3 class CollectionsController < ApplicationController
4 include ActionController::Live
6 skip_around_filter :require_thread_api_token, if: proc { |ctrl|
7 Rails.configuration.anonymous_user_token and
8 'show' == ctrl.action_name
10 skip_around_filter(:require_thread_api_token,
11 only: [:show_file, :show_file_links])
12 skip_before_filter(:find_object_by_uuid,
13 only: [:provenance, :show_file, :show_file_links])
14 # We depend on show_file to display the user agreement:
15 skip_before_filter :check_user_agreements, only: :show_file
16 skip_before_filter :check_user_profile, only: :show_file
21 panes = %w(Files Upload Provenance_graph Used_by Advanced)
22 panes = panes - %w(Upload) unless (@object.editable? rescue false)
28 when 'persistent', 'cache'
29 persist_links = Link.filter([['owner_uuid', '=', current_user.uuid],
30 ['link_class', '=', 'resources'],
31 ['name', '=', 'wants'],
32 ['tail_uuid', '=', current_user.uuid],
33 ['head_uuid', '=', @object.uuid]])
34 logger.debug persist_links.inspect
36 return unprocessable "Invalid value #{value.inspect}"
38 if params[:value] == 'persistent'
39 if not persist_links.any?
40 Link.create(link_class: 'resources',
42 tail_uuid: current_user.uuid,
43 head_uuid: @object.uuid)
46 persist_links.each do |link|
52 f.json { render json: @object }
57 # API server index doesn't return manifest_text by default, but our
58 # callers want it unless otherwise specified.
59 @select ||= Collection.columns.map(&:name)
60 base_search = Collection.select(@select)
61 if params[:search].andand.length.andand > 0
62 tags = Link.where(any: ['contains', params[:search]])
63 @objects = (base_search.where(uuid: tags.collect(&:head_uuid)) |
64 base_search.where(any: ['contains', params[:search]])).
68 limit = params[:limit].to_i
74 offset = params[:offset].to_i
79 @objects = base_search.limit(limit).offset(offset)
81 @links = Link.where(head_uuid: @objects.collect(&:uuid))
84 @collection_info[c.uuid] = {
93 @collection_info[link.head_uuid] ||= {}
94 info = @collection_info[link.head_uuid]
97 info[:tag_links] << link
100 info[:wanted_by_me] ||= link.tail_uuid == current_user.uuid
102 info[:provenance] << link.name
106 @request_url = request.url
112 Thread.current[:reader_tokens] = [params[:reader_token]]
113 return if false.equal?(find_object_by_uuid)
118 # We pipe from arv-get to send the file to the user. Before we start it,
119 # we ask the API server if the file actually exists. This serves two
120 # purposes: it lets us return a useful status code for common errors, and
121 # helps us figure out which token to provide to arv-get.
123 tokens = [Thread.current[:arvados_api_token],
124 params[:reader_token],
125 (Rails.configuration.anonymous_user_token || nil)].compact
126 usable_token = find_usable_token(tokens) do
127 coll = Collection.find(params[:uuid])
130 file_name = params[:file].andand.sub(/^(\.\/|\/|)/, './')
132 return # Response already rendered.
133 elsif file_name.nil? or not coll.manifest.has_file?(file_name)
134 return render_not_found
137 opts = params.merge(arvados_api_token: usable_token)
139 # Handle Range requests. Currently we support only 'bytes=0-....'
140 if request.headers.include? 'HTTP_RANGE'
141 if m = /^bytes=0-(\d+)/.match(request.headers['HTTP_RANGE'])
142 opts[:maxbytes] = m[1]
143 size = params[:size] || '*'
144 self.response.status = 206
145 self.response.headers['Content-Range'] = "bytes 0-#{m[1]}/#{size}"
149 ext = File.extname(params[:file])
150 self.response.headers['Content-Type'] =
151 Rack::Mime::MIME_TYPES[ext] || 'application/octet-stream'
153 size = params[:size].to_i
155 size = [size, opts[:maxbytes].to_i].min
157 self.response.headers['Content-Length'] = size.to_s
159 self.response.headers['Content-Disposition'] = params[:disposition] if params[:disposition]
161 file_enumerator(opts).each do |bytes|
162 response.stream.write bytes
165 response.stream.close
170 ["GET /arvados/v1/collections/#{@object.uuid}", "GET /arvados/v1/collections/#{@object.uuid}/", "GET /arvados/v1/keep_services/accessible"]
175 ApiClientAuthorization.filter([['scopes', '=', sharing_scopes]]).results
176 rescue ArvadosApiClient::AccessForbiddenException
181 def find_object_by_uuid
182 if not Keep::Locator.parse params[:id]
188 return super if !@object
192 if params["tab_pane"] == "Provenance_graph"
193 @prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg",
194 {:request => request,
195 :direction => :bottom_up,
196 :combine_jobs => :script_only}) rescue nil
200 if Keep::Locator.parse params["uuid"]
201 @same_pdh = Collection.filter([["portable_data_hash", "=", @object.portable_data_hash]]).limit(20)
202 if @same_pdh.results.size == 1
203 redirect_to collection_path(@same_pdh[0]["uuid"])
206 owners = @same_pdh.map(&:owner_uuid).to_a.uniq
207 preload_objects_for_dataclass Group, owners
208 preload_objects_for_dataclass User, owners
209 uuids = @same_pdh.map(&:uuid).to_a.uniq
210 preload_links_for_objects uuids
211 render 'hash_matches'
214 jobs_with = lambda do |conds|
215 Job.limit(RELATION_LIMIT).where(conds)
216 .results.sort_by { |j| j.finished_at || j.created_at }
218 @output_of = jobs_with.call(output: @object.portable_data_hash)
219 @log_of = jobs_with.call(log: @object.portable_data_hash)
220 @project_links = Link.limit(RELATION_LIMIT).order("modified_at DESC")
221 .where(head_uuid: @object.uuid, link_class: 'name').results
222 project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).to_hash
223 @projects = project_hash.values
225 @permissions = Link.limit(RELATION_LIMIT).order("modified_at DESC")
226 .where(head_uuid: @object.uuid, link_class: 'permission',
227 name: 'can_read').results
228 @logs = Log.limit(RELATION_LIMIT).order("created_at DESC")
229 .select(%w(uuid event_type object_uuid event_at summary))
230 .where(object_uuid: @object.uuid).results
231 @is_persistent = Link.limit(1)
232 .where(head_uuid: @object.uuid, tail_uuid: current_user.uuid,
233 link_class: 'resources', name: 'wants')
235 @search_sharing = search_scopes
237 if params["tab_pane"] == "Used_by"
238 @used_by_svg = ProvenanceHelper::create_provenance_graph(@object.used_by, "used_by_svg",
239 {:request => request,
240 :direction => :top_down,
241 :combine_jobs => :script_only,
242 :pdata_only => true}) rescue nil
250 @search_sharing = search_scopes
251 render("sharing_popup.js", content_type: "text/javascript")
254 helper_method :download_link
257 collections_url + "/download/#{@object.uuid}/#{@search_sharing.first.api_token}/"
261 ApiClientAuthorization.create(scopes: sharing_scopes)
266 search_scopes.each do |s|
273 @updates ||= params[@object.resource_param_name.to_sym]
274 if @updates && (@updates.keys - ["name", "description"]).empty?
275 # exclude manifest_text since only name or description is being updated
276 @object.manifest_text = nil
283 def find_usable_token(token_list)
284 # Iterate over every given token to make it the current token and
285 # yield the given block.
286 # If the block succeeds, return the token it used.
287 # Otherwise, render an error response based on the most specific
288 # error we encounter, and return nil.
289 most_specific_error = [401]
290 token_list.each do |api_token|
292 # We can't load the corresponding user, because the token may not
293 # be scoped for that.
294 using_specific_api_token(api_token, load_user: false) do
298 rescue ArvadosApiClient::ApiError => error
299 if error.api_status >= most_specific_error.first
300 most_specific_error = [error.api_status, error]
304 case most_specific_error.shift
308 render_not_found(*most_specific_error)
313 # Note: several controller and integration tests rely on stubbing
314 # file_enumerator to return fake file content.
315 def file_enumerator opts
316 FileStreamer.new opts
320 include ArvadosApiClientHelper
321 def initialize(opts={})
325 return unless @opts[:uuid] && @opts[:file]
330 u = URI.parse(arvados_api_client.arvados_v1_base)
331 env['ARVADOS_API_HOST'] = "#{u.host}:#{u.port}"
332 env['ARVADOS_API_TOKEN'] = @opts[:arvados_api_token]
333 env['ARVADOS_API_HOST_INSECURE'] = "true" if Rails.configuration.arvados_insecure_https
335 bytesleft = @opts[:maxbytes].andand.to_i || 2**16
336 io = IO.popen([env, 'arv-get', "#{@opts[:uuid]}/#{@opts[:file]}"], 'rb')
337 while bytesleft > 0 && (buf = io.read([bytesleft, 2**16].min)) != nil
338 # shrink the bytesleft count, if we were given a maximum byte
340 if @opts.include? :maxbytes
341 bytesleft = bytesleft - buf.length
346 # "If ios is opened by IO.popen, close sets $?."
347 # http://www.ruby-doc.org/core-2.1.3/IO.html#method-i-close
348 Rails.logger.warn("#{@opts[:uuid]}/#{@opts[:file]}: #{$?}") if $? != 0