class CollectionsController < ApplicationController
include ActionController::Live
+ skip_around_filter :require_thread_api_token, if: proc { |ctrl|
+ Rails.configuration.anonymous_user_token and
+ 'show' == ctrl.action_name
+ }
skip_around_filter(:require_thread_api_token,
- only: [:show_file, :show_file_links, :show])
+ only: [:show_file, :show_file_links])
skip_before_filter(:find_object_by_uuid,
only: [:provenance, :show_file, :show_file_links])
# We depend on show_file to display the user agreement:
# we ask the API server if the file actually exists. This serves two
# purposes: it lets us return a useful status code for common errors, and
# helps us figure out which token to provide to arv-get.
+ # The order of searched tokens is important: because the anonymous user
+ # token is passed along with every API request, we have to check it first.
+ # Otherwise, it's impossible to know whether any other request succeeded
+ # because of the reader token.
coll = nil
- tokens = [Thread.current[:arvados_api_token], params[:reader_token]].compact
+ tokens = [(Rails.configuration.anonymous_user_token || nil),
+ params[:reader_token],
+ Thread.current[:arvados_api_token]].compact
usable_token = find_usable_token(tokens) do
coll = Collection.find(params[:uuid])
end
if current_user
if Keep::Locator.parse params["uuid"]
- @same_pdh = Collection.filter([["portable_data_hash", "=", @object.portable_data_hash]])
+ @same_pdh = Collection.filter([["portable_data_hash", "=", @object.portable_data_hash]]).limit(20)
if @same_pdh.results.size == 1
redirect_to collection_path(@same_pdh[0]["uuid"])
return
owners = @same_pdh.map(&:owner_uuid).to_a.uniq
preload_objects_for_dataclass Group, owners
preload_objects_for_dataclass User, owners
+ uuids = @same_pdh.map(&:uuid).to_a.uniq
+ preload_links_for_objects uuids
render 'hash_matches'
return
else
.where(head_uuid: @object.uuid, link_class: 'permission',
name: 'can_read').results
@logs = Log.limit(RELATION_LIMIT).order("created_at DESC")
+ .select(%w(uuid event_type object_uuid event_at summary))
.where(object_uuid: @object.uuid).results
@is_persistent = Link.limit(1)
.where(head_uuid: @object.uuid, tail_uuid: current_user.uuid,
sharing_popup
end
+ def update
+ @updates ||= params[@object.resource_param_name.to_sym]
+ if @updates && (@updates.keys - ["name", "description"]).empty?
+ # exclude manifest_text since only name or description is being updated
+ @object.manifest_text = nil
+ end
+ super
+ end
+
protected
def find_usable_token(token_list)
return nil
end
- def file_enumerator(opts)
+ # Note: several controller and integration tests rely on stubbing
+ # file_enumerator to return fake file content.
+ def file_enumerator opts
FileStreamer.new opts
end
projects / arvados.git / blobdiff