around_filter :set_thread_api_token
# Methods that don't require login should
# skip_around_filter :require_thread_api_token
- around_filter :require_thread_api_token, except: ERROR_ACTIONS
+ around_filter :require_thread_api_token, except: [:report_issue_popup, :report_issue] + ERROR_ACTIONS
before_filter :accept_uuid_as_id_param, except: ERROR_ACTIONS
- before_filter :check_user_agreements, except: ERROR_ACTIONS
- before_filter :check_user_profile, except: [:update_profile] + ERROR_ACTIONS
+ before_filter :check_user_agreements, except: [:report_issue_popup, :report_issue] + ERROR_ACTIONS
+ before_filter :check_user_profile, except: ERROR_ACTIONS
before_filter :check_user_notifications, except: ERROR_ACTIONS
before_filter :load_filters_and_paging_params, except: ERROR_ACTIONS
before_filter :find_object_by_uuid, except: [:index, :choose] + ERROR_ACTIONS
return render_not_found("object not found")
end
respond_to do |f|
- f.json { render json: @object.attributes.merge(href: url_for(@object)) }
+ f.json { render json: @object.attributes.merge(href: url_for(action: :show, id: @object)) }
f.html {
if params['tab_pane']
render_pane params['tab_pane']
@object ||= model_class.new @new_resource_attrs, params["options"]
if @object.save
respond_to do |f|
- f.json { render json: @object.attributes.merge(href: url_for(@object)) }
+ f.json { render json: @object.attributes.merge(href: url_for(action: :show, id: @object)) }
f.html {
redirect_to @object
}
false # We may redirect to login, or not, based on the current action.
else
session[:arvados_api_token] = params[:api_token]
+ # If we later have trouble contacting the API server, we still want
+ # to be able to render basic user information in the UI--see
+ # render_exception above. We store that in the session here. This is
+ # not intended to be used as a general-purpose cache. See #2891.
session[:user] = {
uuid: user.uuid,
email: user.email,
session.delete :arvados_api_token
redirect_to_login
else
- redirect_to welcome_users_path, return_to: request.fullpath
+ redirect_to welcome_users_path(return_to: request.fullpath)
end
end
def check_user_agreements
if current_user && !current_user.is_active
if not current_user.is_invited
- return redirect_to inactive_users_path, return_to: request.fullpath
+ return redirect_to inactive_users_path(return_to: request.fullpath)
end
if unsigned_user_agreements.empty?
# No agreements to sign. Perhaps we just need to ask?
end
end
if !current_user.is_active
- redirect_to user_agreements_path, return_to: request.fullpath
+ redirect_to user_agreements_path(return_to: request.fullpath)
end
end
true
end
if missing_required_profile?
- render 'users/profile'
+ redirect_to profile_user_path(current_user.uuid, return_to: request.fullpath)
end
true
end
projects / arvados.git / blobdiff