projects / arvados.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch '8177-keep-web-trust-all-content-flag' closes #8177
[arvados.git] / apps / workbench / app / controllers / collections_controller.rb
1 require "arvados/keep"
2 require "uri"
3
4 class CollectionsController < ApplicationController
5   include ActionController::Live
6
7   skip_around_filter :require_thread_api_token, if: proc { |ctrl|
8     Rails.configuration.anonymous_user_token and
9     'show' == ctrl.action_name
10   }
11   skip_around_filter(:require_thread_api_token,
12                      only: [:show_file, :show_file_links])
13   skip_before_filter(:find_object_by_uuid,
14                      only: [:provenance, :show_file, :show_file_links])
15   # We depend on show_file to display the user agreement:
16   skip_before_filter :check_user_agreements, only: :show_file
17   skip_before_filter :check_user_profile, only: :show_file
18
19   RELATION_LIMIT = 5
20
21   def show_pane_list
22     panes = %w(Files Upload Provenance_graph Used_by Advanced)
23     panes = panes - %w(Upload) unless (@object.editable? rescue false)
24     panes
25   end
26
27   def set_persistent
28     case params[:value]
29     when 'persistent', 'cache'
30       persist_links = Link.filter([['owner_uuid', '=', current_user.uuid],
31                                    ['link_class', '=', 'resources'],
32                                    ['name', '=', 'wants'],
33                                    ['tail_uuid', '=', current_user.uuid],
34                                    ['head_uuid', '=', @object.uuid]])
35       logger.debug persist_links.inspect
36     else
37       return unprocessable "Invalid value #{value.inspect}"
38     end
39     if params[:value] == 'persistent'
40       if not persist_links.any?
41         Link.create(link_class: 'resources',
42                     name: 'wants',
43                     tail_uuid: current_user.uuid,
44                     head_uuid: @object.uuid)
45       end
46     else
47       persist_links.each do |link|
48         link.destroy || raise
49       end
50     end
51
52     respond_to do |f|
53       f.json { render json: @object }
54     end
55   end
56
57   def index
58     # API server index doesn't return manifest_text by default, but our
59     # callers want it unless otherwise specified.
60     @select ||= Collection.columns.map(&:name)
61     base_search = Collection.select(@select)
62     if params[:search].andand.length.andand > 0
63       tags = Link.where(any: ['contains', params[:search]])
64       @objects = (base_search.where(uuid: tags.collect(&:head_uuid)) |
65                       base_search.where(any: ['contains', params[:search]])).
66         uniq { |c| c.uuid }
67     else
68       if params[:limit]
69         limit = params[:limit].to_i
70       else
71         limit = 100
72       end
73
74       if params[:offset]
75         offset = params[:offset].to_i
76       else
77         offset = 0
78       end
79
80       @objects = base_search.limit(limit).offset(offset)
81     end
82     @links = Link.where(head_uuid: @objects.collect(&:uuid))
83     @collection_info = {}
84     @objects.each do |c|
85       @collection_info[c.uuid] = {
86         tag_links: [],
87         wanted: false,
88         wanted_by_me: false,
89         provenance: [],
90         links: []
91       }
92     end
93     @links.each do |link|
94       @collection_info[link.head_uuid] ||= {}
95       info = @collection_info[link.head_uuid]
96       case link.link_class
97       when 'tag'
98         info[:tag_links] << link
99       when 'resources'
100         info[:wanted] = true
101         info[:wanted_by_me] ||= link.tail_uuid == current_user.uuid
102       when 'provenance'
103         info[:provenance] << link.name
104       end
105       info[:links] << link
106     end
107     @request_url = request.url
108
109     render_index
110   end
111
112   def show_file_links
113     Thread.current[:reader_tokens] = [params[:reader_token]]
114     return if false.equal?(find_object_by_uuid)
115     render layout: false
116   end
117
118   def show_file
119     # We pipe from arv-get to send the file to the user.  Before we start it,
120     # we ask the API server if the file actually exists.  This serves two
121     # purposes: it lets us return a useful status code for common errors, and
122     # helps us figure out which token to provide to arv-get.
123     # The order of searched tokens is important: because the anonymous user
124     # token is passed along with every API request, we have to check it first.
125     # Otherwise, it's impossible to know whether any other request succeeded
126     # because of the reader token.
127     coll = nil
128     tokens = [(Rails.configuration.anonymous_user_token || nil),
129               params[:reader_token],
130               Thread.current[:arvados_api_token]].compact
131     usable_token = find_usable_token(tokens) do
132       coll = Collection.find(params[:uuid])
133     end
134     if usable_token.nil?
135       # Response already rendered.
136       return
137     end
138
139     # If we are configured to use a keep-web server, just redirect to
140     # the appropriate URL.
141     if Rails.configuration.keep_web_url or
142         Rails.configuration.keep_web_download_url
143       opts = {}
144       if usable_token == params[:reader_token]
145         opts[:path_token] = usable_token
146       elsif usable_token == Rails.configuration.anonymous_user_token
147         # Don't pass a token at all
148       else
149         # We pass the current user's real token only if it's necessary
150         # to read the collection.
151         opts[:query_token] = usable_token
152       end
153       opts[:disposition] = params[:disposition] if params[:disposition]
154       return redirect_to keep_web_url(params[:uuid], params[:file], opts)
155     end
156
157     # No keep-web server available. Get the file data with arv-get,
158     # and serve it through Rails.
159
160     file_name = params[:file].andand.sub(/^(\.\/|\/|)/, './')
161     if file_name.nil? or not coll.manifest.has_file?(file_name)
162       return render_not_found
163     end
164
165     opts = params.merge(arvados_api_token: usable_token)
166
167     # Handle Range requests. Currently we support only 'bytes=0-....'
168     if request.headers.include? 'HTTP_RANGE'
169       if m = /^bytes=0-(\d+)/.match(request.headers['HTTP_RANGE'])
170         opts[:maxbytes] = m[1]
171         size = params[:size] || '*'
172         self.response.status = 206
173         self.response.headers['Content-Range'] = "bytes 0-#{m[1]}/#{size}"
174       end
175     end
176
177     ext = File.extname(params[:file])
178     self.response.headers['Content-Type'] =
179       Rack::Mime::MIME_TYPES[ext] || 'application/octet-stream'
180     if params[:size]
181       size = params[:size].to_i
182       if opts[:maxbytes]
183         size = [size, opts[:maxbytes].to_i].min
184       end
185       self.response.headers['Content-Length'] = size.to_s
186     end
187     self.response.headers['Content-Disposition'] = params[:disposition] if params[:disposition]
188     begin
189       file_enumerator(opts).each do |bytes|
190         response.stream.write bytes
191       end
192     ensure
193       response.stream.close
194     end
195   end
196
197   def sharing_scopes
198     ["GET /arvados/v1/collections/#{@object.uuid}", "GET /arvados/v1/collections/#{@object.uuid}/", "GET /arvados/v1/keep_services/accessible"]
199   end
200
201   def search_scopes
202     begin
203       ApiClientAuthorization.filter([['scopes', '=', sharing_scopes]]).results
204     rescue ArvadosApiClient::AccessForbiddenException
205       nil
206     end
207   end
208
209   def find_object_by_uuid
210     if not Keep::Locator.parse params[:id]
211       super
212     end
213   end
214
215   def show
216     return super if !@object
217
218     @logs = []
219
220     if params["tab_pane"] == "Provenance_graph"
221       @prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg",
222                                                             {:request => request,
223                                                              :direction => :bottom_up,
224                                                              :combine_jobs => :script_only}) rescue nil
225     end
226
227     if current_user
228       if Keep::Locator.parse params["uuid"]
229         @same_pdh = Collection.filter([["portable_data_hash", "=", @object.portable_data_hash]]).limit(20)
230         if @same_pdh.results.size == 1
231           redirect_to collection_path(@same_pdh[0]["uuid"])
232           return
233         end
234         owners = @same_pdh.map(&:owner_uuid).to_a.uniq
235         preload_objects_for_dataclass Group, owners
236         preload_objects_for_dataclass User, owners
237         uuids = @same_pdh.map(&:uuid).to_a.uniq
238         preload_links_for_objects uuids
239         render 'hash_matches'
240         return
241       else
242         jobs_with = lambda do |conds|
243           Job.limit(RELATION_LIMIT).where(conds)
244             .results.sort_by { |j| j.finished_at || j.created_at }
245         end
246         @output_of = jobs_with.call(output: @object.portable_data_hash)
247         @log_of = jobs_with.call(log: @object.portable_data_hash)
248         @project_links = Link.limit(RELATION_LIMIT).order("modified_at DESC")
249           .where(head_uuid: @object.uuid, link_class: 'name').results
250         project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).to_hash
251         @projects = project_hash.values
252
253         @permissions = Link.limit(RELATION_LIMIT).order("modified_at DESC")
254           .where(head_uuid: @object.uuid, link_class: 'permission',
255                  name: 'can_read').results
256         @logs = Log.limit(RELATION_LIMIT).order("created_at DESC")
257           .select(%w(uuid event_type object_uuid event_at summary))
258           .where(object_uuid: @object.uuid).results
259         @is_persistent = Link.limit(1)
260           .where(head_uuid: @object.uuid, tail_uuid: current_user.uuid,
261                  link_class: 'resources', name: 'wants')
262           .results.any?
263         @search_sharing = search_scopes
264
265         if params["tab_pane"] == "Used_by"
266           @used_by_svg = ProvenanceHelper::create_provenance_graph(@object.used_by, "used_by_svg",
267                                                                    {:request => request,
268                                                                      :direction => :top_down,
269                                                                      :combine_jobs => :script_only,
270                                                                      :pdata_only => true}) rescue nil
271         end
272       end
273     end
274     super
275   end
276
277   def sharing_popup
278     @search_sharing = search_scopes
279     render("sharing_popup.js", content_type: "text/javascript")
280   end
281
282   helper_method :download_link
283
284   def download_link
285     collections_url + "/download/#{@object.uuid}/#{@search_sharing.first.api_token}/"
286   end
287
288   def share
289     ApiClientAuthorization.create(scopes: sharing_scopes)
290     sharing_popup
291   end
292
293   def unshare
294     search_scopes.each do |s|
295       s.destroy
296     end
297     sharing_popup
298   end
299
300   protected
301
302   def find_usable_token(token_list)
303     # Iterate over every given token to make it the current token and
304     # yield the given block.
305     # If the block succeeds, return the token it used.
306     # Otherwise, render an error response based on the most specific
307     # error we encounter, and return nil.
308     most_specific_error = [401]
309     token_list.each do |api_token|
310       begin
311         # We can't load the corresponding user, because the token may not
312         # be scoped for that.
313         using_specific_api_token(api_token, load_user: false) do
314           yield
315           return api_token
316         end
317       rescue ArvadosApiClient::ApiError => error
318         if error.api_status >= most_specific_error.first
319           most_specific_error = [error.api_status, error]
320         end
321       end
322     end
323     case most_specific_error.shift
324     when 401, 403
325       redirect_to_login
326     when 404
327       render_not_found(*most_specific_error)
328     end
329     return nil
330   end
331
332   def keep_web_url(uuid_or_pdh, file, opts)
333     munged_id = uuid_or_pdh.sub('+', '-')
334     fmt = {uuid_or_pdh: munged_id}
335
336     tmpl = Rails.configuration.keep_web_url
337     if Rails.configuration.keep_web_download_url and
338         (!tmpl or opts[:disposition] == 'attachment')
339       # Prefer the attachment-only-host when we want an attachment
340       # (and when there is no preview link configured)
341       tmpl = Rails.configuration.keep_web_download_url
342     elsif not Rails.configuration.trust_all_content
343       check_uri = URI.parse(tmpl % fmt)
344       if opts[:query_token] and
345           not check_uri.host.start_with?(munged_id + "--") and
346           not check_uri.host.start_with?(munged_id + ".")
347         # We're about to pass a token in the query string, but
348         # keep-web can't accept that safely at a single-origin URL
349         # template (unless it's -attachment-only-host).
350         tmpl = Rails.configuration.keep_web_download_url
351         if not tmpl
352           raise ArgumentError, "Download precluded by site configuration"
353         end
354         logger.warn("Using download link, even though inline content " \
355                     "was requested: #{check_uri.to_s}")
356       end
357     end
358
359     if tmpl == Rails.configuration.keep_web_download_url
360       # This takes us to keep-web's -attachment-only-host so there is
361       # no need to add ?disposition=attachment.
362       opts.delete :disposition
363     end
364
365     uri = URI.parse(tmpl % fmt)
366     uri.path += '/' unless uri.path.end_with? '/'
367     if opts[:path_token]
368       uri.path += 't=' + opts[:path_token] + '/'
369     end
370     uri.path += '_/'
371     uri.path += URI.escape(file)
372
373     query = Hash[URI.decode_www_form(uri.query || '')]
374     { query_token: 'api_token',
375       disposition: 'disposition' }.each do |opt, param|
376       if opts.include? opt
377         query[param] = opts[opt]
378       end
379     end
380     unless query.empty?
381       uri.query = URI.encode_www_form(query)
382     end
383
384     uri.to_s
385   end
386
387   # Note: several controller and integration tests rely on stubbing
388   # file_enumerator to return fake file content.
389   def file_enumerator opts
390     FileStreamer.new opts
391   end
392
393   class FileStreamer
394     include ArvadosApiClientHelper
395     def initialize(opts={})
396       @opts = opts
397     end
398     def each
399       return unless @opts[:uuid] && @opts[:file]
400
401       env = Hash[ENV].dup
402
403       require 'uri'
404       u = URI.parse(arvados_api_client.arvados_v1_base)
405       env['ARVADOS_API_HOST'] = "#{u.host}:#{u.port}"
406       env['ARVADOS_API_TOKEN'] = @opts[:arvados_api_token]
407       env['ARVADOS_API_HOST_INSECURE'] = "true" if Rails.configuration.arvados_insecure_https
408
409       bytesleft = @opts[:maxbytes].andand.to_i || 2**16
410       io = IO.popen([env, 'arv-get', "#{@opts[:uuid]}/#{@opts[:file]}"], 'rb')
411       while bytesleft > 0 && (buf = io.read([bytesleft, 2**16].min)) != nil
412         # shrink the bytesleft count, if we were given a maximum byte
413         # count to read
414         if @opts.include? :maxbytes
415           bytesleft = bytesleft - buf.length
416         end
417         yield buf
418       end
419       io.close
420       # "If ios is opened by IO.popen, close sets $?."
421       # http://www.ruby-doc.org/core-2.1.3/IO.html#method-i-close
422       Rails.logger.warn("#{@opts[:uuid]}/#{@opts[:file]}: #{$?}") if $? != 0
423     end
424   end
425 end