# See http://guides.rubyonrails.org/routing.html
+ # OPTIONS requests are not allowed at routes that use cookies.
+ ['/auth/*a', '/login', '/logout'].each do |nono|
+ match nono, :to => 'user_sessions#cross_origin_forbidden', :via => 'OPTIONS'
+ end
+ # OPTIONS at discovery and API paths get an empty response with CORS headers.
+ match '/discovery/v1/*a', :to => 'static#empty', :via => 'OPTIONS'
+ match '/arvados/v1/*a', :to => 'static#empty', :via => 'OPTIONS'
+
namespace :arvados do
namespace :v1 do
resources :api_client_authorizations do
post 'create_system_auth', on: :collection
+ get 'current', on: :collection
end
resources :api_clients
resources :authorized_keys
end
resources :humans
resources :job_tasks
+ resources :containers do
+ get 'auth', on: :member
+ post 'lock', on: :member
+ post 'unlock', on: :member
+ get 'current', on: :collection
+ end
+ resources :container_requests
resources :jobs do
get 'queue', on: :collection
get 'queue_size', on: :collection
post 'cancel', on: :member
+ post 'lock', on: :member
end
resources :keep_disks do
post 'ping', on: :collection
end
resources :pipeline_instances
resources :pipeline_templates
+ resources :workflows
resources :repositories do
get 'get_all_permissions', on: :collection
end
end
end
+ if Rails.env == 'test'
+ post '/database/reset', to: 'database#reset'
+ end
+
# omniauth
match '/auth/:provider/callback', :to => 'user_sessions#create'
match '/auth/failure', :to => 'user_sessions#failure'
+ # not handled by omniauth provider -> 403 with no CORS headers.
+ get '/auth/*a', :to => 'user_sessions#cross_origin_forbidden'
# Custom logout
match '/login', :to => 'user_sessions#login'
projects / arvados.git / blobdiff