+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
class UsersController < ApplicationController
- skip_before_filter :find_object_by_uuid, :only => [:welcome, :activity, :storage]
+ skip_around_filter :require_thread_api_token, only: :welcome
+ skip_before_filter :check_user_agreements, only: [:welcome, :inactive]
+ skip_before_filter :check_user_profile, only: [:welcome, :inactive, :profile]
+ skip_before_filter :find_object_by_uuid, only: [:welcome, :activity, :storage]
before_filter :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup]
+ def show
+ if params[:uuid] == current_user.uuid
+ respond_to do |f|
+ f.html do
+ if request.url.include?("/users/#{current_user.uuid}")
+ super
+ else
+ redirect_to(params[:return_to] || project_path(params[:uuid]))
+ end
+ end
+ end
+ else
+ super
+ end
+ end
+
def welcome
if current_user
- params[:action] = 'home'
- home
+ redirect_to (params[:return_to] || '/')
+ end
+ end
+
+ def inactive
+ if current_user.andand.is_invited
+ redirect_to (params[:return_to] || '/')
end
end
+ def profile
+ params[:offer_return_to] ||= params[:return_to]
+ end
+
def activity
@breadcrumb_page_name = nil
- @users = User.limit(params[:limit] || 1000).all
+ @users = User.limit(params[:limit])
@user_activity = {}
@activity = {
logins: {},
1.month.ago.beginning_of_month,
Time.now.beginning_of_month]]
@spans.each do |span, threshold_start, threshold_end|
- @activity[:logins][span] = Log.
+ @activity[:logins][span] = Log.select(%w(uuid modified_by_user_uuid)).
filter([[:event_type, '=', 'login'],
[:object_kind, '=', 'arvados#user'],
[:created_at, '>=', threshold_start],
[:created_at, '<', threshold_end]])
- @activity[:jobs][span] = Job.
+ @activity[:jobs][span] = Job.select(%w(uuid modified_by_user_uuid)).
filter([[:created_at, '>=', threshold_start],
[:created_at, '<', threshold_end]])
- @activity[:pipeline_instances][span] = PipelineInstance.
+ @activity[:pipeline_instances][span] = PipelineInstance.select(%w(uuid modified_by_user_uuid)).
filter([[:created_at, '>=', threshold_start],
[:created_at, '<', threshold_end]])
@activity.each do |type, act|
def storage
@breadcrumb_page_name = nil
- @users = User.limit(params[:limit] || 1000).all
+ @users = User.limit(params[:limit])
@user_storage = {}
total_storage = {}
@log_date = {}
filter([[:object_uuid, '=', u.uuid],
[:event_type, '=', 'user-storage-report']]).
order(:created_at => :desc).
+ with_count('none').
limit(1)
storage_log.each do |log_entry|
# We expect this block to only execute once since we specified limit(1)
end
def home
- @showallalerts = false
@my_ssh_keys = AuthorizedKey.where(authorized_user_uuid: current_user.uuid)
@my_tag_links = {}
@persist_state[uuid] = 'cache'
end
- Link.limit(1000).filter([['head_uuid', 'in', collection_uuids],
+ Link.filter([['head_uuid', 'in', collection_uuids],
['link_class', 'in', ['tag', 'resources']]]).
each do |link|
case link.link_class
if params['openid_prefix'] && params['openid_prefix'].size>0
setup_params[:openid_prefix] = params['openid_prefix']
end
- if params['repo_name'] && params['repo_name'].size>0
- setup_params[:repo_name] = params['repo_name']
- end
if params['vm_uuid'] && params['vm_uuid'].size>0
setup_params[:vm_uuid] = params['vm_uuid']
end
- if User.setup setup_params
+ setup_resp = User.setup setup_params
+ if setup_resp
+ vm_link = nil
+ setup_resp[:items].each do |item|
+ if item[:head_kind] == "arvados#virtualMachine"
+ vm_link = item
+ break
+ end
+ end
+ if params[:groups]
+ new_groups = params[:groups].split(',').map(&:strip).select{|i| !i.empty?}
+ if vm_link and new_groups != vm_link[:properties][:groups]
+ vm_login_link = Link.where(uuid: vm_link[:uuid])
+ if vm_login_link.items_available > 0
+ link = vm_login_link.results.first
+ props = link.properties
+ props[:groups] = new_groups
+ link.save!
+ end
+ end
+ end
+
format.js
else
self.render_error status: 422
end
end
+ def virtual_machines
+ @my_vm_logins = {}
+ Link.where(tail_uuid: @object.uuid,
+ link_class: 'permission',
+ name: 'can_login').
+ each do |perm_link|
+ if perm_link.properties.andand[:username]
+ @my_vm_logins[perm_link.head_uuid] ||= []
+ @my_vm_logins[perm_link.head_uuid] << perm_link.properties[:username]
+ end
+ end
+ @my_virtual_machines = VirtualMachine.where(uuid: @my_vm_logins.keys)
+ end
+
+ def ssh_keys
+ @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: @object.uuid)
+ end
+
+ def add_ssh_key_popup
+ respond_to do |format|
+ format.html
+ format.js
+ end
+ end
+
+ def add_ssh_key
+ respond_to do |format|
+ key_params = {'key_type' => 'SSH'}
+ key_params['authorized_user_uuid'] = current_user.uuid
+
+ if params['name'] && params['name'].size>0
+ key_params['name'] = params['name'].strip
+ end
+ if params['public_key'] && params['public_key'].size>0
+ key_params['public_key'] = params['public_key'].strip
+ end
+
+ if !key_params['name'] && params['public_key'].andand.size>0
+ split_key = key_params['public_key'].split
+ key_params['name'] = split_key[-1] if (split_key.size == 3)
+ end
+
+ new_key = AuthorizedKey.create! key_params
+ if new_key
+ format.js
+ else
+ self.render_error status: 422
+ end
+ end
+ end
+
+ def request_shell_access
+ logger.warn "request_access: #{params.inspect}"
+ params['request_url'] = request.url
+ RequestShellAccessReporter.send_request(current_user, params).deliver
+ end
+
protected
def find_current_links user
link_class: 'permission',
name: 'can_login')
if vm_login_perms.any?
- vm_uuid = vm_login_perms.first.head_uuid
+ vm_perm = vm_login_perms.first
+ vm_uuid = vm_perm.head_uuid
current_selections[:vm_uuid] = vm_uuid
+ current_selections[:groups] = vm_perm.properties[:groups].andand.join(', ')
end
return current_selections