projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added rescue AccessForbiddenException to collections controller and view to
[arvados.git] / apps / workbench / app / models / arvados_api_client.rb
diff --git a/apps/workbench/app/models/arvados_api_client.rb b/apps/workbench/app/models/arvados_api_client.rb
index c6d8720c9232fa0dba6fdf8d72f2b20b716243cd..7574cf665be17d058c737b43d9dc2e65d4f10b94 100644 (file)
--- a/apps/workbench/app/models/arvados_api_client.rb
+++ b/apps/workbench/app/models/arvados_api_client.rb
@@ -6,22 +6,41 @@ class ArvadosApiClient
   end
   class InvalidApiResponseException < StandardError
   end
+  class AccessForbiddenException < StandardError
+  end
 
-  @@client_mtx = Mutex.new
-  @@api_client = nil
   @@profiling_enabled = Rails.configuration.profiling_enabled
+  @@discovery = nil
+
+  # An API client object suitable for handling API requests on behalf
+  # of the current thread.
+  def self.new_or_current
+    # If this thread doesn't have an API client yet, *or* this model
+    # has been reloaded since the existing client was created, create
+    # a new client. Otherwise, keep using the latest client created in
+    # the current thread.
+    unless Thread.current[:arvados_api_client].andand.class == self
+      Thread.current[:arvados_api_client] = new
+    end
+    Thread.current[:arvados_api_client]
+  end
+
+  def initialize *args
+    @api_client = nil
+    @client_mtx = Mutex.new
+  end
 
   def api(resources_kind, action, data=nil)
     profile_checkpoint
 
-    @@client_mtx.synchronize do
-      if not @@api_client
-        @@api_client = HTTPClient.new
+    if not @api_client
+      @client_mtx.synchronize do
+        @api_client = HTTPClient.new
         if Rails.configuration.arvados_insecure_https
-          @@api_client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+          @api_client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
         else
           # Use system CA certificates
-          @@api_client.ssl_config.add_trust_ca('/etc/ssl/certs')
+          @api_client.ssl_config.add_trust_ca('/etc/ssl/certs')
         end
       end
     end
@@ -58,9 +77,11 @@ class ArvadosApiClient
     header = {"Accept" => "application/json"}
 
     profile_checkpoint { "Prepare request #{url} #{query[:uuid]} #{query[:where]} #{query[:filters]}" }
-    msg = @@api_client.post(url,
-                            query,
-                            header: header)
+    msg = @client_mtx.synchronize do
+      @api_client.post(url,
+                       query,
+                       header: header)
+    end
     profile_checkpoint 'API transaction'
 
     if msg.status_code == 401
@@ -80,7 +101,11 @@ class ArvadosApiClient
     if msg.status_code != 200
       errors = resp[:errors]
       errors = errors.join("\n\n") if errors.is_a? Array
-      raise "#{errors} [API: #{msg.status_code}]"
+      if msg.status_code == 403
+        raise AccessForbiddenException.new "#{errors} [API: #{msg.status_code}]"
+      else
+        raise "#{errors} [API: #{msg.status_code}]"
+      end
     end
     if resp[:_profile]
       Rails.logger.info "API client: " \
@@ -158,7 +183,7 @@ class ArvadosApiClient
   end
 
   def discovery
-    @discovery ||= api '../../discovery/v1/apis/arvados/v1/rest', ''
+    @@discovery ||= api '../../discovery/v1/apis/arvados/v1/rest', ''
   end
 
   def kind_class(kind)