_name: '')
  77       ensure
  78         Thread.current[:user] = real_current_user
  79       end
  80     end
  81   end
  82
  83   def system_group
  84     $system_group = check_cache $system_group do
  85       act_as_system_user do
  86         ActiveRecord::Base.transaction do
  87           Group.where(uuid: system_group_uuid).
  88             first_or_create!(name: "System group",
  89                              description: "System group") do |g|
  90             g.save!
  91             User.all.collect(&:uuid).each do |user_uuid|
  92               Link.create!(link_class: 'permission',
  93                            name: 'can_manage',
  94                            tail_uuid: system_group_uuid,
  95                            head_uuid: user_uuid)
  96             end
  97           end
  98         end
  99       end
 100     end
 101   end
 102
 103   def all_users_group_uuid
 104     [Server::Application.config.uuid_prefix,
 105      Group.uuid_prefix,
 106      'fffffffffffffff'].join('-')
 107   end
 108
 109   def all_users_group
 110     $all_users_group = check_cache $all_users_group do
 111       act_as_system_user do
 112         ActiveRecord::Base.transaction do
 113           Group.where(uuid: all_users_group_uuid).
 114             first_or_create!(name: "All users",
 115                              description: "All users",
 116                              group_class: "role")
 117         end
 118       end
 119     end
 120   end
 121
 122   def act_as_system_user
 123     if block_given?
 124       act_as_user system_user do
 125         yield
 126       end
 127     else
 128       Thread.current[:user] = system_user
 129     end
 130   end
 131
 132   def act_as_user user
 133     #auth_was = Thread.current[:api_client_authorization]
 134     user_was = Thread.current[:user]
 135     Thread.current[:user] = user
 136     #Thread.current[:api_client_authorization] = ApiClientAuthorization.
 137     #  where('user_id=? and scopes is null', user.id).
 138     #  order('expires_at desc').
 139     #  first
 140     begin
 141       yield
 142     ensure
 143       Thread.current[:user] = user_was
 144       #Thread.current[:api_client_authorization] = auth_was
 145     end
 146   end
 147
 148   def anonymous_group
 149     $anonymous_group = check_cache $anonymous_group do
 150       act_as_system_user do
 151         ActiveRecord::Base.transaction do
 152           Group.where(uuid: anonymous_group_uuid).
 153             first_or_create!(group_class: "role",
 154                              name: "Anonymous users",
 155                              description: "Anonymous users")
 156         end
 157       end
 158     end
 159   end
 160
 161   def anonymous_group_read_permission
 162     $anonymous_group_read_permission =
 163         check_cache $anonymous_group_read_permission do
 164       act_as_system_user do
 165         Link.where(tail_uuid: all_users_group.uuid,
 166                    head_uuid: anonymous_group.uuid,
 167                    link_class: "permission",
 168                    name: "can_read").first_or_create!
 169       end
 170     end
 171   end
 172
 173   def anonymous_user
 174     $anonymous_user = check_cache $anonymous_user do
 175       act_as_system_user do
 176         User.where(uuid: anonymous_user_uuid).
 177           first_or_create!(is_active: false,
 178                            is_admin: false,
 179                            email: 'anonymous',
 180                            first_name: 'Anonymous',
 181                            last_name: '') do |u|
 182           u.save!
 183           Link.where(tail_uuid: anonymous_user_uuid,
 184                      head_uuid: anonymous_group.uuid,
 185                      link_class: 'permission',
 186                      name: 'can_read').
 187             first_or_create!
 188         end
 189       end
 190     end
 191   end
 192
 193   def empty_collection_uuid
 194     'd41d8cd98f00b204e9800998ecf8427e+0'
 195   end
 196
 197   def empty_collection
 198     $empty_collection = check_cache $empty_collection do
 199       act_as_system_user do
 200         ActiveRecord::Base.transaction do
 201           Collection.
 202             where(portable_data_hash: empty_collection_uuid).
 203             first_or_create!(manifest_text: '', owner_uuid: anonymous_group.uuid)
 204         end
 205       end
 206     end
 207   end
 208
 209   private
 210
 211   # If the given value is nil, or the cache has been cleared since it
 212   # was set, yield. Otherwise, return the given value.
 213   def check_cache value
 214     if not Rails.env.test? and
 215         ActionController::Base.cache_store.is_a? ActiveSupport::Cache::FileStore and
 216         not File.owned? ActionController::Base.cache_store.cache_path
 217       # If we don't own the cache dir, we're probably
 218       # crunch-dispatch. Whoever we are, using this cache is likely to
 219       # either fail or screw up the cache for someone else. So we'll
 220       # just assume the $globals are OK to live forever.
 221       #
 222       # The reason for making the globals expire with the cache in the
 223       # first place is to avoid leaking state between test cases: in
 224       # production, we don't expect the database seeds to ever go away
 225       # even when the cache is cleared, so there's no particular
 226       # reason to expire our global variables.
 227     else
 228       Rails.cache.fetch "CurrentApiClient.$globals" do
 229         value = nil
 230         true
 231       end
 232     end
 233     return value unless value.nil?
 234     yield
 235   end
 236 end