class ApplicationController < ActionController::Base
protect_from_forgery
+ around_filter :thread_clear
around_filter :thread_with_api_token, :except => [:render_exception, :render_not_found]
before_filter :find_object_by_uuid, :except => [:index, :render_exception, :render_not_found]
- unless Rails.application.config.consider_all_requests_local
+ begin
rescue_from Exception,
:with => :render_exception
rescue_from ActiveRecord::RecordNotFound,
:with => :render_not_found
rescue_from ActionController::UnknownController,
:with => :render_not_found
- rescue_from ActionController::UnknownAction,
+ rescue_from ::AbstractController::ActionNotFound,
:with => :render_not_found
end
def render_exception(e)
logger.error e.inspect
logger.error e.backtrace.collect { |x| x + "\n" }.join('') if e.backtrace
- if @object and @object.errors and @object.errors.full_messages
+ if @object.andand.errors.andand.full_messages.andand.any?
@errors = @object.errors.full_messages
else
@errors = [e.inspect]
end
respond_to do |f|
f.json { render json: @object }
- f.html { render }
+ f.html {
+ if request.method == 'GET'
+ render
+ else
+ redirect_to params[:return_to] || @object
+ end
+ }
+ end
+ end
+
+ def render_content
+ if !@object
+ return render_not_found("object not found")
end
end
end
def update
- if @object.update_attributes params[@object.class.to_s.underscore.singularize.to_sym]
+ updates = params[@object.class.to_s.underscore.singularize.to_sym]
+ updates.keys.each do |attr|
+ if @object.send(attr).is_a? Hash and updates[attr].is_a? String
+ updates[attr] = Oj.load updates[attr]
+ end
+ end
+ if @object.update_attributes updates
show
else
self.render_error status: 422
def create
@object ||= model_class.new params[model_class.to_s.singularize.to_sym]
@object.save!
- redirect_to @object
+ redirect_to(params[:return_to] || @object)
end
def destroy
def current_user
if Thread.current[:arvados_api_token]
- @current_user ||= User.current
+ Thread.current[:user] ||= User.current
else
logger.error "No API token in Thread"
return nil
end
end
- protected
-
def model_class
controller_name.classify.constantize
end
+ protected
+
def find_object_by_uuid
if params[:id] and params[:id].match /\D/
params[:uuid] = params.delete :id
end
- @object = model_class.where(uuid: params[:uuid]).first
+ if params[:uuid].is_a? String
+ @object = model_class.find(params[:uuid])
+ else
+ @object = model_class.where(uuid: params[:uuid]).first
+ end
+ end
+
+ def thread_clear
+ Thread.current[:arvados_api_token] = nil
+ Thread.current[:user] = nil
+ yield
end
def thread_with_api_token
try_redirect_to_login = true
end
else
- logger.debug "session is #{session.inspect}"
+ logger.debug "No token received, session is #{session.inspect}"
end
if try_redirect_to_login
respond_to do |f|
f.html {
- redirect_to $arvados_api_client.arvados_login_url(return_to: request.url)
+ if request.method == 'GET'
+ redirect_to $arvados_api_client.arvados_login_url(return_to: request.url)
+ else
+ flash[:error] = "Either you are not logged in, or your session has timed out. I can't automatically log you in and re-attempt this request."
+ redirect_to :back
+ end
}
f.json {
- @errors = ['No API token supplied -- can\'t really do anything.']
+ @errors = ['You do not seem to be logged in. You did not supply an API token with this request, and your session (if any) has timed out.']
self.render_error status: 422
}
end
projects / arvados.git / blobdiff