1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
10 $anonymous_group_read_permission = nil
11 $empty_collection = nil
13 module CurrentApiClient
18 def current_api_client
19 Thread.current[:api_client]
22 def current_api_client_authorization
23 Thread.current[:api_client_authorization]
27 Thread.current[:api_url_base]
30 def current_default_owner
31 # owner_uuid for newly created objects
32 ((current_api_client_authorization &&
33 current_api_client_authorization.default_owner_uuid) ||
34 (current_user && current_user.default_owner_uuid) ||
35 (current_user && current_user.uuid) ||
39 # Where is the client connecting from?
40 def current_api_client_ip_address
41 Thread.current[:api_client_ip_address]
45 [Server::Application.config.uuid_prefix,
47 '000000000000000'].join('-')
51 [Server::Application.config.uuid_prefix,
53 '000000000000000'].join('-')
56 def anonymous_group_uuid
57 [Server::Application.config.uuid_prefix,
59 'anonymouspublic'].join('-')
62 def anonymous_user_uuid
63 [Server::Application.config.uuid_prefix,
65 'anonymouspublic'].join('-')
69 $system_user = check_cache $system_user do
70 real_current_user = Thread.current[:user]
72 Thread.current[:user] = User.new(is_admin: true,
74 uuid: system_user_uuid)
75 User.where(uuid: system_user_uuid).
76 first_or_create!(is_active: true,
82 Thread.current[:user] = real_current_user
88 $system_group = check_cache $system_group do
90 ActiveRecord::Base.transaction do
91 Group.where(uuid: system_group_uuid).
92 first_or_create!(name: "System group",
93 description: "System group") do |g|
95 User.all.collect(&:uuid).each do |user_uuid|
96 Link.create!(link_class: 'permission',
98 tail_uuid: system_group_uuid,
107 def all_users_group_uuid
108 [Server::Application.config.uuid_prefix,
110 'fffffffffffffff'].join('-')
114 $all_users_group = check_cache $all_users_group do
115 act_as_system_user do
116 ActiveRecord::Base.transaction do
117 Group.where(uuid: all_users_group_uuid).
118 first_or_create!(name: "All users",
119 description: "All users",
126 def act_as_system_user
128 act_as_user system_user do
132 Thread.current[:user] = system_user
137 user_was = Thread.current[:user]
138 Thread.current[:user] = user
142 Thread.current[:user] = user_was
147 $anonymous_group = check_cache $anonymous_group do
148 act_as_system_user do
149 ActiveRecord::Base.transaction do
150 Group.where(uuid: anonymous_group_uuid).
151 first_or_create!(group_class: "role",
152 name: "Anonymous users",
153 description: "Anonymous users")
159 def anonymous_group_read_permission
160 $anonymous_group_read_permission =
161 check_cache $anonymous_group_read_permission do
162 act_as_system_user do
163 Link.where(tail_uuid: all_users_group.uuid,
164 head_uuid: anonymous_group.uuid,
165 link_class: "permission",
166 name: "can_read").first_or_create!
172 $anonymous_user = check_cache $anonymous_user do
173 act_as_system_user do
174 User.where(uuid: anonymous_user_uuid).
175 first_or_create!(is_active: false,
178 first_name: 'Anonymous',
179 last_name: '') do |u|
181 Link.where(tail_uuid: anonymous_user_uuid,
182 head_uuid: anonymous_group.uuid,
183 link_class: 'permission',
191 def empty_collection_uuid
192 'd41d8cd98f00b204e9800998ecf8427e+0'
196 $empty_collection = check_cache $empty_collection do
197 act_as_system_user do
198 ActiveRecord::Base.transaction do
200 where(portable_data_hash: empty_collection_uuid).
201 first_or_create!(manifest_text: '', owner_uuid: anonymous_group.uuid)
209 # If the given value is nil, or the cache has been cleared since it
210 # was set, yield. Otherwise, return the given value.
211 def check_cache value
212 if not Rails.env.test? and
213 ActionController::Base.cache_store.is_a? ActiveSupport::Cache::FileStore and
214 not File.owned? ActionController::Base.cache_store.cache_path
215 # If we don't own the cache dir, we're probably
216 # crunch-dispatch. Whoever we are, using this cache is likely to
217 # either fail or screw up the cache for someone else. So we'll
218 # just assume the $globals are OK to live forever.
220 # The reason for making the globals expire with the cache in the
221 # first place is to avoid leaking state between test cases: in
222 # production, we don't expect the database seeds to ever go away
223 # even when the cache is cleared, so there's no particular
224 # reason to expire our global variables.
226 Rails.cache.fetch "CurrentApiClient.$globals" do
231 return value unless value.nil?