18004: Fixes a couple of race condition bugs related to caching remote users.
[arvados.git] / services / api / app / controllers / arvados / v1 / healthcheck_controller.rb
1 # Copyright (C) The Arvados Authors. All rights reserved.
2 #
3 # SPDX-License-Identifier: AGPL-3.0
4
5 class Arvados::V1::HealthcheckController < ApplicationController
6   skip_before_action :catch_redirect_hint
7   skip_before_action :find_objects_for_index
8   skip_before_action :find_object_by_uuid
9   skip_before_action :load_filters_param
10   skip_before_action :load_limit_offset_order_params
11   skip_before_action :load_read_auths
12   skip_before_action :load_where_param
13   skip_before_action :render_404_if_no_object
14   skip_before_action :require_auth_scope
15
16   before_action :check_auth_header
17
18   def check_auth_header
19     mgmt_token = Rails.configuration.ManagementToken
20     auth_header = request.headers['Authorization']
21
22     if mgmt_token == ""
23       send_json ({"errors" => "disabled"}), status: 404
24     elsif !auth_header
25       send_json ({"errors" => "authorization required"}), status: 401
26     elsif auth_header != 'Bearer '+mgmt_token
27       send_json ({"errors" => "authorization error"}), status: 403
28     end
29   end
30
31   def ping
32     resp = {"health" => "OK"}
33     send_json resp
34   end
35 end