class CollectionsController < ApplicationController
include ActionController::Live
- skip_around_filter :require_thread_api_token, if: proc { |ctrl|
- Rails.configuration.anonymous_user_token and
+ skip_around_action :require_thread_api_token, if: proc { |ctrl|
+ !Rails.configuration.Users.AnonymousUserToken.empty? and
'show' == ctrl.action_name
}
- skip_around_filter(:require_thread_api_token,
+ skip_around_action(:require_thread_api_token,
only: [:show_file, :show_file_links])
- skip_before_filter(:find_object_by_uuid,
+ skip_before_action(:find_object_by_uuid,
only: [:provenance, :show_file, :show_file_links])
# We depend on show_file to display the user agreement:
- skip_before_filter :check_user_agreements, only: :show_file
- skip_before_filter :check_user_profile, only: :show_file
+ skip_before_action :check_user_agreements, only: :show_file
+ skip_before_action :check_user_profile, only: :show_file
RELATION_LIMIT = 5
['link_class', '=', 'resources'],
['name', '=', 'wants'],
['tail_uuid', '=', current_user.uuid],
- ['head_uuid', '=', @object.uuid]])
+ ['head_uuid', '=', @object.uuid]]).with_count("none")
logger.debug persist_links.inspect
else
return unprocessable "Invalid value #{value.inspect}"
@select ||= Collection.columns.map(&:name)
base_search = Collection.select(@select)
if params[:search].andand.length.andand > 0
- tags = Link.where(any: ['contains', params[:search]])
+ tags = Link.where(any: ['contains', params[:search]]).with_count("none")
@objects = (base_search.where(uuid: tags.collect(&:head_uuid)) |
base_search.where(any: ['contains', params[:search]])).
uniq { |c| c.uuid }
@objects = base_search.limit(limit).offset(offset)
end
- @links = Link.where(head_uuid: @objects.collect(&:uuid))
+ @links = Link.where(head_uuid: @objects.collect(&:uuid)).with_count("none")
@collection_info = {}
@objects.each do |c|
@collection_info[c.uuid] = {
# Otherwise, it's impossible to know whether any other request succeeded
# because of the reader token.
coll = nil
- tokens = [(Rails.configuration.anonymous_user_token || nil),
+ tokens = [(if !Rails.configuration.Users.AnonymousUserToken.empty? then
+ Rails.configuration.Users.AnonymousUserToken else nil end),
params[:reader_token],
Thread.current[:arvados_api_token]].compact
usable_token = find_usable_token(tokens) do
opts = {}
if usable_token == params[:reader_token]
opts[:path_token] = usable_token
- elsif usable_token == Rails.configuration.anonymous_user_token
+ elsif usable_token == Rails.configuration.Users.AnonymousUserToken
# Don't pass a token at all
else
# We pass the current user's real token only if it's necessary
if params["tab_pane"] == "Provenance_graph"
@prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg",
{:request => request,
- :direction => :top_down,
+ :direction => "RL",
:combine_jobs => :script_only}) rescue nil
end
else
if Job.api_exists?(:index)
jobs_with = lambda do |conds|
- Job.limit(RELATION_LIMIT).where(conds)
+ Job.limit(RELATION_LIMIT).with_count("none").where(conds)
.results.sort_by { |j| j.finished_at || j.created_at }
end
@output_of = jobs_with.call(output: @object.portable_data_hash)
@log_of = jobs_with.call(log: @object.portable_data_hash)
end
- @project_links = Link.limit(RELATION_LIMIT).order("modified_at DESC")
+ @project_links = Link.limit(RELATION_LIMIT).with_count("none").order("modified_at DESC")
.where(head_uuid: @object.uuid, link_class: 'name').results
- project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).to_hash
+ project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).with_count("none").to_hash
@projects = project_hash.values
- @permissions = Link.limit(RELATION_LIMIT).order("modified_at DESC")
+ @permissions = Link.limit(RELATION_LIMIT).with_count("none").order("modified_at DESC")
.where(head_uuid: @object.uuid, link_class: 'permission',
name: 'can_read').results
@search_sharing = search_scopes
if params["tab_pane"] == "Used_by"
@used_by_svg = ProvenanceHelper::create_provenance_graph(@object.used_by, "used_by_svg",
{:request => request,
- :direction => :top_down,
+ :direction => "LR",
:combine_jobs => :script_only,
:pdata_only => true}) rescue nil
end
end
def update
- updated_attr = params[:collection].each.select {|a| a[0].andand.start_with? 'rename-file-path:'}
+ updated_attr = params[:collection].to_unsafe_hash.each.select {|a| a[0].andand.start_with? 'rename-file-path:'}
if updated_attr.size > 0
# Is it file rename?
end
end
- def tags
- render
- end
-
- def save_tags
- tags_param = params['tag_data']
- if tags_param
- if tags_param.is_a?(String) && tags_param == "empty"
- tags = {}
- else
- tags = tags_param
- end
- end
-
- if tags
- if @object.update_attributes properties: tags
- @saved_tags = true
- render
- else
- self.render_error status: 422
- end
- end
- end
-
protected
def find_usable_token(token_list)
def keep_web_url(uuid_or_pdh, file, opts)
munged_id = uuid_or_pdh.sub('+', '-')
- fmt = {uuid_or_pdh: munged_id}
- tmpl = Rails.configuration.keep_web_url
- if Rails.configuration.keep_web_download_url and
- (!tmpl or opts[:disposition] == 'attachment')
+ tmpl = Rails.configuration.Services.WebDAV.ExternalURL.to_s
+
+ if Rails.configuration.Services.WebDAVDownload.ExternalURL != URI("") and
+ (tmpl.empty? or opts[:disposition] == 'attachment')
# Prefer the attachment-only-host when we want an attachment
# (and when there is no preview link configured)
- tmpl = Rails.configuration.keep_web_download_url
- elsif not Rails.configuration.trust_all_content
- check_uri = URI.parse(tmpl % fmt)
+ tmpl = Rails.configuration.Services.WebDAVDownload.ExternalURL.to_s
+ elsif not Rails.configuration.Collections.TrustAllContent
+ check_uri = URI.parse(tmpl.sub("*", munged_id))
if opts[:query_token] and
+ (check_uri.host.nil? or (
not check_uri.host.start_with?(munged_id + "--") and
- not check_uri.host.start_with?(munged_id + ".")
+ not check_uri.host.start_with?(munged_id + ".")))
# We're about to pass a token in the query string, but
# keep-web can't accept that safely at a single-origin URL
# template (unless it's -attachment-only-host).
- tmpl = Rails.configuration.keep_web_download_url
- if not tmpl
+ tmpl = Rails.configuration.Services.WebDAVDownload.ExternalURL.to_s
+ if tmpl.empty?
raise ArgumentError, "Download precluded by site configuration"
end
logger.warn("Using download link, even though inline content " \
end
end
- if tmpl == Rails.configuration.keep_web_download_url
+ if tmpl == Rails.configuration.Services.WebDAVDownload.ExternalURL.to_s
# This takes us to keep-web's -attachment-only-host so there is
# no need to add ?disposition=attachment.
opts.delete :disposition
end
- uri = URI.parse(tmpl % fmt)
+ uri = URI.parse(tmpl.sub("*", munged_id))
+ if tmpl.index("*").nil?
+ uri.path = "/c=#{munged_id}"
+ end
uri.path += '/' unless uri.path.end_with? '/'
if opts[:path_token]
uri.path += 't=' + opts[:path_token] + '/'
end
uri.path += '_/'
- uri.path += URI.escape(file) if file
+ uri.path += ERB::Util.url_encode(file).gsub('%2F', '/') if file
query = Hash[URI.decode_www_form(uri.query || '')]
{ query_token: 'api_token',