projects / arvados.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
5737: Fix some ruby warnings
[arvados.git] / services / api / lib / current_api_client.rb
1 $system_user = nil
2 $system_group = nil
3 $all_users_group = nil
4 $anonymous_user = nil
5 $anonymous_group = nil
6 $anonymous_group_read_permission = nil
7 $empty_collection = nil
8
9 module CurrentApiClient
10   def current_user
11     Thread.current[:user]
12   end
13
14   def current_api_client
15     Thread.current[:api_client]
16   end
17
18   def current_api_client_authorization
19     Thread.current[:api_client_authorization]
20   end
21
22   def current_api_base
23     Thread.current[:api_url_base]
24   end
25
26   def current_default_owner
27     # owner_uuid for newly created objects
28     ((current_api_client_authorization &&
29       current_api_client_authorization.default_owner_uuid) ||
30      (current_user && current_user.default_owner_uuid) ||
31      (current_user && current_user.uuid) ||
32      nil)
33   end
34
35   # Where is the client connecting from?
36   def current_api_client_ip_address
37     Thread.current[:api_client_ip_address]
38   end
39
40   def system_user_uuid
41     [Server::Application.config.uuid_prefix,
42      User.uuid_prefix,
43      '000000000000000'].join('-')
44   end
45
46   def system_group_uuid
47     [Server::Application.config.uuid_prefix,
48      Group.uuid_prefix,
49      '000000000000000'].join('-')
50   end
51
52   def anonymous_group_uuid
53     [Server::Application.config.uuid_prefix,
54      Group.uuid_prefix,
55      'anonymouspublic'].join('-')
56   end
57
58   def anonymous_user_uuid
59     [Server::Application.config.uuid_prefix,
60      User.uuid_prefix,
61      'anonymouspublic'].join('-')
62   end
63
64   def system_user
65     $system_user = check_cache $system_user do
66       real_current_user = Thread.current[:user]
67       begin
68         Thread.current[:user] = User.new(is_admin: true,
69                                          is_active: true,
70                                          uuid: system_user_uuid)
71         User.where(uuid: system_user_uuid).
72           first_or_create!(is_active: true,
73                            is_admin: true,
74                            email: 'root',
75                            first_name: 'root',
76                            last_name: '')
77       ensure
78         Thread.current[:user] = real_current_user
79       end
80     end
81   end
82
83   def system_group
84     $system_group = check_cache $system_group do
85       act_as_system_user do
86         ActiveRecord::Base.transaction do
87           Group.where(uuid: system_group_uuid).
88             first_or_create!(name: "System group",
89                              description: "System group") do |g|
90             g.save!
91             User.all.collect(&:uuid).each do |user_uuid|
92               Link.create!(link_class: 'permission',
93                            name: 'can_manage',
94                            tail_kind: 'arvados#group',
95                            tail_uuid: system_group_uuid,
96                            head_kind: 'arvados#user',
97                            head_uuid: user_uuid)
98             end
99           end
100         end
101       end
102     end
103   end
104
105   def all_users_group_uuid
106     [Server::Application.config.uuid_prefix,
107      Group.uuid_prefix,
108      'fffffffffffffff'].join('-')
109   end
110
111   def all_users_group
112     $all_users_group = check_cache $all_users_group do
113       act_as_system_user do
114         ActiveRecord::Base.transaction do
115           Group.where(uuid: all_users_group_uuid).
116             first_or_create!(name: "All users",
117                              description: "All users",
118                              group_class: "role")
119         end
120       end
121     end
122   end
123
124   def act_as_system_user
125     if block_given?
126       act_as_user system_user do
127         yield
128       end
129     else
130       Thread.current[:user] = system_user
131     end
132   end
133
134   def act_as_user user
135     #auth_was = Thread.current[:api_client_authorization]
136     user_was = Thread.current[:user]
137     Thread.current[:user] = user
138     #Thread.current[:api_client_authorization] = ApiClientAuthorization.
139     #  where('user_id=? and scopes is null', user.id).
140     #  order('expires_at desc').
141     #  first
142     begin
143       yield
144     ensure
145       Thread.current[:user] = user_was
146       #Thread.current[:api_client_authorization] = auth_was
147     end
148   end
149
150   def anonymous_group
151     $anonymous_group = check_cache $anonymous_group do
152       act_as_system_user do
153         ActiveRecord::Base.transaction do
154           Group.where(uuid: anonymous_group_uuid).
155             first_or_create!(group_class: "role",
156                              name: "Anonymous users",
157                              description: "Anonymous users")
158         end
159       end
160     end
161   end
162
163   def anonymous_group_read_permission
164     $anonymous_group_read_permission =
165         check_cache $anonymous_group_read_permission do
166       act_as_system_user do
167         Link.where(tail_uuid: all_users_group.uuid,
168                    head_uuid: anonymous_group.uuid,
169                    link_class: "permission",
170                    name: "can_read").first_or_create!
171       end
172     end
173   end
174
175   def anonymous_user
176     $anonymous_user = check_cache $anonymous_user do
177       act_as_system_user do
178         User.where(uuid: anonymous_user_uuid).
179           first_or_create!(is_active: false,
180                            is_admin: false,
181                            email: 'anonymous',
182                            first_name: 'Anonymous',
183                            last_name: '') do |u|
184           u.save!
185           Link.where(tail_uuid: anonymous_user_uuid,
186                      head_uuid: anonymous_group.uuid,
187                      link_class: 'permission',
188                      name: 'can_read').
189             first_or_create!
190         end
191       end
192     end
193   end
194
195   def empty_collection_uuid
196     'd41d8cd98f00b204e9800998ecf8427e+0'
197   end
198
199   def empty_collection
200     $empty_collection = check_cache $empty_collection do
201       act_as_system_user do
202         ActiveRecord::Base.transaction do
203           Collection.
204             where(portable_data_hash: empty_collection_uuid).
205             first_or_create!(manifest_text: '', owner_uuid: anonymous_group.uuid)
206         end
207       end
208     end
209   end
210
211   private
212
213   # If the given value is nil, or the cache has been cleared since it
214   # was set, yield. Otherwise, return the given value.
215   def check_cache value
216     if not Rails.env.test? and
217         ActionController::Base.cache_store.is_a? ActiveSupport::Cache::FileStore and
218         not File.owned? ActionController::Base.cache_store.cache_path
219       # If we don't own the cache dir, we're probably
220       # crunch-dispatch. Whoever we are, using this cache is likely to
221       # either fail or screw up the cache for someone else. So we'll
222       # just assume the $globals are OK to live forever.
223       #
224       # The reason for making the globals expire with the cache in the
225       # first place is to avoid leaking state between test cases: in
226       # production, we don't expect the database seeds to ever go away
227       # even when the cache is cleared, so there's no particular
228       # reason to expire our global variables.
229     else
230       Rails.cache.fetch "CurrentApiClient.$globals" do
231         value = nil
232         true
233       end
234     end
235     return value unless value.nil?
236     yield
237   end
238 end