around_filter :set_thread_api_token
# Methods that don't require login should
# skip_around_filter :require_thread_api_token
- around_filter :require_thread_api_token, except: ERROR_ACTIONS
+ around_filter :require_thread_api_token, except: [:report_issue_popup, :report_issue] + ERROR_ACTIONS
before_filter :accept_uuid_as_id_param, except: ERROR_ACTIONS
- before_filter :check_user_agreements, except: ERROR_ACTIONS
+ before_filter :check_user_agreements, except: [:report_issue_popup, :report_issue] + ERROR_ACTIONS
before_filter :check_user_profile, except: ERROR_ACTIONS
before_filter :check_user_notifications, except: ERROR_ACTIONS
before_filter :load_filters_and_paging_params, except: ERROR_ACTIONS
return render_not_found("object not found")
end
respond_to do |f|
- f.json { render json: @object.attributes.merge(href: url_for(@object)) }
+ f.json { render json: @object.attributes.merge(href: url_for(action: :show, id: @object)) }
f.html {
if params['tab_pane']
render_pane params['tab_pane']
@object ||= model_class.new @new_resource_attrs, params["options"]
if @object.save
respond_to do |f|
- f.json { render json: @object.attributes.merge(href: url_for(@object)) }
+ f.json { render json: @object.attributes.merge(href: url_for(action: :show, id: @object)) }
f.html {
redirect_to @object
}
false # We may redirect to login, or not, based on the current action.
else
session[:arvados_api_token] = params[:api_token]
+ # If we later have trouble contacting the API server, we still want
+ # to be able to render basic user information in the UI--see
+ # render_exception above. We store that in the session here. This is
+ # not intended to be used as a general-purpose cache. See #2891.
session[:user] = {
uuid: user.uuid,
email: user.email,