services/api/lib/current_api_client.rb

   1 module CurrentApiClient
   2   def current_user
   3     Thread.current[:user]
   4   end
   5
   6   def current_api_client
   7     Thread.current[:api_client]
   8   end
   9
  10   def current_api_client_authorization
  11     Thread.current[:api_client_authorization]
  12   end
  13
  14   def current_api_base
  15     Thread.current[:api_url_base]
  16   end
  17
  18   def current_default_owner
  19     # owner_uuid for newly created objects
  20     ((current_api_client_authorization &&
  21       current_api_client_authorization.default_owner_uuid) ||
  22      (current_user && current_user.default_owner_uuid) ||
  23      (current_user && current_user.uuid) ||
  24      nil)
  25   end
  26
  27   # Where is the client connecting from?
  28   def current_api_client_ip_address
  29     Thread.current[:api_client_ip_address]
  30   end
  31
  32   def system_user_uuid
  33     [Server::Application.config.uuid_prefix,
  34      User.uuid_prefix,
  35      '000000000000000'].join('-')
  36   end
  37
  38   def system_group_uuid
  39     [Server::Application.config.uuid_prefix,
  40      Group.uuid_prefix,
  41      '000000000000000'].join('-')
  42   end
  43
  44   def anonymous_group_uuid
  45     [Server::Application.config.uuid_prefix,
  46      Group.uuid_prefix,
  47      'anonymouspublic'].join('-')
  48   end
  49
  50   def anonymous_user_uuid
  51     [Server::Application.config.uuid_prefix,
  52      User.uuid_prefix,
  53      'anonymouspublic'].join('-')
  54   end
  55
  56   def system_user
  57     if not $system_user
  58       real_current_user = Thread.current[:user]
  59       Thread.current[:user] = User.new(is_admin: true,
  60                                        is_active: true,
  61                                        uuid: system_user_uuid)
  62       $system_user = User.where('uuid=?', system_user_uuid).first
  63       if !$system_user
  64         $system_user = User.new(uuid: system_user_uuid,
  65                                 is_active: true,
  66                                 is_admin: true,
  67                                 email: 'root',
  68                                 first_name: 'root',
  69                                 last_name: '')
  70         $system_user.save!
  71         $system_user.reload
  72       end
  73       Thread.current[:user] = real_current_user
  74     end
  75     $system_user
  76   end
  77
  78   def system_group
  79     if not $system_group
  80       act_as_system_user do
  81         ActiveRecord::Base.transaction do
  82           $system_group = Group.
  83             where(uuid: system_group_uuid).first_or_create do |g|
  84             g.update_attributes(name: "System group",
  85                                 description: "System group")
  86             User.all.collect(&:uuid).each do |user_uuid|
  87               Link.create(link_class: 'permission',
  88                           name: 'can_manage',
  89                           tail_kind: 'arvados#group',
  90                           tail_uuid: system_group_uuid,
  91                           head_kind: 'arvados#user',
  92                           head_uuid: user_uuid)
  93             end
  94           end
  95         end
  96       end
  97     end
  98     $system_group
  99   end
 100
 101   def all_users_group_uuid
 102     [Server::Application.config.uuid_prefix,
 103      Group.uuid_prefix,
 104      'fffffffffffffff'].join('-')
 105   end
 106
 107   def all_users_group
 108     if not $all_users_group
 109       act_as_system_user do
 110         ActiveRecord::Base.transaction do
 111           $all_users_group = Group.
 112             where(uuid: all_users_group_uuid).first_or_create do |g|
 113             g.update_attributes(name: "All users",
 114                                 description: "All users",
 115                                 group_class: "role")
 116           end
 117         end
 118       end
 119     end
 120     $all_users_group
 121   end
 122
 123   def act_as_system_user
 124     if block_given?
 125       act_as_user system_user do
 126         yield
 127       end
 128     else
 129       Thread.current[:user] = system_user
 130     end
 131   end
 132
 133   def act_as_user user
 134     user_was = Thread.current[:user]
 135     Thread.current[:user] = user
 136     begin
 137       yield
 138     ensure
 139       Thread.current[:user] = user_was
 140     end
 141   end
 142
 143   def anonymous_group
 144     if not $anonymous_group
 145       act_as_system_user do
 146         ActiveRecord::Base.transaction do
 147           $anonymous_group = Group.
 148           where(uuid: anonymous_group_uuid).first_or_create do |g|
 149             g.update_attributes(name: "Anonymous group",
 150                                 description: "Anonymous group")
 151           end
 152         end
 153       end
 154     end
 155     $anonymous_group
 156   end
 157
 158   def anonymous_user
 159     if not $anonymous_user
 160       act_as_system_user do
 161         $anonymous_user = User.where('uuid=?', anonymous_user_uuid).first
 162         if !$anonymous_user
 163           $anonymous_user = User.new(uuid: anonymous_user_uuid,
 164                                      is_active: false,
 165                                      is_admin: false,
 166                                      email: 'anonymouspublic',
 167                                      first_name: 'anonymouspublic',
 168                                      last_name: 'anonymouspublic')
 169           $anonymous_user.save!
 170           $anonymous_user.reload
 171         end
 172
 173         group_perms = Link.where(tail_uuid: anonymous_user_uuid,
 174                                  head_uuid: anonymous_group_uuid,
 175                                  link_class: 'permission',
 176                                  name: 'can_read')
 177
 178         if !group_perms.any?
 179           group_perm = Link.create!(tail_uuid: anonymous_user_uuid,
 180                                     head_uuid: anonymous_group_uuid,
 181                                     link_class: 'permission',
 182                                     name: 'can_read')
 183         end
 184       end
 185     end
 186     $anonymous_user
 187   end
 188
 189   def empty_collection_uuid
 190     'd41d8cd98f00b204e9800998ecf8427e+0'
 191   end
 192
 193   def empty_collection
 194     if not $empty_collection
 195       act_as_system_user do
 196         ActiveRecord::Base.transaction do
 197           $empty_collection = Collection.
 198             where(portable_data_hash: empty_collection_uuid).
 199             first_or_create!(manifest_text: '', owner_uuid: anonymous_group.uuid)
 200         end
 201       end
 202     end
 203     $empty_collection
 204   end
 205 end