services/api/lib/current_api_client.rb

   1 module CurrentApiClient
   2   def current_user
   3     Thread.current[:user]
   4   end
   5
   6   def current_api_client
   7     Thread.current[:api_client]
   8   end
   9
  10   def current_api_client_authorization
  11     Thread.current[:api_client_authorization]
  12   end
  13
  14   def current_api_base
  15     Thread.current[:api_url_base]
  16   end
  17
  18   def current_default_owner
  19     # owner_uuid for newly created objects
  20     ((current_api_client_authorization &&
  21       current_api_client_authorization.default_owner_uuid) ||
  22      (current_user && current_user.default_owner_uuid) ||
  23      (current_user && current_user.uuid) ||
  24      nil)
  25   end
  26
  27   # Where is the client connecting from?
  28   def current_api_client_ip_address
  29     Thread.current[:api_client_ip_address]
  30   end
  31
  32   def system_user_uuid
  33     [Server::Application.config.uuid_prefix,
  34      User.uuid_prefix,
  35      '000000000000000'].join('-')
  36   end
  37
  38   def system_group_uuid
  39     [Server::Application.config.uuid_prefix,
  40      Group.uuid_prefix,
  41      '000000000000000'].join('-')
  42   end
  43
  44   def anonymous_group_uuid
  45     [Server::Application.config.uuid_prefix,
  46      Group.uuid_prefix,
  47      'anonymouspublic'].join('-')
  48   end
  49
  50   def anonymous_user_uuid
  51     [Server::Application.config.uuid_prefix,
  52      User.uuid_prefix,
  53      'anonymouspublic'].join('-')
  54   end
  55
  56   def system_user
  57     if not $system_user
  58       real_current_user = Thread.current[:user]
  59       Thread.current[:user] = User.new(is_admin: true,
  60                                        is_active: true,
  61                                        uuid: system_user_uuid)
  62       $system_user = User.where('uuid=?', system_user_uuid).first
  63       if !$system_user
  64         $system_user = User.new(uuid: system_user_uuid,
  65                                 is_active: true,
  66                                 is_admin: true,
  67                                 email: 'root',
  68                                 first_name: 'root',
  69                                 last_name: '')
  70         $system_user.save!
  71         $system_user.reload
  72       end
  73       Thread.current[:user] = real_current_user
  74     end
  75     $system_user
  76   end
  77
  78   def system_group
  79     if not $system_group
  80       act_as_system_user do
  81         ActiveRecord::Base.transaction do
  82           $system_group = Group.
  83             where(uuid: system_group_uuid).first_or_create do |g|
  84             g.update_attributes(name: "System group",
  85                                 description: "System group")
  86             User.all.collect(&:uuid).each do |user_uuid|
  87               Link.create(link_class: 'permission',
  88                           name: 'can_manage',
  89                           tail_kind: 'arvados#group',
  90                           tail_uuid: system_group_uuid,
  91                           head_kind: 'arvados#user',
  92                           head_uuid: user_uuid)
  93             end
  94           end
  95         end
  96       end
  97     end
  98     $system_group
  99   end
 100
 101   def act_as_system_user
 102     if block_given?
 103       user_was = Thread.current[:user]
 104       Thread.current[:user] = system_user
 105       begin
 106         yield
 107       ensure
 108         Thread.current[:user] = user_was
 109       end
 110     else
 111       Thread.current[:user] = system_user
 112     end
 113   end
 114
 115   def anonymous_group
 116     if not $anonymous_group
 117       act_as_system_user do
 118         ActiveRecord::Base.transaction do
 119           $anonymous_group = Group.
 120           where(uuid: anonymous_group_uuid).first_or_create do |g|
 121             g.update_attributes(name: "Anonymous group",
 122                                 description: "Anonymous group")
 123           end
 124         end
 125       end
 126     end
 127     $anonymous_group
 128   end
 129
 130   def anonymous_user
 131     if not $anonymous_user
 132       act_as_system_user do
 133         $anonymous_user = User.where('uuid=?', anonymous_user_uuid).first
 134         if !$anonymous_user
 135           $anonymous_user = User.new(uuid: anonymous_user_uuid,
 136                                      is_active: false,
 137                                      is_admin: false,
 138                                      email: 'anonymouspublic',
 139                                      first_name: 'anonymouspublic',
 140                                      last_name: 'anonymouspublic')
 141           $anonymous_user.save!
 142           $anonymous_user.reload
 143
 144           group_perms = Link.where(tail_uuid: anonymous_user_uuid,
 145                                    head_uuid: anonymous_group_uuid,
 146                                    link_class: 'permission',
 147                                    name: 'can_read')
 148
 149           if !group_perms.any?
 150             group_perm = Link.create(tail_uuid: anonymous_user_uuid,
 151                                    head_uuid: anonymous_group_uuid,
 152                                    link_class: 'permission',
 153                                    name: 'can_read')
 154           end
 155         end
 156       end
 157     end
 158     $anonymous_user
 159   end
 160
 161 end