1 class ApplicationController < ActionController::Base
2 include ArvadosApiClientHelper
3 include ApplicationHelper
5 respond_to :html, :json, :js
8 ERROR_ACTIONS = [:render_error, :render_not_found]
10 around_filter :thread_clear
11 before_filter :permit_anonymous_browsing_if_no_thread_token
12 around_filter :set_thread_api_token
13 # Methods that don't require login should
14 # skip_around_filter :require_thread_api_token
15 around_filter :require_thread_api_token, except: ERROR_ACTIONS
16 before_filter :permit_anonymous_browsing_for_inactive_user
17 before_filter :check_user_agreements, except: ERROR_ACTIONS
18 before_filter :check_user_notifications, except: ERROR_ACTIONS
19 before_filter :find_object_by_uuid, except: [:index, :choose] + ERROR_ACTIONS
23 rescue_from(ActiveRecord::RecordNotFound,
24 ActionController::RoutingError,
25 ActionController::UnknownController,
26 AbstractController::ActionNotFound,
27 with: :render_not_found)
28 rescue_from(Exception,
29 ActionController::UrlGenerationError,
30 with: :render_exception)
33 def unprocessable(message=nil)
36 @errors << message if message
37 render_error status: 422
40 def render_error(opts)
41 opts = {status: 500}.merge opts
43 # json must come before html here, so it gets used as the
44 # default format when js is requested by the client. This lets
45 # ajax:error callback parse the response correctly, even though
47 f.json { render opts.merge(json: {success: false, errors: @errors}) }
48 f.html { render opts.merge(controller: 'application', action: 'error') }
52 def render_exception(e)
53 logger.error e.inspect
54 logger.error e.backtrace.collect { |x| x + "\n" }.join('') if e.backtrace
55 if @object.andand.errors.andand.full_messages.andand.any?
56 @errors = @object.errors.full_messages
60 if e.is_a? ArvadosApiClient::NotLoggedInException
61 self.render_error status: 422
63 set_thread_api_token do
64 self.render_error status: 422
69 def render_not_found(e=ActionController::RoutingError.new("Path not found"))
70 logger.error e.inspect
71 @errors = ["Path not found"]
72 set_thread_api_token do
73 self.render_error status: 404
77 def find_objects_for_index
80 @limit = params[:limit].to_i
85 @offset = params[:offset].to_i
90 filters = params[:filters]
91 if filters.is_a? String
92 filters = Oj.load filters
97 @objects ||= model_class
98 @objects = @objects.filter(@filters).limit(@limit).offset(@offset)
103 f.json { render json: @objects }
105 if params['tab_pane']
106 comparable = self.respond_to? :compare
107 render(partial: 'show_' + params['tab_pane'].downcase,
108 locals: { comparable: comparable, objects: @objects })
118 find_objects_for_index if !@objects
122 helper_method :next_page_offset
124 if @objects.respond_to?(:result_offset) and
125 @objects.respond_to?(:result_limit) and
126 @objects.respond_to?(:items_available)
127 next_offset = @objects.result_offset + @objects.result_limit
128 if next_offset < @objects.items_available
138 return render_not_found("object not found")
141 f.json { render json: @object.attributes.merge(href: url_for(@object)) }
143 if params['tab_pane']
144 comparable = self.respond_to? :compare
145 render(partial: 'show_' + params['tab_pane'].downcase,
146 locals: { comparable: comparable, objects: @objects })
147 elsif request.method.in? ['GET', 'HEAD']
150 redirect_to params[:return_to] || @object
158 params[:limit] ||= 40
160 if params[:project_uuid] and !params[:project_uuid].empty?
161 # We want the chooser to show objects of the controllers's model_class
162 # type within a specific project specified by project_uuid, so fetch the
163 # project and request the contents of the project filtered on the
164 # controllers's model_class kind.
165 @objects = Group.find(params[:project_uuid]).contents({:filters => [['uuid', 'is_a', "arvados\##{ArvadosApiClient.class_kind(model_class)}"]]})
167 find_objects_for_index if !@objects
173 content: render_to_string(partial: "choose_rows.html",
176 multiple: params[:multiple]
178 next_page_href: @next_page_href
183 render partial: 'choose', locals: {multiple: params[:multiple]}
190 return render_not_found("object not found")
195 @object = model_class.new
199 @updates ||= params[@object.resource_param_name.to_sym]
200 @updates.keys.each do |attr|
201 if @object.send(attr).is_a? Hash
202 if @updates[attr].is_a? String
203 @updates[attr] = Oj.load @updates[attr]
205 if params[:merge] || params["merge_#{attr}".to_sym]
206 # Merge provided Hash with current Hash, instead of
208 @updates[attr] = @object.send(attr).with_indifferent_access.
209 deep_merge(@updates[attr].with_indifferent_access)
213 if @object.update_attributes @updates
216 self.render_error status: 422
221 @new_resource_attrs ||= params[model_class.to_s.underscore.singularize]
222 @new_resource_attrs ||= {}
223 @new_resource_attrs.reject! { |k,v| k.to_s == 'uuid' }
224 @object ||= model_class.new @new_resource_attrs, params["options"]
227 f.json { render json: @object.attributes.merge(href: url_for(@object)) }
234 self.render_error status: 422
238 # Clone the given object, merging any attribute values supplied as
239 # with a create action.
241 @new_resource_attrs ||= params[model_class.to_s.underscore.singularize]
242 @new_resource_attrs ||= {}
243 @object = @object.dup
244 @object.update_attributes @new_resource_attrs
245 if not @new_resource_attrs[:name] and @object.respond_to? :name
246 if @object.name and @object.name != ''
247 @object.name = "Copy of #{@object.name}"
249 @object.name = "Copy of unnamed #{@object.class_for_display.downcase}"
259 f.json { render json: @object }
261 redirect_to(params[:return_to] || :back)
266 self.render_error status: 422
271 return Thread.current[:user] if Thread.current[:user]
273 if Thread.current[:arvados_api_token]
275 if session[:user][:is_active] != true
276 Thread.current[:user] = User.current
278 Thread.current[:user] = User.new(session[:user])
281 Thread.current[:user] = User.current
284 logger.error "No API token in Thread"
290 controller_name.classify.constantize
293 def breadcrumb_page_name
294 (@breadcrumb_page_name ||
295 (@object.friendly_link_name if @object.respond_to? :friendly_link_name) ||
304 %w(Attributes Advanced)
309 def strip_token_from_path(path)
310 path.sub(/([\?&;])api_token=[^&;]*[&;]?/, '\1')
313 def redirect_to_login
316 if request.method.in? ['GET', 'HEAD']
317 redirect_to arvados_api_client.arvados_login_url(return_to: strip_token_from_path(request.url))
319 flash[:error] = "Either you are not logged in, or your session has timed out. I can't automatically log you in and re-attempt this request."
324 @errors = ['You do not seem to be logged in. You did not supply an API token with this request, and your session (if any) has timed out.']
325 self.render_error status: 422
328 false # For convenience to return from callbacks
331 def using_specific_api_token(api_token)
333 [:arvados_api_token, :user].each do |key|
334 start_values[key] = Thread.current[key]
336 Thread.current[:arvados_api_token] = api_token
337 Thread.current[:user] = nil
341 start_values.each_key { |key| Thread.current[key] = start_values[key] }
345 def find_object_by_uuid
346 if params[:id] and params[:id].match /\D/
347 params[:uuid] = params.delete :id
351 elsif params[:uuid].is_a? String
352 if params[:uuid].empty?
355 if (model_class != Link and
356 resource_class_for_uuid(params[:uuid]) == Link)
357 @name_link = Link.find(params[:uuid])
358 @object = model_class.find(@name_link.head_uuid)
360 if Thread.current[:arvados_anonymous_api_token]
362 @object = model_class.find(params[:uuid])
367 @object = model_class.find(params[:uuid])
372 @object = model_class.where(uuid: params[:uuid]).first
377 Thread.current[:arvados_api_token] = nil
378 Thread.current[:user] = nil
379 Thread.current[:arvados_anonymous_api_token] = nil
380 Rails.cache.delete_matched(/^request_#{Thread.current.object_id}_/)
382 Rails.cache.delete_matched(/^request_#{Thread.current.object_id}_/)
385 # Save the session API token in thread-local storage, and yield.
386 # This method also takes care of session setup if the request
387 # provides a valid api_token parameter.
388 # If a token is unavailable or expired, the block is still run, with
390 def set_thread_api_token
391 # If an API token has already been found, pass it through.
392 if Thread.current[:arvados_api_token]
398 # If there's a valid api_token parameter, use it to set up the session.
399 if (Thread.current[:arvados_api_token] = params[:api_token]) and
401 session[:arvados_api_token] = params[:api_token]
406 first_name: u.first_name,
407 last_name: u.last_name,
408 is_active: u.is_active,
409 is_admin: u.is_admin,
412 if !request.format.json? and request.method.in? ['GET', 'HEAD']
413 # Repeat this request with api_token in the (new) session
414 # cookie instead of the query string. This prevents API
415 # tokens from appearing in (and being inadvisedly copied
416 # and pasted from) browser Location bars.
417 redirect_to strip_token_from_path(request.fullpath)
421 logger.debug "No token received, session is #{session.inspect}"
424 # With setup done, handle the request using the session token.
425 Thread.current[:arvados_api_token] = session[:arvados_api_token]
428 rescue ArvadosApiClient::NotLoggedInException
429 # If we got this error with a token, it must've expired.
430 # Retry the request without a token.
431 unless Thread.current[:arvados_api_token].nil?
432 Thread.current[:arvados_api_token] = nil
437 # Remove token in case this Thread is used for anything else.
438 Thread.current[:arvados_api_token] = nil
442 # Reroute this request if an API token is unavailable.
443 def require_thread_api_token
444 if Thread.current[:arvados_api_token]
446 elsif session[:arvados_api_token]
447 # Expired session. Clear it before refreshing login so that,
448 # if this login procedure fails, we end up showing the "please
449 # log in" page instead of getting stuck in a redirect loop.
450 session.delete :arvados_api_token
453 render 'users/welcome'
459 Link.where(uuid: 'just-verifying-my-api-token')
461 rescue ArvadosApiClient::NotLoggedInException
466 def permit_anonymous_browsing_if_no_thread_token
467 if !Thread.current[:arvados_api_token] && !params[:api_token] && !session[:arvados_api_token]
468 params[:api_token] = Rails.configuration.anonymous_user_token
472 def permit_anonymous_browsing_for_inactive_user
473 anonymous_user_token = Rails.configuration.anonymous_user_token
474 if !anonymous_user_token
475 Thread.current[:arvados_anonymous_api_token] = nil
479 if current_user && !current_user.andand.is_active
480 previous_api_token = Thread.current[:arvados_api_token]
481 if anonymous_user_token != previous_api_token
482 Thread.current[:arvados_api_token] = anonymous_user_token
483 valid_anonymous_token = verify_api_token
484 if valid_anonymous_token
485 Thread.current[:arvados_anonymous_api_token] = anonymous_user_token
487 Thread.current[:arvados_anonymous_api_token] = nil
489 Thread.current[:arvados_api_token] = previous_api_token
492 Thread.current[:arvados_anonymous_api_token] = anonymous_user_token
497 def ensure_current_user_is_admin
498 unless current_user and current_user.is_admin
499 @errors = ['Permission denied']
500 self.render_error status: 401
504 def check_user_agreements
505 return if Thread.current[:arvados_anonymous_api_token]
507 if current_user && !current_user.is_active
508 if not current_user.is_invited
509 return render 'users/inactive'
512 check_user_agreements_signatures true
513 if !current_user.is_active
514 render 'user_agreements/index'
520 helper_method :check_user_agreements_signatures
521 def check_user_agreements_signatures try_to_activate
522 signatures = UserAgreement.signatures
523 @signed_ua_uuids = UserAgreement.signatures.map &:head_uuid
524 @required_user_agreements = UserAgreement.all.map do |ua|
525 if not @signed_ua_uuids.index ua.uuid
526 Collection.find(ua.uuid)
529 if @required_user_agreements.empty? && try_to_activate
530 # No agreements to sign. Perhaps we just need to ask?
531 current_user.activate
532 if !current_user.is_active
533 logger.warn "#{current_user.uuid.inspect}: " +
534 "No user agreements to sign, but activate failed!"
537 @required_user_agreements
541 return Rails.configuration.arvados_theme
544 @@notification_tests = []
546 @@notification_tests.push lambda { |controller, current_user|
547 AuthorizedKey.limit(1).where(authorized_user_uuid: current_user.uuid).each do
550 return lambda { |view|
551 view.render partial: 'notifications/ssh_key_notification'
555 #@@notification_tests.push lambda { |controller, current_user|
556 # Job.limit(1).where(created_by: current_user.uuid).each do
559 # return lambda { |view|
560 # view.render partial: 'notifications/jobs_notification'
564 @@notification_tests.push lambda { |controller, current_user|
565 Collection.limit(1).where(created_by: current_user.uuid).each do
568 return lambda { |view|
569 view.render partial: 'notifications/collections_notification'
573 @@notification_tests.push lambda { |controller, current_user|
574 PipelineInstance.limit(1).where(created_by: current_user.uuid).each do
577 return lambda { |view|
578 view.render partial: 'notifications/pipelines_notification'
582 def check_user_notifications
583 return if params['tab_pane']
585 @notification_count = 0
589 @showallalerts = false
590 @@notification_tests.each do |t|
591 a = t.call(self, current_user)
593 @notification_count += 1
594 @notifications.push a
599 if @notification_count == 0
600 @notification_count = ''
604 helper_method :all_projects
606 @all_projects ||= Group.
607 filter([['group_class','in',['project','folder']]]).order('name')
610 helper_method :my_projects
612 return @my_projects if @my_projects
615 all_projects.each do |g|
616 root_of[g.uuid] = g.owner_uuid
622 root_of = root_of.each_with_object({}) do |(child, parent), h|
624 h[child] = root_of[parent]
631 @my_projects = @my_projects.select do |g|
632 root_of[g.uuid] == current_user.uuid
636 helper_method :projects_shared_with_me
637 def projects_shared_with_me
638 my_project_uuids = my_projects.collect &:uuid
639 all_projects.reject { |x| x.uuid.in? my_project_uuids }
642 helper_method :recent_jobs_and_pipelines
643 def recent_jobs_and_pipelines
645 PipelineInstance.limit(10)).
647 x.finished_at || x.started_at || x.created_at rescue x.created_at
651 helper_method :my_project_tree
657 helper_method :shared_project_tree
658 def shared_project_tree
663 def build_project_trees
664 return if @my_project_tree and @shared_project_tree
665 parent_of = {current_user.uuid => 'me'}
666 all_projects.each do |ob|
667 parent_of[ob.uuid] = ob.owner_uuid
669 children_of = {false => [], 'me' => [current_user]}
670 all_projects.each do |ob|
671 if ob.owner_uuid != current_user.uuid and
672 not parent_of.has_key? ob.owner_uuid
673 parent_of[ob.uuid] = false
675 children_of[parent_of[ob.uuid]] ||= []
676 children_of[parent_of[ob.uuid]] << ob
678 buildtree = lambda do |children_of, root_uuid=false|
680 children_of[root_uuid].andand.each do |ob|
681 tree[ob] = buildtree.call(children_of, ob.uuid)
685 sorted_paths = lambda do |tree, depth=0|
687 tree.keys.sort_by { |ob|
688 ob.is_a?(String) ? ob : ob.friendly_link_name
690 paths << {object: ob, depth: depth}
691 paths += sorted_paths.call tree[ob], depth+1
696 sorted_paths.call buildtree.call(children_of, 'me')
697 @shared_project_tree =
698 sorted_paths.call({'Shared with me' =>
699 buildtree.call(children_of, false)})
702 helper_method :get_object
704 if @get_object.nil? and @objects
705 @get_object = @objects.each_with_object({}) do |object, h|
706 h[object.uuid] = object
713 helper_method :project_breadcrumbs
714 def project_breadcrumbs
716 current = @name_link || @object
718 if current.is_a?(Group) and current.group_class.in?(['project','folder'])
719 crumbs.prepend current
721 if current.is_a? Link
722 current = Group.find?(current.tail_uuid)
724 current = Group.find?(current.owner_uuid)
730 helper_method :current_project_uuid
731 def current_project_uuid
732 if @object.is_a? Group and @object.group_class.in?(['project','folder'])
734 elsif @name_link.andand.tail_uuid
736 elsif @object and resource_class_for_uuid(@object.owner_uuid) == Group
743 # helper method to get links for given object or uuid
744 helper_method :links_for_object
745 def links_for_object object_or_uuid
746 raise ArgumentError, 'No input argument' unless object_or_uuid
747 preload_links_for_objects([object_or_uuid])
748 uuid = object_or_uuid.is_a?(String) ? object_or_uuid : object_or_uuid.uuid
749 @all_links_for[uuid] ||= []
752 # helper method to preload links for given objects and uuids
753 helper_method :preload_links_for_objects
754 def preload_links_for_objects objects_and_uuids
755 @all_links_for ||= {}
757 raise ArgumentError, 'Argument is not an array' unless objects_and_uuids.is_a? Array
758 return @all_links_for if objects_and_uuids.empty?
760 uuids = objects_and_uuids.collect { |x| x.is_a?(String) ? x : x.uuid }
762 # if already preloaded for all of these uuids, return
763 if not uuids.select { |x| @all_links_for[x].nil? }.any?
764 return @all_links_for
768 @all_links_for[x] = []
771 # TODO: make sure we get every page of results from API server
772 Link.filter([['head_uuid', 'in', uuids]]).each do |link|
773 @all_links_for[link.head_uuid] << link
778 # helper method to get a certain number of objects of a specific type
779 # this can be used to replace any uses of: "dataclass.limit(n)"
780 helper_method :get_n_objects_of_class
781 def get_n_objects_of_class dataclass, size
782 @objects_map_for ||= {}
784 raise ArgumentError, 'Argument is not a data class' unless dataclass.is_a? Class
785 raise ArgumentError, 'Argument is not a valid limit size' unless (size && size>0)
787 # if the objects_map_for has a value for this dataclass, and the
788 # size used to retrieve those objects is equal, return it
789 size_key = "#{dataclass.name}_size"
790 if @objects_map_for[dataclass.name] && @objects_map_for[size_key] &&
791 (@objects_map_for[size_key] == size)
792 return @objects_map_for[dataclass.name]
795 @objects_map_for[size_key] = size
796 @objects_map_for[dataclass.name] = dataclass.limit(size)
799 # helper method to get collections for the given uuid
800 helper_method :collections_for_object
801 def collections_for_object uuid
802 raise ArgumentError, 'No input argument' unless uuid
803 preload_collections_for_objects([uuid])
804 @all_collections_for[uuid] ||= []
807 # helper method to preload collections for the given uuids
808 helper_method :preload_collections_for_objects
809 def preload_collections_for_objects uuids
810 @all_collections_for ||= {}
812 raise ArgumentError, 'Argument is not an array' unless uuids.is_a? Array
813 return @all_collections_for if uuids.empty?
815 # if already preloaded for all of these uuids, return
816 if not uuids.select { |x| @all_collections_for[x].nil? }.any?
817 return @all_collections_for
821 @all_collections_for[x] = []
824 # TODO: make sure we get every page of results from API server
825 Collection.where(uuid: uuids).each do |collection|
826 @all_collections_for[collection.uuid] << collection
831 # helper method to get log collections for the given log
832 helper_method :log_collections_for_object
833 def log_collections_for_object log
834 raise ArgumentError, 'No input argument' unless log
836 preload_log_collections_for_objects([log])
839 fixup = /([a-f0-9]{32}\+\d+)(\+?.*)/.match(log)
840 if fixup && fixup.size>1
844 @all_log_collections_for[uuid] ||= []
847 # helper method to preload collections for the given uuids
848 helper_method :preload_log_collections_for_objects
849 def preload_log_collections_for_objects logs
850 @all_log_collections_for ||= {}
852 raise ArgumentError, 'Argument is not an array' unless logs.is_a? Array
853 return @all_log_collections_for if logs.empty?
857 fixup = /([a-f0-9]{32}\+\d+)(\+?.*)/.match(log)
858 if fixup && fixup.size>1
865 # if already preloaded for all of these uuids, return
866 if not uuids.select { |x| @all_log_collections_for[x].nil? }.any?
867 return @all_log_collections_for
871 @all_log_collections_for[x] = []
874 # TODO: make sure we get every page of results from API server
875 Collection.where(uuid: uuids).each do |collection|
876 @all_log_collections_for[collection.uuid] << collection
878 @all_log_collections_for
881 # helper method to get object of a given dataclass and uuid
882 helper_method :object_for_dataclass
883 def object_for_dataclass dataclass, uuid
884 raise ArgumentError, 'No input argument dataclass' unless (dataclass && uuid)
885 preload_objects_for_dataclass(dataclass, [uuid])
889 # helper method to preload objects for given dataclass and uuids
890 helper_method :preload_objects_for_dataclass
891 def preload_objects_for_dataclass dataclass, uuids
894 raise ArgumentError, 'Argument is not a data class' unless dataclass.is_a? Class
895 raise ArgumentError, 'Argument is not an array' unless uuids.is_a? Array
897 return @objects_for if uuids.empty?
899 # if already preloaded for all of these uuids, return
900 if not uuids.select { |x| @objects_for[x].nil? }.any?
904 dataclass.where(uuid: uuids).each do |obj|
905 @objects_for[obj.uuid] = obj
910 helper_method :is_anonymous
912 return Rails.configuration.anonymous_user_token && (Thread.current[:arvados_anonymous_api_token] == Thread.current[:arvados_api_token])
915 helper_method :anonymous_browsing_enabled
916 def anonymous_browsing_enabled
917 # to avoid the case where bogus anonymous token is configured,
918 # safer to check this object which is set after token verification
919 return Thread.current[:arvados_anonymous_api_token] && Rails.configuration.anonymous_user_token