around_filter :set_thread_api_token
# Methods that don't require login should
# skip_around_filter :require_thread_api_token
- around_filter :require_thread_api_token, except: ERROR_ACTIONS
+ around_filter :require_thread_api_token, except: [:report_issue_popup, :report_issue] + ERROR_ACTIONS
before_filter :accept_uuid_as_id_param, except: ERROR_ACTIONS
- before_filter :check_user_agreements, except: ERROR_ACTIONS
+ before_filter :check_user_agreements, except: [:report_issue_popup, :report_issue] + ERROR_ACTIONS
before_filter :check_user_profile, except: ERROR_ACTIONS
before_filter :check_user_notifications, except: ERROR_ACTIONS
before_filter :load_filters_and_paging_params, except: ERROR_ACTIONS
false # We may redirect to login, or not, based on the current action.
else
session[:arvados_api_token] = params[:api_token]
+ # If we later have trouble contacting the API server, we still want
+ # to be able to render basic user information in the UI--see
+ # render_exception above. We store that in the session here. This is
+ # not intended to be used as a general-purpose cache. See #2891.
session[:user] = {
uuid: user.uuid,
email: user.email,
projects / arvados.git / blobdiff