- # Anonymous allowed paths:
- # /projects/#{uuid}?public_data=true
- def permit_anonymous_browsing_for_public_data
- if !Thread.current[:arvados_api_token] && !params[:api_token] && !session[:arvados_api_token]
- public_project_accessed = /\/projects\/([0-9a-z]{5}-j7d0g-[0-9a-z]{15})(.*)public_data\=true/.match(request.fullpath)
- if public_project_accessed
- params[:api_token] = Rails.configuration.anonymous_user_token
- end
- end
- end
-