1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
17 "git.arvados.org/arvados.git/lib/controller/railsproxy"
18 "git.arvados.org/arvados.git/lib/controller/rpc"
19 "git.arvados.org/arvados.git/sdk/go/arvados"
20 "git.arvados.org/arvados.git/sdk/go/ctxlog"
21 "git.arvados.org/arvados.git/sdk/go/httpserver"
22 "github.com/hashicorp/yamux"
23 "github.com/sirupsen/logrus"
26 type railsProxy = rpc.Conn
29 cluster *arvados.Cluster
30 *railsProxy // handles API methods that aren't defined on Conn itself
31 vocabularyCache *arvados.Vocabulary
32 vocabularyFileModTime time.Time
33 lastVocabularyRefreshCheck time.Time
34 lastVocabularyError error
36 gwTunnels map[string]*yamux.Session
37 gwTunnelsLock sync.Mutex
38 activeUsers map[string]bool
39 activeUsersLock sync.Mutex
40 activeUsersReset time.Time
43 func NewConn(cluster *arvados.Cluster) *Conn {
44 railsProxy := railsproxy.NewConn(cluster)
45 railsProxy.RedactHostInErrors = true
48 railsProxy: railsProxy,
50 conn.loginController = chooseLoginController(cluster, &conn)
54 func (conn *Conn) checkProperties(ctx context.Context, properties interface{}) error {
55 if properties == nil {
58 var props map[string]interface{}
59 switch properties := properties.(type) {
61 err := json.Unmarshal([]byte(properties), &props)
65 case map[string]interface{}:
68 return fmt.Errorf("unexpected properties type %T", properties)
70 voc, err := conn.VocabularyGet(ctx)
74 err = voc.Check(props)
76 return httpErrorf(http.StatusBadRequest, voc.Check(props).Error())
81 func (conn *Conn) maybeRefreshVocabularyCache(logger logrus.FieldLogger) error {
82 if conn.lastVocabularyRefreshCheck.Add(time.Second).After(time.Now()) {
83 // Throttle the access to disk to at most once per second.
86 conn.lastVocabularyRefreshCheck = time.Now()
87 fi, err := os.Stat(conn.cluster.API.VocabularyPath)
89 err = fmt.Errorf("couldn't stat vocabulary file %q: %v", conn.cluster.API.VocabularyPath, err)
90 conn.lastVocabularyError = err
93 if fi.ModTime().After(conn.vocabularyFileModTime) {
94 err = conn.loadVocabularyFile()
96 conn.lastVocabularyError = err
99 conn.vocabularyFileModTime = fi.ModTime()
100 conn.lastVocabularyError = nil
101 logger.Info("vocabulary file reloaded successfully")
106 func (conn *Conn) loadVocabularyFile() error {
107 vf, err := os.ReadFile(conn.cluster.API.VocabularyPath)
109 return fmt.Errorf("while reading the vocabulary file: %v", err)
111 mk := make([]string, 0, len(conn.cluster.Collections.ManagedProperties))
112 for k := range conn.cluster.Collections.ManagedProperties {
115 voc, err := arvados.NewVocabulary(vf, mk)
117 return fmt.Errorf("while loading vocabulary file %q: %s", conn.cluster.API.VocabularyPath, err)
119 conn.vocabularyCache = voc
123 // LastVocabularyError returns the last error encountered while loading the
125 // Implements health.Func
126 func (conn *Conn) LastVocabularyError() error {
127 conn.maybeRefreshVocabularyCache(ctxlog.FromContext(context.Background()))
128 return conn.lastVocabularyError
131 // VocabularyGet refreshes the vocabulary cache if necessary and returns it.
132 func (conn *Conn) VocabularyGet(ctx context.Context) (arvados.Vocabulary, error) {
133 if conn.cluster.API.VocabularyPath == "" {
134 return arvados.Vocabulary{
135 Tags: map[string]arvados.VocabularyTag{},
138 logger := ctxlog.FromContext(ctx)
139 if conn.vocabularyCache == nil {
140 // Initial load of vocabulary file.
141 err := conn.loadVocabularyFile()
143 logger.WithError(err).Error("error loading vocabulary file")
144 return arvados.Vocabulary{}, err
147 err := conn.maybeRefreshVocabularyCache(logger)
149 logger.WithError(err).Error("error reloading vocabulary file - ignoring")
151 return *conn.vocabularyCache, nil
154 // Logout handles the logout of conn giving to the appropriate loginController
155 func (conn *Conn) Logout(ctx context.Context, opts arvados.LogoutOptions) (arvados.LogoutResponse, error) {
156 return conn.loginController.Logout(ctx, opts)
159 // Login handles the login of conn giving to the appropriate loginController
160 func (conn *Conn) Login(ctx context.Context, opts arvados.LoginOptions) (arvados.LoginResponse, error) {
161 return conn.loginController.Login(ctx, opts)
164 // UserAuthenticate handles the User Authentication of conn giving to the appropriate loginController
165 func (conn *Conn) UserAuthenticate(ctx context.Context, opts arvados.UserAuthenticateOptions) (arvados.APIClientAuthorization, error) {
166 return conn.loginController.UserAuthenticate(ctx, opts)
169 func (conn *Conn) GroupContents(ctx context.Context, options arvados.GroupContentsOptions) (arvados.ObjectList, error) {
170 // The requested UUID can be a user (virtual home project), which we just pass on to
172 if strings.Index(options.UUID, "-j7d0g-") != 5 {
173 return conn.railsProxy.GroupContents(ctx, options)
176 var resp arvados.ObjectList
178 // Get the group object
179 respGroup, err := conn.GroupGet(ctx, arvados.GetOptions{UUID: options.UUID})
184 // If the group has groupClass 'filter', apply the filters before getting the contents.
185 if respGroup.GroupClass == "filter" {
186 if filters, ok := respGroup.Properties["filters"].([]interface{}); ok {
187 for _, f := range filters {
188 // f is supposed to be a []string
189 tmp, ok2 := f.([]interface{})
190 if !ok2 || len(tmp) < 3 {
191 return resp, fmt.Errorf("filter unparsable: %T, %+v, original field: %T, %+v\n", tmp, tmp, f, f)
193 var filter arvados.Filter
194 if attr, ok2 := tmp[0].(string); ok2 {
197 return resp, fmt.Errorf("filter unparsable: attribute must be string: %T, %+v, filter: %T, %+v\n", tmp[0], tmp[0], f, f)
199 if operator, ok2 := tmp[1].(string); ok2 {
200 filter.Operator = operator
202 return resp, fmt.Errorf("filter unparsable: operator must be string: %T, %+v, filter: %T, %+v\n", tmp[1], tmp[1], f, f)
204 filter.Operand = tmp[2]
205 options.Filters = append(options.Filters, filter)
208 return resp, fmt.Errorf("filter unparsable: not an array\n")
210 // Use the generic /groups/contents endpoint for filter groups
214 return conn.railsProxy.GroupContents(ctx, options)
217 func httpErrorf(code int, format string, args ...interface{}) error {
218 return httpserver.ErrorWithStatus(fmt.Errorf(format, args...), code)