X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/4127b85f2c1af611bb70d5ab469adac126d0a7a4..cbc29982e30fd776c194c47dc584710ff1b340c4:/apps/workbench/app/controllers/users_controller.rb diff --git a/apps/workbench/app/controllers/users_controller.rb b/apps/workbench/app/controllers/users_controller.rb index 6168cd5293..86e982368c 100644 --- a/apps/workbench/app/controllers/users_controller.rb +++ b/apps/workbench/app/controllers/users_controller.rb @@ -1,23 +1,48 @@ class UsersController < ApplicationController - skip_before_filter :find_object_by_uuid, :only => [:welcome, :activity] - skip_around_filter :thread_with_mandatory_api_token, :only => :welcome + skip_around_filter :require_thread_api_token, only: :welcome + skip_before_filter :check_user_agreements, only: [:welcome, :inactive] + skip_before_filter :check_user_profile, only: [:welcome, :inactive, :profile] + skip_before_filter :find_object_by_uuid, only: [:welcome, :activity, :storage] + before_filter :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup] + + def show + if params[:uuid] == current_user.uuid + respond_to do |f| + f.html do + redirect_to(params[:return_to] || project_path(params[:uuid])) + end + end + else + super + end + end def welcome if current_user - params[:action] = 'home' - home + redirect_to (params[:return_to] || '/') end end + def inactive + if current_user.andand.is_invited + redirect_to (params[:return_to] || '/') + end + end + + def profile + params[:offer_return_to] ||= params[:return_to] + end + def activity @breadcrumb_page_name = nil - @users = User.all + @users = User.limit(params[:limit] || 1000).all @user_activity = {} @activity = { logins: {}, jobs: {}, pipeline_instances: {} } + @total_activity = {} @spans = [['This week', Time.now.beginning_of_week, Time.now], ['Last week', Time.now.beginning_of_week.advance(weeks:-1), @@ -48,20 +73,74 @@ class UsersController < ApplicationController @user_activity[record.modified_by_user_uuid] ||= {} @user_activity[record.modified_by_user_uuid][span + ' ' + type.to_s] ||= 0 @user_activity[record.modified_by_user_uuid][span + ' ' + type.to_s] += 1 + @total_activity[span + ' ' + type.to_s] ||= 0 + @total_activity[span + ' ' + type.to_s] += 1 end end end @users = @users.sort_by do |a| [-@user_activity[a.uuid].values.inject(:+), a.full_name] end + # Prepend a "Total" pseudo-user to the sorted list + @user_activity[nil] = @total_activity + @users = [OpenStruct.new(uuid: nil)] + @users + end + + def storage + @breadcrumb_page_name = nil + @users = User.limit(params[:limit] || 1000).all + @user_storage = {} + total_storage = {} + @log_date = {} + @users.each do |u| + @user_storage[u.uuid] ||= {} + storage_log = Log. + filter([[:object_uuid, '=', u.uuid], + [:event_type, '=', 'user-storage-report']]). + order(:created_at => :desc). + limit(1) + storage_log.each do |log_entry| + # We expect this block to only execute once since we specified limit(1) + @user_storage[u.uuid] = log_entry['properties'] + @log_date[u.uuid] = log_entry['event_at'] + end + total_storage.merge!(@user_storage[u.uuid]) { |k,v1,v2| v1 + v2 } + end + @users = @users.sort_by { |u| + [-@user_storage[u.uuid].values.push(0).inject(:+), u.full_name]} + # Prepend a "Total" pseudo-user to the sorted list + @users = [OpenStruct.new(uuid: nil)] + @users + @user_storage[nil] = total_storage + end + + def show_pane_list + if current_user.andand.is_admin + super | %w(Admin) + else + super + end + end + + def index_pane_list + if current_user.andand.is_admin + super | %w(Activity) + else + super + end + end + + def sudo + resp = arvados_api_client.api(ApiClientAuthorization, '', { + api_client_authorization: { + owner_uuid: @object.uuid + } + }) + redirect_to root_url(api_token: resp[:api_token]) end def home @showallalerts = false @my_ssh_keys = AuthorizedKey.where(authorized_user_uuid: current_user.uuid) - # @my_vm_perms = Link.where(tail_uuid: current_user.uuid, head_kind: 'arvados#virtual_machine', link_class: 'permission', name: 'can_login') - # @my_repo_perms = Link.where(tail_uuid: current_user.uuid, head_kind: 'arvados#repository', link_class: 'permission', name: 'can_write') - @my_tag_links = {} @my_jobs = Job. @@ -73,10 +152,24 @@ class UsersController < ApplicationController limit(10). order('created_at desc'). where(created_by: current_user.uuid) + collection_uuids = @my_collections.collect &:uuid + + @persist_state = {} + collection_uuids.each do |uuid| + @persist_state[uuid] = 'cache' + end - Link.limit(1000).where(head_uuid: @my_collections.collect(&:uuid), - link_class: 'tag').each do |link| - (@my_tag_links[link.head_uuid] ||= []) << link + Link.limit(1000).filter([['head_uuid', 'in', collection_uuids], + ['link_class', 'in', ['tag', 'resources']]]). + each do |link| + case link.link_class + when 'tag' + (@my_tag_links[link.head_uuid] ||= []) << link + when 'resources' + if link.name == 'wants' + @persist_state[link.head_uuid] = 'persistent' + end + end end @my_pipelines = PipelineInstance. @@ -84,25 +177,177 @@ class UsersController < ApplicationController order('created_at desc'). where(created_by: current_user.uuid) - - # A Tutorial is a Link which has link_class "resources" and name - # "wants", and is owned by the Tutorials Group (i.e., named - # "Arvados Tutorials" and owned by the system user). - @tutorial_group = Group.where(owner_uuid: User.system.uuid, - name: 'Arvados Tutorials').first - if @tutorial_group - @tutorial_links = Link.where(tail_uuid: @tutorial_group.uuid, - link_class: 'resources', - name: 'wants') - else - @tutorial_links = [] - end - @tutorial_complete = { - 'Run a job' => @my_last_job - } respond_to do |f| f.js { render template: 'users/home.js' } f.html { render template: 'users/home' } end end + + def unsetup + if current_user.andand.is_admin + @object.unsetup + end + show + end + + def setup + respond_to do |format| + if current_user.andand.is_admin + setup_params = {} + setup_params[:send_notification_email] = "#{Rails.configuration.send_user_setup_notification_email}" + if params['user_uuid'] && params['user_uuid'].size>0 + setup_params[:uuid] = params['user_uuid'] + end + if params['email'] && params['email'].size>0 + user = {email: params['email']} + setup_params[:user] = user + end + if params['openid_prefix'] && params['openid_prefix'].size>0 + setup_params[:openid_prefix] = params['openid_prefix'] + end + if params['repo_name'] && params['repo_name'].size>0 + setup_params[:repo_name] = params['repo_name'] + end + if params['vm_uuid'] && params['vm_uuid'].size>0 + setup_params[:vm_uuid] = params['vm_uuid'] + end + + if User.setup setup_params + format.js + else + self.render_error status: 422 + end + else + self.render_error status: 422 + end + end + end + + def setup_popup + @vms = VirtualMachine.all.results + + @current_selections = find_current_links @object + + respond_to do |format| + format.html + format.js + end + end + + def manage_account + # repositories current user can read / write + repo_links = Link. + filter([['head_uuid', 'is_a', 'arvados#repository'], + ['tail_uuid', '=', current_user.uuid], + ['link_class', '=', 'permission'], + ]) + @my_repositories = Repository.where uuid: repo_links.collect(&:head_uuid) + @repo_writable = {} + repo_links.each do |link| + if link.name.in? ['can_write', 'can_manage'] + @repo_writable[link.head_uuid] = true + end + end + + # virtual machines the current user can login into + @my_vm_logins = {} + Link.where(tail_uuid: current_user.uuid, + link_class: 'permission', + name: 'can_login'). + each do |perm_link| + if perm_link.properties.andand[:username] + @my_vm_logins[perm_link.head_uuid] ||= [] + @my_vm_logins[perm_link.head_uuid] << perm_link.properties[:username] + end + end + @my_virtual_machines = VirtualMachine.where(uuid: @my_vm_logins.keys) + + # current user's ssh keys + @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: current_user.uuid) + + respond_to do |f| + f.html { render template: 'users/manage_account' } + end + end + + def add_ssh_key_popup + respond_to do |format| + format.html + format.js + end + end + + def add_ssh_key + respond_to do |format| + key_params = {'key_type' => 'SSH'} + key_params['authorized_user_uuid'] = current_user.uuid + + if params['name'] && params['name'].size>0 + key_params['name'] = params['name'].strip + end + if params['public_key'] && params['public_key'].size>0 + key_params['public_key'] = params['public_key'].strip + end + + if !key_params['name'] && params['public_key'].andand.size>0 + split_key = key_params['public_key'].split + key_params['name'] = split_key[-1] if (split_key.size == 3) + end + + new_key = AuthorizedKey.create! key_params + if new_key + format.js + else + self.render_error status: 422 + end + end + end + + protected + + def find_current_links user + current_selections = {} + + if !user + return current_selections + end + + # oid login perm + oid_login_perms = Link.where(tail_uuid: user.email, + head_kind: 'arvados#user', + link_class: 'permission', + name: 'can_login') + + if oid_login_perms.any? + prefix_properties = oid_login_perms.first.properties + current_selections[:identity_url_prefix] = prefix_properties[:identity_url_prefix] + end + + # repo perm + repo_perms = Link.where(tail_uuid: user.uuid, + head_kind: 'arvados#repository', + link_class: 'permission', + name: 'can_write') + if repo_perms.any? + repo_uuid = repo_perms.first.head_uuid + repos = Repository.where(head_uuid: repo_uuid) + if repos.any? + repo_name = repos.first.name + current_selections[:repo_name] = repo_name + end + end + + # vm login perm + vm_login_perms = Link.where(tail_uuid: user.uuid, + head_kind: 'arvados#virtualMachine', + link_class: 'permission', + name: 'can_login') + if vm_login_perms.any? + vm_uuid = vm_login_perms.first.head_uuid + current_selections[:vm_uuid] = vm_uuid + end + + return current_selections + end + end