1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
5 class UsersController < ApplicationController
6 skip_around_action :require_thread_api_token, only: :welcome
7 skip_before_action :check_user_agreements, only: [:welcome, :inactive, :link_account, :merge]
8 skip_before_action :check_user_profile, only: [:welcome, :inactive, :profile, :link_account, :merge]
9 skip_before_action :find_object_by_uuid, only: [:welcome, :activity, :storage]
10 before_action :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup]
13 if params[:uuid] == current_user.uuid
16 if request.url.include?("/users/#{current_user.uuid}")
19 redirect_to(params[:return_to] || project_path(params[:uuid]))
30 redirect_to (params[:return_to] || '/')
35 if current_user.andand.is_invited
36 redirect_to (params[:return_to] || '/')
41 params[:offer_return_to] ||= params[:return_to]
42 Thread.current[:user] = User.find(current_user.uuid)
46 @breadcrumb_page_name = nil
47 @users = User.limit(params[:limit]).with_count("none")
52 pipeline_instances: {}
55 @spans = [['This week', Time.now.beginning_of_week, Time.now],
57 Time.now.beginning_of_week.advance(weeks:-1),
58 Time.now.beginning_of_week],
59 ['This month', Time.now.beginning_of_month, Time.now],
61 1.month.ago.beginning_of_month,
62 Time.now.beginning_of_month]]
63 @spans.each do |span, threshold_start, threshold_end|
64 @activity[:logins][span] = Log.select(%w(uuid modified_by_user_uuid)).
65 filter([[:event_type, '=', 'login'],
66 [:object_kind, '=', 'arvados#user'],
67 [:created_at, '>=', threshold_start],
68 [:created_at, '<', threshold_end]]).with_count("none")
69 @activity[:jobs][span] = Job.select(%w(uuid modified_by_user_uuid)).
70 filter([[:created_at, '>=', threshold_start],
71 [:created_at, '<', threshold_end]]).with_count("none")
72 @activity[:pipeline_instances][span] = PipelineInstance.select(%w(uuid modified_by_user_uuid)).
73 filter([[:created_at, '>=', threshold_start],
74 [:created_at, '<', threshold_end]]).with_count("none")
75 @activity.each do |type, act|
78 @user_activity[u.uuid] ||= {}
79 @user_activity[u.uuid][span + ' ' + type.to_s] ||= 0
81 records.each do |record|
82 @user_activity[record.modified_by_user_uuid] ||= {}
83 @user_activity[record.modified_by_user_uuid][span + ' ' + type.to_s] ||= 0
84 @user_activity[record.modified_by_user_uuid][span + ' ' + type.to_s] += 1
85 @total_activity[span + ' ' + type.to_s] ||= 0
86 @total_activity[span + ' ' + type.to_s] += 1
90 @users = @users.sort_by do |a|
91 [-@user_activity[a.uuid].values.inject(:+), a.full_name]
93 # Prepend a "Total" pseudo-user to the sorted list
94 @user_activity[nil] = @total_activity
95 @users = [OpenStruct.new(uuid: nil)] + @users
99 @breadcrumb_page_name = nil
100 @users = User.limit(params[:limit]).with_count("none")
105 @user_storage[u.uuid] ||= {}
107 filter([[:object_uuid, '=', u.uuid],
108 [:event_type, '=', 'user-storage-report']]).
109 order(:created_at => :desc).
112 storage_log.each do |log_entry|
113 # We expect this block to only execute once since we specified limit(1)
114 @user_storage[u.uuid] = log_entry['properties']
115 @log_date[u.uuid] = log_entry['event_at']
117 total_storage.merge!(@user_storage[u.uuid]) { |k,v1,v2| v1 + v2 }
119 @users = @users.sort_by { |u|
120 [-@user_storage[u.uuid].values.push(0).inject(:+), u.full_name]}
121 # Prepend a "Total" pseudo-user to the sorted list
122 @users = [OpenStruct.new(uuid: nil)] + @users
123 @user_storage[nil] = total_storage
127 if current_user.andand.is_admin
135 if current_user.andand.is_admin
143 resp = arvados_api_client.api(ApiClientAuthorization, '', {
144 api_client_authorization: {
145 owner_uuid: @object.uuid
148 redirect_to root_url(api_token: "v2/#{resp[:uuid]}/#{resp[:api_token]}")
152 @my_ssh_keys = AuthorizedKey.where(authorized_user_uuid: current_user.uuid)
157 order('created_at desc').
159 where(created_by: current_user.uuid)
161 @my_collections = Collection.
163 order('created_at desc').
165 where(created_by: current_user.uuid)
166 collection_uuids = @my_collections.collect &:uuid
169 collection_uuids.each do |uuid|
170 @persist_state[uuid] = 'cache'
173 Link.filter([['head_uuid', 'in', collection_uuids],
174 ['link_class', 'in', ['tag', 'resources']]]).with_count("none")
178 (@my_tag_links[link.head_uuid] ||= []) << link
180 if link.name == 'wants'
181 @persist_state[link.head_uuid] = 'persistent'
186 @my_pipelines = PipelineInstance.
188 order('created_at desc').
190 where(created_by: current_user.uuid)
193 f.js { render template: 'users/home.js' }
194 f.html { render template: 'users/home' }
199 if current_user.andand.is_admin
206 respond_to do |format|
207 if current_user.andand.is_admin
209 setup_params[:send_notification_email] = "#{Rails.configuration.Mail.SendUserSetupNotificationEmail}"
210 if params['user_uuid'] && params['user_uuid'].size>0
211 setup_params[:uuid] = params['user_uuid']
213 if params['email'] && params['email'].size>0
214 user = {email: params['email']}
215 setup_params[:user] = user
217 if params['openid_prefix'] && params['openid_prefix'].size>0
218 setup_params[:openid_prefix] = params['openid_prefix']
220 if params['vm_uuid'] && params['vm_uuid'].size>0
221 setup_params[:vm_uuid] = params['vm_uuid']
224 setup_resp = User.setup setup_params
227 setup_resp[:items].each do |item|
228 if item[:head_kind] == "arvados#virtualMachine"
234 new_groups = params[:groups].split(',').map(&:strip).select{|i| !i.empty?}
235 if vm_link and new_groups != vm_link[:properties][:groups]
236 vm_login_link = Link.where(uuid: vm_link[:uuid])
237 if vm_login_link.items_available > 0
238 link = vm_login_link.results.first
239 props = link.properties
240 props[:groups] = new_groups
248 self.render_error status: 422
251 self.render_error status: 422
257 @vms = VirtualMachine.all.results
259 @current_selections = find_current_links @object
261 respond_to do |format|
269 Link.where(tail_uuid: @object.uuid,
270 link_class: 'permission',
271 name: 'can_login').with_count("none").
273 if perm_link.properties.andand[:username]
274 @my_vm_logins[perm_link.head_uuid] ||= []
275 @my_vm_logins[perm_link.head_uuid] << perm_link.properties[:username]
278 @my_virtual_machines = VirtualMachine.where(uuid: @my_vm_logins.keys).with_count("none")
282 @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: @object.uuid)
285 def add_ssh_key_popup
286 respond_to do |format|
293 respond_to do |format|
294 key_params = {'key_type' => 'SSH'}
295 key_params['authorized_user_uuid'] = current_user.uuid
297 if params['name'] && params['name'].size>0
298 key_params['name'] = params['name'].strip
300 if params['public_key'] && params['public_key'].size>0
301 key_params['public_key'] = params['public_key'].strip
304 if !key_params['name'] && params['public_key'].andand.size>0
305 split_key = key_params['public_key'].split
306 key_params['name'] = split_key[-1] if (split_key.size == 3)
309 new_key = AuthorizedKey.create! key_params
313 self.render_error status: 422
318 def request_shell_access
319 logger.warn "request_access: #{params.inspect}"
320 params['request_url'] = request.url
321 RequestShellAccessReporter.send_request(current_user, params).deliver
325 User.merge params[:new_user_token], params[:direction]
331 def find_current_links user
332 current_selections = {}
335 return current_selections
339 oid_login_perms = Link.where(tail_uuid: user.email,
340 head_kind: 'arvados#user',
341 link_class: 'permission',
342 name: 'can_login').with_count("none")
344 if oid_login_perms.any?
345 prefix_properties = oid_login_perms.first.properties
346 current_selections[:identity_url_prefix] = prefix_properties[:identity_url_prefix]
350 repo_perms = Link.where(tail_uuid: user.uuid,
351 head_kind: 'arvados#repository',
352 link_class: 'permission',
353 name: 'can_write').with_count("none")
355 repo_uuid = repo_perms.first.head_uuid
356 repos = Repository.where(head_uuid: repo_uuid).with_count("none")
358 repo_name = repos.first.name
359 current_selections[:repo_name] = repo_name
364 vm_login_perms = Link.where(tail_uuid: user.uuid,
365 head_kind: 'arvados#virtualMachine',
366 link_class: 'permission',
367 name: 'can_login').with_count("none")
368 if vm_login_perms.any?
369 vm_perm = vm_login_perms.first
370 vm_uuid = vm_perm.head_uuid
371 current_selections[:vm_uuid] = vm_uuid
372 current_selections[:groups] = vm_perm.properties[:groups].andand.join(', ')
375 return current_selections