X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/3409236dee75142911976ebaef134ae203a726c6..cf1097ef1225c05eb4431093a4971739a3ee5a37:/apps/workbench/app/controllers/collections_controller.rb diff --git a/apps/workbench/app/controllers/collections_controller.rb b/apps/workbench/app/controllers/collections_controller.rb index 3a1013a32c..4e0008d93c 100644 --- a/apps/workbench/app/controllers/collections_controller.rb +++ b/apps/workbench/app/controllers/collections_controller.rb @@ -1,22 +1,109 @@ class CollectionsController < ApplicationController - skip_before_filter :find_object_by_uuid, :only => [:provenance] - skip_before_filter :check_user_agreements, :only => [:show_file] + include ActionController::Live + + skip_around_filter(:require_thread_api_token, + only: [:show_file, :show_file_links]) + skip_before_filter(:find_object_by_uuid, + only: [:provenance, :show_file, :show_file_links]) + # We depend on show_file to display the user agreement: + skip_before_filter :check_user_agreements, only: :show_file + skip_before_filter :check_user_profile, only: :show_file + + RELATION_LIMIT = 5 + + def show_pane_list + %w(Files Provenance_graph Used_by Advanced) + end + + def set_persistent + case params[:value] + when 'persistent', 'cache' + persist_links = Link.filter([['owner_uuid', '=', current_user.uuid], + ['link_class', '=', 'resources'], + ['name', '=', 'wants'], + ['tail_uuid', '=', current_user.uuid], + ['head_uuid', '=', @object.uuid]]) + logger.debug persist_links.inspect + else + return unprocessable "Invalid value #{value.inspect}" + end + if params[:value] == 'persistent' + if not persist_links.any? + Link.create(link_class: 'resources', + name: 'wants', + tail_uuid: current_user.uuid, + head_uuid: @object.uuid) + end + else + persist_links.each do |link| + link.destroy || raise + end + end + + respond_to do |f| + f.json { render json: @object } + end + end + + def choose + # Find collections using default find_objects logic, then search for name + # links, and preload any other links connected to the collections that are + # found. + # Name links will be obsolete when issue #3036 is merged, + # at which point this entire custom #choose function can probably be + # eliminated. + + params[:limit] ||= 40 + + find_objects_for_index + @collections = @objects + + @filters += [['link_class','=','name'], + ['head_uuid','is_a','arvados#collection']] + + @objects = Link + find_objects_for_index + + @name_links = @objects + + @objects = Collection. + filter([['uuid','in',@name_links.collect(&:head_uuid)]]) + + preload_links_for_objects (@collections.to_a + @objects.to_a) + super + end def index + # API server index doesn't return manifest_text by default, but our + # callers want it unless otherwise specified. + @select ||= Collection.columns.map(&:name) + base_search = Collection.select(@select) if params[:search].andand.length.andand > 0 tags = Link.where(any: ['contains', params[:search]]) - @collections = (Collection.where(uuid: tags.collect(&:head_uuid)) | - Collection.where(any: ['contains', params[:search]])). + @collections = (base_search.where(uuid: tags.collect(&:head_uuid)) | + base_search.where(any: ['contains', params[:search]])). uniq { |c| c.uuid } else - @collections = Collection.limit(100) + if params[:limit] + limit = params[:limit].to_i + else + limit = 100 + end + + if params[:offset] + offset = params[:offset].to_i + else + offset = 0 + end + + @collections = base_search.limit(limit).offset(offset) end @links = Link.limit(1000). where(head_uuid: @collections.collect(&:uuid)) @collection_info = {} @collections.each do |c| @collection_info[c.uuid] = { - tags: [], + tag_links: [], wanted: false, wanted_by_me: false, provenance: [], @@ -28,7 +115,7 @@ class CollectionsController < ApplicationController info = @collection_info[link.head_uuid] case link.link_class when 'tag' - info[:tags] << link.name + info[:tag_links] << link when 'resources' info[:wanted] = true info[:wanted_by_me] ||= link.tail_uuid == current_user.uuid @@ -38,233 +125,229 @@ class CollectionsController < ApplicationController info[:links] << link end @request_url = request.url + + render_index + end + + def show_file_links + Thread.current[:reader_tokens] = [params[:reader_token]] + return if false.equal?(find_object_by_uuid) + render layout: false end def show_file - opts = params.merge(arvados_api_token: Thread.current[:arvados_api_token]) - if r = params[:file].match(/(\.\w+)/) - ext = r[1] + # We pipe from arv-get to send the file to the user. Before we start it, + # we ask the API server if the file actually exists. This serves two + # purposes: it lets us return a useful status code for common errors, and + # helps us figure out which token to provide to arv-get. + coll = nil + tokens = [Thread.current[:arvados_api_token], params[:reader_token]].compact + usable_token = find_usable_token(tokens) do + coll = Collection.find(params[:uuid]) + end + if usable_token.nil? + return # Response already rendered. + elsif params[:file].nil? or not coll.manifest.has_file?(params[:file]) + return render_not_found end + + opts = params.merge(arvados_api_token: usable_token) + + # Handle Range requests. Currently we support only 'bytes=0-....' + if request.headers.include? 'HTTP_RANGE' + if m = /^bytes=0-(\d+)/.match(request.headers['HTTP_RANGE']) + opts[:maxbytes] = m[1] + size = params[:size] || '*' + self.response.status = 206 + self.response.headers['Content-Range'] = "bytes 0-#{m[1]}/#{size}" + end + end + + ext = File.extname(params[:file]) self.response.headers['Content-Type'] = Rack::Mime::MIME_TYPES[ext] || 'application/octet-stream' - self.response.headers['Content-Length'] = params[:size] if params[:size] + if params[:size] + size = params[:size].to_i + if opts[:maxbytes] + size = [size, opts[:maxbytes].to_i].min + end + self.response.headers['Content-Length'] = size.to_s + end self.response.headers['Content-Disposition'] = params[:disposition] if params[:disposition] - self.response_body = FileStreamer.new opts - end - - def self.describe_node(uuid) - uuid = uuid.to_s - rsc = ArvadosBase::resource_class_for_uuid uuid - if rsc - "\"#{uuid}\" [label=\"#{rsc}\\n#{uuid}\",href=\"/#{rsc.to_s.underscore.pluralize rsc}/#{uuid}\"];" - else - "" + begin + file_enumerator(opts).each do |bytes| + response.stream.write bytes + end + ensure + response.stream.close end end - def self.job_uuid(job) - # "#{job[:script]}\\n#{job[:script_version]}" - "#{job[:script]}" + def sharing_scopes + ["GET /arvados/v1/collections/#{@object.uuid}", "GET /arvados/v1/collections/#{@object.uuid}/", "GET /arvados/v1/keep_services/accessible"] end - def self.collection_uuid(uuid) - m = /([a-f0-9]{32}(\+[0-9]+)?)(\+.*)?/.match(uuid.to_s) - if m - m[1] - else + def search_scopes + begin + ApiClientAuthorization.filter([['scopes', '=', sharing_scopes]]).results + rescue ArvadosApiClient::AccessForbiddenException nil end end - def self.script_param_edges(visited, job, prefix, sp, opts) - gr = "" - if sp and not sp.empty? - case sp - when Hash - sp.each do |k, v| - if prefix.size > 0 - k = prefix + "::" + k.to_s - end - gr += CollectionsController::script_param_edges(visited, job, k.to_s, v, opts) - end - when Array - sp.each do |v| - gr += CollectionsController::script_param_edges(visited, job, prefix, v, opts) - end - else - m = collection_uuid(sp) - if m - gr += "\"#{job_uuid(job)}\" -> \"#{m}\" [label=\" #{prefix}\"];" - gr += CollectionsController::generate_provenance_edges(visited, m, opts) - end - end + def find_object_by_uuid + if not Keep::Locator.parse params[:id] + super end - gr end - def self.generate_provenance_edges(pdata, uuid, opts) - gr = "" - m = CollectionsController::collection_uuid(uuid) - uuid = m if m - - uuid = uuid.intern if uuid - - if (not uuid) or uuid.empty? \ - or (pdata[uuid] and pdata[uuid][:_visited]) - - #puts "already visited #{uuid}" - return "" - end - - if not pdata[uuid] then - return CollectionsController::describe_node(uuid) - else - pdata[uuid][:_visited] = true - end - - #puts "visiting #{uuid}" - - if m - # uuid is a collection - gr += CollectionsController::describe_node(uuid) - - pdata.each do |k, job| - if job[:output] == uuid.to_s - gr += "\"#{uuid}\" -> \"#{job_uuid(job)}\" [label=\"output\"];" - gr += CollectionsController::generate_provenance_edges(pdata, job[:uuid]) + def show + return super if !@object + if current_user + if Keep::Locator.parse params["uuid"] + @same_pdh = Collection.filter([["portable_data_hash", "=", @object.portable_data_hash]]).limit(1000) + if @same_pdh.results.size == 1 + redirect_to collection_path(@same_pdh[0]["uuid"]) + return end - if job[:log] == uuid.to_s - gr += "\"#{uuid}\" -> \"#{job_uuid(job)}\" [label=\"log\"];" - gr += CollectionsController::generate_provenance_edges(pdata, job[:uuid]) + owners = @same_pdh.map(&:owner_uuid).to_a.uniq + preload_objects_for_dataclass Group, owners + preload_objects_for_dataclass User, owners + render 'hash_matches' + return + else + jobs_with = lambda do |conds| + Job.limit(RELATION_LIMIT).where(conds) + .results.sort_by { |j| j.finished_at || j.created_at } end - end - else - # uuid is something else - rsc = ArvadosBase::resource_class_for_uuid uuid.to_s + @output_of = jobs_with.call(output: @object.portable_data_hash) + @log_of = jobs_with.call(log: @object.portable_data_hash) + @project_links = Link.limit(RELATION_LIMIT).order("modified_at DESC") + .where(head_uuid: @object.uuid, link_class: 'name').results + project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).to_hash + @projects = project_hash.values - if rsc == Job - job = pdata[uuid] - if job - gr += CollectionsController::script_param_edges(pdata, job, "", job[:script_parameters], opts) + @permissions = Link.limit(RELATION_LIMIT).order("modified_at DESC") + .where(head_uuid: @object.uuid, link_class: 'permission', + name: 'can_read').results + @logs = Log.limit(RELATION_LIMIT).order("created_at DESC") + .where(object_uuid: @object.uuid).results + @is_persistent = Link.limit(1) + .where(head_uuid: @object.uuid, tail_uuid: current_user.uuid, + link_class: 'resources', name: 'wants') + .results.any? + @search_sharing = search_scopes + + if params["tab_pane"] == "Provenance_graph" + @prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg", + {:request => request, + :direction => :bottom_up, + :combine_jobs => :script_only}) rescue nil + end + if params["tab_pane"] == "Used_by" + @used_by_svg = ProvenanceHelper::create_provenance_graph(@object.used_by, "used_by_svg", + {:request => request, + :direction => :top_down, + :combine_jobs => :script_only, + :pdata_only => true}) rescue nil end - else - gr += CollectionsController::describe_node(uuid) end end + super + end - pdata.each do |k, link| - if link[:head_uuid] == uuid.to_s and link[:link_class] == "provenance" - gr += CollectionsController::describe_node(link[:tail_uuid]) - gr += "\"#{link[:head_uuid]}\" -> \"#{link[:tail_uuid]}\" [label=\" #{link[:name]}\", href=\"/links/#{link[:uuid]}\"];" - gr += CollectionsController::generate_provenance_edges(pdata, link[:tail_uuid], opts) - end + def sharing_popup + @search_sharing = search_scopes + respond_to do |format| + format.html + format.js end - - #puts "finished #{uuid}" - - gr end - def self.create_provenance_graph(pdata, uuid, opts={}) - require 'open3' - - gr = """strict digraph { -node [fontsize=8,shape=box]; -edge [dir=back,fontsize=8];""" - - #puts "pdata is #{pdata}" + helper_method :download_link - gr += CollectionsController::generate_provenance_edges(pdata, uuid, opts) + def download_link + collections_url + "/download/#{@object.uuid}/#{@search_sharing.first.api_token}/" + end - gr += "}" - svg = "" + def share + a = ApiClientAuthorization.create(scopes: sharing_scopes) + @search_sharing = search_scopes + render 'sharing_popup' + end - Open3.popen2("dot", "-Tsvg") do |stdin, stdout, wait_thr| - stdin.print(gr) - stdin.close - svg = stdout.read() - wait_thr.value - stdout.close() + def unshare + @search_sharing = search_scopes + @search_sharing.each do |s| + s.destroy end - - svg = svg.sub(/<\?xml.*?\?>/m, "") - svg = svg.sub(//m, "") + @search_sharing = search_scopes + render 'sharing_popup' end - def show - return super if !@object - @provenance = [] - @output2job = {} - @output2colorindex = {} - @sourcedata = {params[:uuid] => {uuid: params[:uuid]}} - @protected = {} - - colorindex = -1 - any_hope_left = true - while any_hope_left - any_hope_left = false - Job.where(output: @sourcedata.keys).sort_by { |a| a.finished_at || a.created_at }.reverse.each do |job| - if !@output2colorindex[job.output] - any_hope_left = true - @output2colorindex[job.output] = (colorindex += 1) % 10 - @provenance << {job: job, output: job.output} - @sourcedata.delete job.output - @output2job[job.output] = job - job.dependencies.each do |new_source_data| - unless @output2colorindex[new_source_data] - @sourcedata[new_source_data] = {uuid: new_source_data} - end - end - end - end - end + protected - Link.where(head_uuid: @sourcedata.keys | @output2job.keys).each do |link| - if link.link_class == 'resources' and link.name == 'wants' - @protected[link.head_uuid] = true - end - end - Link.where(tail_uuid: @sourcedata.keys).each do |link| - if link.link_class == 'data_origin' - @sourcedata[link.tail_uuid][:data_origins] ||= [] - @sourcedata[link.tail_uuid][:data_origins] << [link.name, link.head_kind, link.head_uuid] - end - end - Collection.where(uuid: @sourcedata.keys).each do |collection| - if @sourcedata[collection.uuid] - @sourcedata[collection.uuid][:collection] = collection + def find_usable_token(token_list) + # Iterate over every given token to make it the current token and + # yield the given block. + # If the block succeeds, return the token it used. + # Otherwise, render an error response based on the most specific + # error we encounter, and return nil. + most_specific_error = [401] + token_list.each do |api_token| + begin + using_specific_api_token(api_token) do + yield + return api_token + end + rescue ArvadosApiClient::ApiError => error + if error.api_status >= most_specific_error.first + most_specific_error = [error.api_status, error] + end end end - - Collection.where(uuid: @object.uuid).each do |u| - @prov_svg = CollectionsController::create_provenance_graph u.provenance, u.uuid + case most_specific_error.shift + when 401, 403 + redirect_to_login + when 404 + render_not_found(*most_specific_error) end + return nil + end + + def file_enumerator(opts) + FileStreamer.new opts end - protected class FileStreamer + include ArvadosApiClientHelper def initialize(opts={}) @opts = opts end def each return unless @opts[:uuid] && @opts[:file] - env = Hash[ENV]. - merge({ - 'ARVADOS_API_HOST' => - $arvados_api_client.arvados_v1_base. - sub(/\/arvados\/v1/, ''). - sub(/^https?:\/\//, ''), - 'ARVADOS_API_TOKEN' => - @opts[:arvados_api_token], - 'ARVADOS_API_HOST_INSECURE' => - Rails.configuration.arvados_insecure_https ? 'true' : 'false' - }) - IO.popen([env, 'arv-get', "#{@opts[:uuid]}/#{@opts[:file]}"], - 'rb') do |io| - while buf = io.read(2**20) - yield buf + + env = Hash[ENV].dup + + require 'uri' + u = URI.parse(arvados_api_client.arvados_v1_base) + env['ARVADOS_API_HOST'] = "#{u.host}:#{u.port}" + env['ARVADOS_API_TOKEN'] = @opts[:arvados_api_token] + env['ARVADOS_API_HOST_INSECURE'] = "true" if Rails.configuration.arvados_insecure_https + + bytesleft = @opts[:maxbytes].andand.to_i || 2**16 + io = IO.popen([env, 'arv-get', "#{@opts[:uuid]}/#{@opts[:file]}"], 'rb') + while bytesleft > 0 && (buf = io.read([bytesleft, 2**16].min)) != nil + # shrink the bytesleft count, if we were given a maximum byte + # count to read + if @opts.include? :maxbytes + bytesleft = bytesleft - buf.length end + yield buf end + io.close + # "If ios is opened by IO.popen, close sets $?." + # http://www.ruby-doc.org/core-2.1.3/IO.html#method-i-close Rails.logger.warn("#{@opts[:uuid]}/#{@opts[:file]}: #{$?}") if $? != 0 end end