X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/1071802079ee3c706d217ce41fd35b4e304a6a30..9318b234cbfae138524e45080f549c277e15776b:/apps/workbench/app/controllers/users_controller.rb?ds=sidebyside diff --git a/apps/workbench/app/controllers/users_controller.rb b/apps/workbench/app/controllers/users_controller.rb index d4b917b4dc..350f297af3 100644 --- a/apps/workbench/app/controllers/users_controller.rb +++ b/apps/workbench/app/controllers/users_controller.rb @@ -1,17 +1,45 @@ class UsersController < ApplicationController - skip_before_filter :find_object_by_uuid, :only => [:welcome, :activity, :storage] + skip_around_filter :require_thread_api_token, only: :welcome + skip_before_filter :check_user_agreements, only: [:welcome, :inactive] + skip_before_filter :check_user_profile, only: [:welcome, :inactive, :profile] + skip_before_filter :find_object_by_uuid, only: [:welcome, :activity, :storage] before_filter :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup] + def show + if params[:uuid] == current_user.uuid + respond_to do |f| + f.html do + if request.url.include?("/users/#{current_user.uuid}") + super + else + redirect_to(params[:return_to] || project_path(params[:uuid])) + end + end + end + else + super + end + end + def welcome if current_user - params[:action] = 'home' - home + redirect_to (params[:return_to] || '/') + end + end + + def inactive + if current_user.andand.is_invited + redirect_to (params[:return_to] || '/') end end + def profile + params[:offer_return_to] ||= params[:return_to] + end + def activity @breadcrumb_page_name = nil - @users = User.limit(params[:limit] || 1000).all + @users = User.limit(params[:limit]) @user_activity = {} @activity = { logins: {}, @@ -28,15 +56,15 @@ class UsersController < ApplicationController 1.month.ago.beginning_of_month, Time.now.beginning_of_month]] @spans.each do |span, threshold_start, threshold_end| - @activity[:logins][span] = Log. + @activity[:logins][span] = Log.select(%w(uuid modified_by_user_uuid)). filter([[:event_type, '=', 'login'], [:object_kind, '=', 'arvados#user'], [:created_at, '>=', threshold_start], [:created_at, '<', threshold_end]]) - @activity[:jobs][span] = Job. + @activity[:jobs][span] = Job.select(%w(uuid modified_by_user_uuid)). filter([[:created_at, '>=', threshold_start], [:created_at, '<', threshold_end]]) - @activity[:pipeline_instances][span] = PipelineInstance. + @activity[:pipeline_instances][span] = PipelineInstance.select(%w(uuid modified_by_user_uuid)). filter([[:created_at, '>=', threshold_start], [:created_at, '<', threshold_end]]) @activity.each do |type, act| @@ -64,7 +92,7 @@ class UsersController < ApplicationController def storage @breadcrumb_page_name = nil - @users = User.limit(params[:limit] || 1000).all + @users = User.limit(params[:limit]) @user_storage = {} total_storage = {} @log_date = {} @@ -74,6 +102,7 @@ class UsersController < ApplicationController filter([[:object_uuid, '=', u.uuid], [:event_type, '=', 'user-storage-report']]). order(:created_at => :desc). + with_count('none'). limit(1) storage_log.each do |log_entry| # We expect this block to only execute once since we specified limit(1) @@ -115,7 +144,6 @@ class UsersController < ApplicationController end def home - @showallalerts = false @my_ssh_keys = AuthorizedKey.where(authorized_user_uuid: current_user.uuid) @my_tag_links = {} @@ -135,7 +163,7 @@ class UsersController < ApplicationController @persist_state[uuid] = 'cache' end - Link.limit(1000).filter([['head_uuid', 'in', collection_uuids], + Link.filter([['head_uuid', 'in', collection_uuids], ['link_class', 'in', ['tag', 'resources']]]). each do |link| case link.link_class @@ -181,14 +209,32 @@ class UsersController < ApplicationController if params['openid_prefix'] && params['openid_prefix'].size>0 setup_params[:openid_prefix] = params['openid_prefix'] end - if params['repo_name'] && params['repo_name'].size>0 - setup_params[:repo_name] = params['repo_name'] - end if params['vm_uuid'] && params['vm_uuid'].size>0 setup_params[:vm_uuid] = params['vm_uuid'] end - if User.setup setup_params + setup_resp = User.setup setup_params + if setup_resp + vm_link = nil + setup_resp[:items].each do |item| + if item[:head_kind] == "arvados#virtualMachine" + vm_link = item + break + end + end + if params[:groups] + new_groups = params[:groups].split(',').map(&:strip).select{|i| !i.empty?} + if vm_link and new_groups != vm_link[:properties][:groups] + vm_login_link = Link.where(uuid: vm_link[:uuid]) + if vm_login_link.items_available > 0 + link = vm_login_link.results.first + props = link.properties + props[:groups] = new_groups + link.save! + end + end + end + format.js else self.render_error status: 422 @@ -210,22 +256,31 @@ class UsersController < ApplicationController end end - def manage_account - # repositories current user can read / write - repo_links = [] - Link.filter([['head_uuid', 'is_a', 'arvados#repository'], - ['tail_uuid', '=', current_user.uuid], - ['link_class', '=', 'permission'], - ['name', 'in', ['can_write', 'can_read']], - ]). - each do |perm_link| - repo_links << perm_link[:head_uuid] - end - @my_repositories = Repository.where(uuid: repo_links) + def repositories + # all repositories accessible by current user + all_repositories = Hash[Repository.all.order('name asc').collect {|repo| [repo.uuid, repo]}] + + @my_repositories = [] # we want them ordered as owned and the rest + @repo_writable = {} - # virtual machines the current user can login into + # owned repos + all_repositories.each do |_, repo| + if repo.owner_uuid == current_user.uuid + @repo_writable[repo.uuid] = 'can_write' + @my_repositories << repo + end + end + + # rest of the repos + handled = @my_repositories.map(&:uuid) + all_repositories.each do |_, repo| + @my_repositories << repo if !repo.uuid.in?(handled) + end + end + + def virtual_machines @my_vm_logins = {} - Link.where(tail_uuid: current_user.uuid, + Link.where(tail_uuid: @object.uuid, link_class: 'permission', name: 'can_login'). each do |perm_link| @@ -235,13 +290,10 @@ class UsersController < ApplicationController end end @my_virtual_machines = VirtualMachine.where(uuid: @my_vm_logins.keys) + end - # current user's ssh keys - @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: current_user.uuid) - - respond_to do |f| - f.html { render template: 'users/manage_account' } - end + def ssh_keys + @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: @object.uuid) end def add_ssh_key_popup @@ -277,35 +329,10 @@ class UsersController < ApplicationController end end - def update_profile - user_prefs = User.limit(1).where(uuid: current_user.uuid).first.prefs - - profile_keys = [] - profile_config = Rails.configuration.user_profile_form_fields - profile_config.andand.each do |entry| - profile_keys << entry['key'] - end - - updated_profile = {} - params.andand.each do |param| - if profile_keys.include? param[0] - if param[1].andand.size>0 - updated_profile['profile_'+param[0]] = param[1] - end - end - end - - # Inform server to send mail if this is the first time profile is being created and notification is configured - profile_notification_address = Rails.configuration.user_profile_notification_address - current_user_profile = user_prefs[:profile] if user_prefs - if !current_user_profile && profile_notification_address - updated_profile[:send_profile_notification_email] = profile_notification_address - end - - current_user.update_profile updated_profile - respond_to do |format| - format.js {render inline: "location.reload();"} - end + def request_shell_access + logger.warn "request_access: #{params.inspect}" + params['request_url'] = request.url + RequestShellAccessReporter.send_request(current_user, params).deliver end protected @@ -348,8 +375,10 @@ class UsersController < ApplicationController link_class: 'permission', name: 'can_login') if vm_login_perms.any? - vm_uuid = vm_login_perms.first.head_uuid + vm_perm = vm_login_perms.first + vm_uuid = vm_perm.head_uuid current_selections[:vm_uuid] = vm_uuid + current_selections[:groups] = vm_perm.properties[:groups].andand.join(', ') end return current_selections