class Arvados::V1::UsersController < ApplicationController
+ accept_attribute_as_json :prefs, Hash
+
skip_before_filter :find_object_by_uuid, only:
- [:activate, :event_stream, :current, :system, :setup, :unsetup]
+ [:activate, :current, :system, :setup]
skip_before_filter :render_404_if_no_object, only:
- [:activate, :event_stream, :current, :system, :setup, :unsetup]
+ [:activate, :current, :system, :setup]
+ before_filter :admin_required, only: [:setup, :unsetup]
def current
@object = current_user
show
end
- class ChannelStreamer
- Q_UPDATE_INTERVAL = 12
- def initialize(opts={})
- @opts = opts
- end
- def each
- return unless @opts[:channel]
- @redis = Redis.new(:timeout => 0)
- @redis.subscribe(@opts[:channel]) do |event|
- event.message do |channel, msg|
- yield msg + "\n"
- end
- end
- end
- end
-
- def event_stream
- channel = current_user.andand.uuid
- if current_user.andand.is_admin
- channel = params[:uuid] || channel
- end
- if client_accepts_plain_text_stream
- self.response.headers['Last-Modified'] = Time.now.ctime.to_s
- self.response_body = ChannelStreamer.new(channel: channel)
- else
- render json: {
- href: url_for(uuid: channel),
- comment: ('To retrieve the event stream as plain text, ' +
- 'use a request header like "Accept: text/plain"')
- }
- end
- end
-
def activate
if current_user.andand.is_admin && params[:uuid]
@object = User.find params[:uuid]
raise ArgumentError.new "Cannot activate without being invited."
end
act_as_system_user do
- required_uuids = Link.where(owner_uuid: system_user_uuid,
- link_class: 'signature',
- name: 'require',
- tail_uuid: system_user_uuid,
- head_kind: 'arvados#collection').
+ required_uuids = Link.where("owner_uuid = ? and link_class = ? and name = ? and tail_uuid = ? and head_uuid like ?",
+ system_user_uuid,
+ 'signature',
+ 'require',
+ system_user_uuid,
+ Collection.uuid_like_pattern).
collect(&:head_uuid)
signed_uuids = Link.where(owner_uuid: system_user_uuid,
link_class: 'signature',
name: 'click',
- tail_kind: 'arvados#user',
tail_uuid: @object.uuid,
- head_kind: 'arvados#collection',
head_uuid: required_uuids).
collect(&:head_uuid)
todo_uuids = required_uuids - signed_uuids
- if todo_uuids == []
+ if todo_uuids.empty?
@object.update_attributes is_active: true
logger.info "User #{@object.uuid} activated"
else
end
if object_found
- @response = @object.setup_repo_vm_links params[:repo_name], params[:vm_uuid]
+ @response = @object.setup_repo_vm_links params[:repo_name],
+ params[:vm_uuid], params[:openid_prefix]
else
@response = User.setup @object, params[:openid_prefix],
params[:repo_name], params[:vm_uuid]
end
- render json: { kind: "arvados#HashList", items: @response }
+ # setup succeeded. send email to user
+ if params[:send_notification_email] == true || params[:send_notification_email] == 'true'
+ UserNotifier.account_is_setup(@object).deliver
+ end
+
+ render json: { kind: "arvados#HashList", items: @response.as_api_response(nil) }
end
# delete user agreements, vm, repository, login links; set state to inactive
def unsetup
- if current_user.andand.is_admin && params[:uuid]
- @object = User.find_by_uuid params[:uuid]
- else
- @object = current_user
- end
+ reload_object_before_update
+ @object.unsetup
+ show
+ end
- if !@object
- return render_404_if_no_object
- end
+ protected
- @object = @object.unsetup
- show
+ def self._setup_requires_parameters
+ {
+ user: {
+ type: 'object', required: false
+ },
+ openid_prefix: {
+ type: 'string', required: false
+ },
+ repo_name: {
+ type: 'string', required: false
+ },
+ vm_uuid: {
+ type: 'string', required: false
+ },
+ send_notification_email: {
+ type: 'boolean', required: false, default: false
+ },
+ }
end
+ def find_objects_for_index
+ if (action_name == "index") and (not @read_users.any? { |u| u.is_admin })
+ # Non-admin index returns very basic information about all active users.
+ # We ignore where and filters params to avoid leaking information.
+ @where = {}
+ @filters = []
+ @select = ["uuid", "is_active", "email", "first_name", "last_name"]
+ @objects = model_class.where(is_active: true)
+ end
+ super
+ end
end