ERROR_ACTIONS = [:render_error, :render_not_found]
around_filter :thread_clear
- before_filter :permit_anonymous_browsing_for_public_data
around_filter :set_thread_api_token
# Methods that don't require login should
# skip_around_filter :require_thread_api_token
protected
+ helper_method :strip_token_from_path
def strip_token_from_path(path)
path.sub(/([\?&;])api_token=[^&;]*[&;]?/, '\1')
end
else
@object = model_class.find(params[:uuid])
end
- rescue ArvadosApiClient::NotFoundException, RuntimeError => error
+ rescue ArvadosApiClient::NotFoundException, ArvadosApiClient::NotLoggedInException, RuntimeError => error
if error.is_a?(RuntimeError) and (error.message !~ /^argument to find\(/)
raise
end
def setup_user_session
return false unless params[:api_token]
Thread.current[:arvados_api_token] = params[:api_token]
- Thread.current[:arvados_anonymous_api_token] = nil
begin
user = User.current
rescue ArvadosApiClient::NotLoggedInException
end
end
- def permit_anonymous_browsing_for_public_data
- if !Thread.current[:arvados_api_token] && !params[:api_token] && !session[:arvados_api_token]
- Thread.current[:arvados_anonymous_api_token] = Rails.configuration.anonymous_user_token
- end
- end
-
# Save the session API token in thread-local storage, and yield.
# This method also takes care of session setup if the request
# provides a valid api_token parameter.