X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/528e6554fbff9984bce411bdfeefc27ef15c62c8..bc882be0f75601397fedb7ad16d3540df015256f:/services/api/app/controllers/arvados/v1/containers_controller.rb

diff --git a/services/api/app/controllers/arvados/v1/containers_controller.rb b/services/api/app/controllers/arvados/v1/containers_controller.rb
index e1a8a019aa..b7dc030229 100644
--- a/services/api/app/controllers/arvados/v1/containers_controller.rb
+++ b/services/api/app/controllers/arvados/v1/containers_controller.rb
@@ -10,38 +10,35 @@ class Arvados::V1::ContainersController < ApplicationController
   accept_attribute_as_json :command, Array
   accept_attribute_as_json :scheduling_parameters, Hash
 
-  skip_before_filter :find_object_by_uuid, only: [:current]
-  skip_before_filter :render_404_if_no_object, only: [:current]
+  skip_before_action :find_object_by_uuid, only: [:current]
+  skip_before_action :render_404_if_no_object, only: [:current]
 
   def auth
     if @object.locked_by_uuid != Thread.current[:api_client_authorization].uuid
       raise ArvadosModel::PermissionDeniedError.new("Not locked by your token")
     end
-    if @object.auth.nil?
-      cr = ContainerRequest.
-             where('container_uuid=? and priority>0', self.uuid).
-             order('priority desc').
-             first
-      @object = ApiClientAuthorization.validate(token: cr.runtime_token)
-    else
+    if @object.runtime_token.nil?
       @object = @object.auth
+    else
+      @object = ApiClientAuthorization.validate(token: @object.runtime_token)
+      if @object.nil?
+        raise ArvadosModel::PermissionDeniedError.new("Invalid runtime_token")
+      end
     end
     show
   end
 
-  def update
-    @object.with_lock do
-      @object.reload
-      super
-    end
-  end
-
   def find_objects_for_index
     super
     if action_name == 'lock' || action_name == 'unlock'
       # Avoid loading more fields than we need
-      @objects = @objects.select(:id, :uuid, :state, :priority, :auth_uuid, :locked_by_uuid)
+      @objects = @objects.select(:id, :uuid, :state, :priority, :auth_uuid, :locked_by_uuid, :lock_count)
       @select = %w(uuid state priority auth_uuid locked_by_uuid)
+    elsif action_name == 'update_priority'
+      # We're going to reload(lock: true) in the handler, which will
+      # select all attributes, but will fail if we don't select :id
+      # now.
+      @objects = @objects.select(:id, :uuid)
     end
   end
 
@@ -55,24 +52,27 @@ class Arvados::V1::ContainersController < ApplicationController
     show
   end
 
+  def update_priority
+    @object.update_priority!
+    show
+  end
+
   def current
     if Thread.current[:api_client_authorization].nil?
       send_error("Not logged in", status: 401)
     else
-      c = Container.where(auth_uuid: Thread.current[:api_client_authorization].uuid).first
-      if c.nil?
+      @object = Container.for_current_token
+      if @object.nil?
         send_error("Token is not associated with a container.", status: 404)
       else
-        @object = c
         show
       end
     end
   end
 
   def secret_mounts
-    if @object &&
-       @object.auth_uuid &&
-       @object.auth_uuid == Thread.current[:api_client_authorization].uuid
+    c = Container.for_current_token
+    if @object && c && @object.uuid == c.uuid
       send_json({"secret_mounts" => @object.secret_mounts})
     else
       send_error("Token is not associated with this container.", status: 403)