before_action :reload_object_before_update, :only => :update
before_action(:render_404_if_no_object,
except: [:index, :create] + ERROR_ACTIONS)
+ before_action :only_admin_can_bypass_federation
attr_writer :resource_attrs
:with => :render_error)
rescue_from(ActiveRecord::RecordNotFound,
ActionController::RoutingError,
- ActionController::UnknownController,
AbstractController::ActionNotFound,
:with => :render_not_found)
end
render_not_found "Object not found" if !@object
end
+ def only_admin_can_bypass_federation
+ unless !params[:bypass_federation] || current_user.andand.is_admin
+ send_error("The bypass_federation parameter is only permitted when current user is admin", status: 403)
+ end
+ end
+
def render_error(e)
logger.error e.inspect
if e.respond_to? :backtrace and e.backtrace
if params[pname].is_a?(Boolean)
return params[pname]
else
- logger.warn "Warning: received non-boolean parameter '#{pname}' on #{self.class.inspect}."
+ logger.warn "Warning: received non-boolean value #{params[pname].inspect} for boolean parameter #{pname} on #{self.class.inspect}, treating as false."
end
end
false
%w(created_at modified_by_client_uuid modified_by_user_uuid modified_at).each do |x|
@attrs.delete x.to_sym
end
- @attrs = @attrs.symbolize_keys if @attrs.is_a? HashWithIndifferentAccess
+ @attrs = @attrs.symbolize_keys if @attrs.is_a? ActiveSupport::HashWithIndifferentAccess
@attrs
end
# Make sure params[key] is either true or false -- not a
# string, not nil, etc.
if not params.include?(key)
- params[key] = info[:default]
+ params[key] = info[:default] || false
elsif [false, 'false', '0', 0].include? params[key]
params[key] = false
elsif [true, 'true', '1', 1].include? params[key]
location: "query",
required: false,
},
- no_federation: {
+ bypass_federation: {
type: 'boolean',
required: false,
description: 'bypass federation behavior, list items from local instance database only'
projects / arvados.git / blobdiff