X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/4dd469c1bd4c1f4a2edac6c2d63bc571e874aa3f..60cf64002cee6af43fe8b6a122c104a12c1fd7bf:/services/api/app/controllers/application_controller.rb

diff --git a/services/api/app/controllers/application_controller.rb b/services/api/app/controllers/application_controller.rb
index ad22accd71..5013c0935a 100644
--- a/services/api/app/controllers/application_controller.rb
+++ b/services/api/app/controllers/application_controller.rb
@@ -1,9 +1,11 @@
 module ApiTemplateOverride
   def allowed_to_render?(fieldset, field, model, options)
+    return false if !super
     if options[:select]
-      return options[:select].include? field.to_s
+      options[:select].include? field.to_s
+    else
+      true
     end
-    super
   end
 end
 
@@ -33,6 +35,7 @@ class ApplicationController < ActionController::Base
   before_filter :catch_redirect_hint
   before_filter(:find_object_by_uuid,
                 except: [:index, :create] + ERROR_ACTIONS)
+  before_filter :load_required_parameters
   before_filter :load_limit_offset_order_params, only: [:index, :contents]
   before_filter :load_where_param, only: [:index, :contents]
   before_filter :load_filters_param, only: [:index, :contents]
@@ -56,6 +59,14 @@ class ApplicationController < ActionController::Base
                 :with => :render_not_found)
   end
 
+  def default_url_options
+    if Rails.configuration.host
+      {:host => Rails.configuration.host}
+    else
+      {}
+    end
+  end
+
   def index
     @objects.uniq!(&:id) if @select.nil? or @select.include? "id"
     if params[:eager] and params[:eager] != '0' and params[:eager] != 0 and params[:eager] != ''
@@ -65,12 +76,47 @@ class ApplicationController < ActionController::Base
   end
 
   def show
-    render json: @object.as_api_response
+    render json: @object.as_api_response(nil, select: @select)
   end
 
   def create
     @object = model_class.new resource_attrs
-    @object.save!
+
+    if @object.respond_to? :name and params[:ensure_unique_name]
+      # Record the original name.  See below.
+      name_stem = @object.name
+      counter = 1
+    end
+
+    begin
+      @object.save!
+    rescue ActiveRecord::RecordNotUnique => rn
+      raise unless params[:ensure_unique_name]
+
+      # Dig into the error to determine if it is specifically calling out a
+      # (owner_uuid, name) uniqueness violation.  In this specific case, and
+      # the client requested a unique name with ensure_unique_name==true,
+      # update the name field and try to save again.  Loop as necessary to
+      # discover a unique name.  It is necessary to handle name choosing at
+      # this level (as opposed to the client) to ensure that record creation
+      # never fails due to a race condition.
+      raise unless rn.original_exception.is_a? PG::UniqueViolation
+
+      # Unfortunately ActiveRecord doesn't abstract out any of the
+      # necessary information to figure out if this the error is actually
+      # the specific case where we want to apply the ensure_unique_name
+      # behavior, so the following code is specialized to Postgres.
+      err = rn.original_exception
+      detail = err.result.error_field(PG::Result::PG_DIAG_MESSAGE_DETAIL)
+      raise unless /^Key \(owner_uuid, name\)=\([a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{15}, .*?\) already exists\./.match detail
+
+      # OK, this exception really is just a unique name constraint
+      # violation, and we've been asked to ensure_unique_name.
+      counter += 1
+      @object.uuid = nil
+      @object.name = "#{name_stem} (#{counter})"
+      redo
+    end while false
     show
   end
 
@@ -140,15 +186,17 @@ class ApplicationController < ActionController::Base
     apply_where_limit_order_params
   end
 
-  def apply_filters
-    ft = record_filters @filters, @objects.table_name
+  def apply_filters model_class=nil
+    model_class ||= self.model_class
+    ft = record_filters @filters, model_class
     if ft[:cond_out].any?
-      @objects = @objects.where(ft[:cond_out].join(' AND '), *ft[:param_out])
+      @objects = @objects.where('(' + ft[:cond_out].join(') AND (') + ')',
+                                *ft[:param_out])
     end
   end
 
-  def apply_where_limit_order_params
-    apply_filters
+  def apply_where_limit_order_params *args
+    apply_filters *args
 
     ar_table_name = @objects.table_name
     if @where.is_a? Hash and @where.any?
@@ -205,16 +253,24 @@ class ApplicationController < ActionController::Base
     end
 
     if @select
-      # Map attribute names in @select to real column names, resolve
-      # those to fully-qualified SQL column names, and pass the
-      # resulting string to the select method.
-      api_column_map = model_class.attributes_required_columns
-      columns_list = @select.
-        flat_map { |attr| api_column_map[attr] }.
-        uniq.
-        map { |s| "#{table_name}.#{ActiveRecord::Base.connection.quote_column_name s}" }
-      columns_list += ["#{table_name}.id"] if not @distinct
-      @objects = @objects.select(columns_list.join(", "))
+      unless action_name.in? %w(create update destroy)
+        # Map attribute names in @select to real column names, resolve
+        # those to fully-qualified SQL column names, and pass the
+        # resulting string to the select method.
+        api_column_map = model_class.attributes_required_columns
+        columns_list = @select.
+          flat_map { |attr| api_column_map[attr] }.
+          uniq.
+          map { |s| "#{table_name}.#{ActiveRecord::Base.connection.quote_column_name s}" }
+        @objects = @objects.select(columns_list.join(", "))
+      end
+
+      # This information helps clients understand what they're seeing
+      # (Workbench always expects it), but they can't select it explicitly
+      # because it's not an SQL column.  Always add it.
+      # (This is harmless, given that clients can deduce what they're
+      # looking at by the returned UUID anyway.)
+      @select |= ["kind"]
     end
     @objects = @objects.order(@orders.join ", ") if @orders.any?
     @objects = @objects.limit(@limit)
@@ -364,14 +420,6 @@ class ApplicationController < ActionController::Base
   accept_param_as_json :reader_tokens, Array
 
   def render_list
-    if @select
-      # This information helps clients understand what they're seeing
-      # (Workbench always expects it), but they can't select it explicitly
-      # because it's not an SQL column.  Always add it.
-      # I believe this is safe because clients can always deduce what they're
-      # looking at by the returned UUID anyway.
-      @select |= ["kind"]
-    end
     @object_list = {
       :kind  => "arvados##{(@response_resource_name || resource_name).camelize(:lower)}List",
       :etag => "",
@@ -399,6 +447,40 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def load_required_parameters
+    (self.class.send "_#{params[:action]}_requires_parameters" rescue {}).
+      each do |key, info|
+      if info[:required] and not params.include?(key)
+        raise ArgumentError("#{key} parameter is required")
+      elsif info[:type] == 'boolean'
+        # Make sure params[key] is either true or false -- not a
+        # string, not nil, etc.
+        if not params.include?(key)
+          params[key] = info[:default]
+        elsif [false, 'false'].include? params[key]
+          params[key] = false
+        elsif [true, 'true'].include? params[key]
+          params[key] = true
+        else
+          raise TypeError("#{key} parameter must be a boolean, true or false")
+        end
+      end
+    end
+    true
+  end
+
+  def self._create_requires_parameters
+    {
+      ensure_unique_name: {
+        type: "boolean",
+        description: "Adjust name to ensure uniqueness instead of returning an error on (owner_uuid, name) collision.",
+        location: "query",
+        required: false,
+        default: false
+      }
+    }
+  end
+
   def self._index_requires_parameters
     {
       filters: { type: 'array', required: false },