apps/workbench/app/controllers/collections_controller.rb

   1 require "arvados/keep"
   2
   3 class CollectionsController < ApplicationController
   4   include ActionController::Live
   5
   6   skip_around_filter :require_thread_api_token, if: proc { |ctrl|
   7     Rails.configuration.anonymous_user_token and
   8     'show' == ctrl.action_name
   9   }
  10   skip_around_filter(:require_thread_api_token,
  11                      only: [:show_file, :show_file_links])
  12   skip_before_filter(:find_object_by_uuid,
  13                      only: [:provenance, :show_file, :show_file_links])
  14   # We depend on show_file to display the user agreement:
  15   skip_before_filter :check_user_agreements, only: :show_file
  16   skip_before_filter :check_user_profile, only: :show_file
  17
  18   RELATION_LIMIT = 5
  19
  20   def show_pane_list
  21     panes = %w(Files Upload Provenance_graph Used_by Advanced)
  22     panes = panes - %w(Upload) unless (@object.editable? rescue false)
  23     panes
  24   end
  25
  26   def set_persistent
  27     case params[:value]
  28     when 'persistent', 'cache'
  29       persist_links = Link.filter([['owner_uuid', '=', current_user.uuid],
  30                                    ['link_class', '=', 'resources'],
  31                                    ['name', '=', 'wants'],
  32                                    ['tail_uuid', '=', current_user.uuid],
  33                                    ['head_uuid', '=', @object.uuid]])
  34       logger.debug persist_links.inspect
  35     else
  36       return unprocessable "Invalid value #{value.inspect}"
  37     end
  38     if params[:value] == 'persistent'
  39       if not persist_links.any?
  40         Link.create(link_class: 'resources',
  41                     name: 'wants',
  42                     tail_uuid: current_user.uuid,
  43                     head_uuid: @object.uuid)
  44       end
  45     else
  46       persist_links.each do |link|
  47         link.destroy || raise
  48       end
  49     end
  50
  51     respond_to do |f|
  52       f.json { render json: @object }
  53     end
  54   end
  55
  56   def index
  57     # API server index doesn't return manifest_text by default, but our
  58     # callers want it unless otherwise specified.
  59     @select ||= Collection.columns.map(&:name)
  60     base_search = Collection.select(@select)
  61     if params[:search].andand.length.andand > 0
  62       tags = Link.where(any: ['contains', params[:search]])
  63       @objects = (base_search.where(uuid: tags.collect(&:head_uuid)) |
  64                       base_search.where(any: ['contains', params[:search]])).
  65         uniq { |c| c.uuid }
  66     else
  67       if params[:limit]
  68         limit = params[:limit].to_i
  69       else
  70         limit = 100
  71       end
  72
  73       if params[:offset]
  74         offset = params[:offset].to_i
  75       else
  76         offset = 0
  77       end
  78
  79       @objects = base_search.limit(limit).offset(offset)
  80     end
  81     @links = Link.where(head_uuid: @objects.collect(&:uuid))
  82     @collection_info = {}
  83     @objects.each do |c|
  84       @collection_info[c.uuid] = {
  85         tag_links: [],
  86         wanted: false,
  87         wanted_by_me: false,
  88         provenance: [],
  89         links: []
  90       }
  91     end
  92     @links.each do |link|
  93       @collection_info[link.head_uuid] ||= {}
  94       info = @collection_info[link.head_uuid]
  95       case link.link_class
  96       when 'tag'
  97         info[:tag_links] << link
  98       when 'resources'
  99         info[:wanted] = true
 100         info[:wanted_by_me] ||= link.tail_uuid == current_user.uuid
 101       when 'provenance'
 102         info[:provenance] << link.name
 103       end
 104       info[:links] << link
 105     end
 106     @request_url = request.url
 107
 108     render_index
 109   end
 110
 111   def show_file_links
 112     Thread.current[:reader_tokens] = [params[:reader_token]]
 113     return if false.equal?(find_object_by_uuid)
 114     render layout: false
 115   end
 116
 117   def show_file
 118     # We pipe from arv-get to send the file to the user.  Before we start it,
 119     # we ask the API server if the file actually exists.  This serves two
 120     # purposes: it lets us return a useful status code for common errors, and
 121     # helps us figure out which token to provide to arv-get.
 122     coll = nil
 123     tokens = [Thread.current[:arvados_api_token],
 124               params[:reader_token],
 125               (Rails.configuration.anonymous_user_token || nil)].compact
 126     usable_token = find_usable_token(tokens) do
 127       coll = Collection.find(params[:uuid])
 128     end
 129
 130     file_name = params[:file].andand.sub(/^(\.\/|\/|)/, './')
 131     if usable_token.nil?
 132       return  # Response already rendered.
 133     elsif file_name.nil? or not coll.manifest.has_file?(file_name)
 134       return render_not_found
 135     end
 136
 137     opts = params.merge(arvados_api_token: usable_token)
 138
 139     # Handle Range requests. Currently we support only 'bytes=0-....'
 140     if request.headers.include? 'HTTP_RANGE'
 141       if m = /^bytes=0-(\d+)/.match(request.headers['HTTP_RANGE'])
 142         opts[:maxbytes] = m[1]
 143         size = params[:size] || '*'
 144         self.response.status = 206
 145         self.response.headers['Content-Range'] = "bytes 0-#{m[1]}/#{size}"
 146       end
 147     end
 148
 149     ext = File.extname(params[:file])
 150     self.response.headers['Content-Type'] =
 151       Rack::Mime::MIME_TYPES[ext] || 'application/octet-stream'
 152     if params[:size]
 153       size = params[:size].to_i
 154       if opts[:maxbytes]
 155         size = [size, opts[:maxbytes].to_i].min
 156       end
 157       self.response.headers['Content-Length'] = size.to_s
 158     end
 159     self.response.headers['Content-Disposition'] = params[:disposition] if params[:disposition]
 160     begin
 161       file_enumerator(opts).each do |bytes|
 162         response.stream.write bytes
 163       end
 164     ensure
 165       response.stream.close
 166     end
 167   end
 168
 169   def sharing_scopes
 170     ["GET /arvados/v1/collections/#{@object.uuid}", "GET /arvados/v1/collections/#{@object.uuid}/", "GET /arvados/v1/keep_services/accessible"]
 171   end
 172
 173   def search_scopes
 174     begin
 175       ApiClientAuthorization.filter([['scopes', '=', sharing_scopes]]).results
 176     rescue ArvadosApiClient::AccessForbiddenException
 177       nil
 178     end
 179   end
 180
 181   def find_object_by_uuid
 182     if not Keep::Locator.parse params[:id]
 183       super
 184     end
 185   end
 186
 187   def show
 188     return super if !@object
 189
 190     @logs = []
 191
 192     if params["tab_pane"] == "Provenance_graph"
 193       @prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg",
 194                                                             {:request => request,
 195                                                              :direction => :bottom_up,
 196                                                              :combine_jobs => :script_only}) rescue nil
 197     end
 198
 199     if current_user
 200       if Keep::Locator.parse params["uuid"]
 201         @same_pdh = Collection.filter([["portable_data_hash", "=", @object.portable_data_hash]]).limit(20)
 202         if @same_pdh.results.size == 1
 203           redirect_to collection_path(@same_pdh[0]["uuid"])
 204           return
 205         end
 206         owners = @same_pdh.map(&:owner_uuid).to_a.uniq
 207         preload_objects_for_dataclass Group, owners
 208         preload_objects_for_dataclass User, owners
 209         uuids = @same_pdh.map(&:uuid).to_a.uniq
 210         preload_links_for_objects uuids
 211         render 'hash_matches'
 212         return
 213       else
 214         jobs_with = lambda do |conds|
 215           Job.limit(RELATION_LIMIT).where(conds)
 216             .results.sort_by { |j| j.finished_at || j.created_at }
 217         end
 218         @output_of = jobs_with.call(output: @object.portable_data_hash)
 219         @log_of = jobs_with.call(log: @object.portable_data_hash)
 220         @project_links = Link.limit(RELATION_LIMIT).order("modified_at DESC")
 221           .where(head_uuid: @object.uuid, link_class: 'name').results
 222         project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).to_hash
 223         @projects = project_hash.values
 224
 225         @permissions = Link.limit(RELATION_LIMIT).order("modified_at DESC")
 226           .where(head_uuid: @object.uuid, link_class: 'permission',
 227                  name: 'can_read').results
 228         @logs = Log.limit(RELATION_LIMIT).order("created_at DESC")
 229           .select(%w(uuid event_type object_uuid event_at summary))
 230           .where(object_uuid: @object.uuid).results
 231         @is_persistent = Link.limit(1)
 232           .where(head_uuid: @object.uuid, tail_uuid: current_user.uuid,
 233                  link_class: 'resources', name: 'wants')
 234           .results.any?
 235         @search_sharing = search_scopes
 236
 237         if params["tab_pane"] == "Used_by"
 238           @used_by_svg = ProvenanceHelper::create_provenance_graph(@object.used_by, "used_by_svg",
 239                                                                    {:request => request,
 240                                                                      :direction => :top_down,
 241                                                                      :combine_jobs => :script_only,
 242                                                                      :pdata_only => true}) rescue nil
 243         end
 244       end
 245     end
 246     super
 247   end
 248
 249   def sharing_popup
 250     @search_sharing = search_scopes
 251     render("sharing_popup.js", content_type: "text/javascript")
 252   end
 253
 254   helper_method :download_link
 255
 256   def download_link
 257     collections_url + "/download/#{@object.uuid}/#{@search_sharing.first.api_token}/"
 258   end
 259
 260   def share
 261     ApiClientAuthorization.create(scopes: sharing_scopes)
 262     sharing_popup
 263   end
 264
 265   def unshare
 266     search_scopes.each do |s|
 267       s.destroy
 268     end
 269     sharing_popup
 270   end
 271
 272   def update
 273     @updates ||= params[@object.resource_param_name.to_sym]
 274     if @updates && (@updates.keys - ["name", "description"]).empty?
 275       # exclude manifest_text since only name or description is being updated
 276       @object.manifest_text = nil
 277     end
 278     super
 279   end
 280
 281   protected
 282
 283   def find_usable_token(token_list)
 284     # Iterate over every given token to make it the current token and
 285     # yield the given block.
 286     # If the block succeeds, return the token it used.
 287     # Otherwise, render an error response based on the most specific
 288     # error we encounter, and return nil.
 289     most_specific_error = [401]
 290     token_list.each do |api_token|
 291       begin
 292         # We can't load the corresponding user, because the token may not
 293         # be scoped for that.
 294         using_specific_api_token(api_token, load_user: false) do
 295           yield
 296           return api_token
 297         end
 298       rescue ArvadosApiClient::ApiError => error
 299         if error.api_status >= most_specific_error.first
 300           most_specific_error = [error.api_status, error]
 301         end
 302       end
 303     end
 304     case most_specific_error.shift
 305     when 401, 403
 306       redirect_to_login
 307     when 404
 308       render_not_found(*most_specific_error)
 309     end
 310     return nil
 311   end
 312
 313   # Note: several controller and integration tests rely on stubbing
 314   # file_enumerator to return fake file content.
 315   def file_enumerator opts
 316     FileStreamer.new opts
 317   end
 318
 319   class FileStreamer
 320     include ArvadosApiClientHelper
 321     def initialize(opts={})
 322       @opts = opts
 323     end
 324     def each
 325       return unless @opts[:uuid] && @opts[:file]
 326
 327       env = Hash[ENV].dup
 328
 329       require 'uri'
 330       u = URI.parse(arvados_api_client.arvados_v1_base)
 331       env['ARVADOS_API_HOST'] = "#{u.host}:#{u.port}"
 332       env['ARVADOS_API_TOKEN'] = @opts[:arvados_api_token]
 333       env['ARVADOS_API_HOST_INSECURE'] = "true" if Rails.configuration.arvados_insecure_https
 334
 335       bytesleft = @opts[:maxbytes].andand.to_i || 2**16
 336       io = IO.popen([env, 'arv-get', "#{@opts[:uuid]}/#{@opts[:file]}"], 'rb')
 337       while bytesleft > 0 && (buf = io.read([bytesleft, 2**16].min)) != nil
 338         # shrink the bytesleft count, if we were given a maximum byte
 339         # count to read
 340         if @opts.include? :maxbytes
 341           bytesleft = bytesleft - buf.length
 342         end
 343         yield buf
 344       end
 345       io.close
 346       # "If ios is opened by IO.popen, close sets $?."
 347       # http://www.ruby-doc.org/core-2.1.3/IO.html#method-i-close
 348       Rails.logger.warn("#{@opts[:uuid]}/#{@opts[:file]}: #{$?}") if $? != 0
 349     end
 350   end
 351 end