X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/5881feb407af2d4e5785ad57232cc3bfd12b86ec..28b6afc1e8ccf652c7a8fd43e22a8ac788febd85:/apps/workbench/app/controllers/collections_controller.rb diff --git a/apps/workbench/app/controllers/collections_controller.rb b/apps/workbench/app/controllers/collections_controller.rb index e01151ca40..812b80b8ce 100644 --- a/apps/workbench/app/controllers/collections_controller.rb +++ b/apps/workbench/app/controllers/collections_controller.rb @@ -1,24 +1,30 @@ +# Copyright (C) The Arvados Authors. All rights reserved. +# +# SPDX-License-Identifier: AGPL-3.0 + require "arvados/keep" +require "arvados/collection" +require "uri" class CollectionsController < ApplicationController include ActionController::Live - skip_around_filter :require_thread_api_token, if: proc { |ctrl| - Rails.configuration.anonymous_user_token and + skip_around_action :require_thread_api_token, if: proc { |ctrl| + !Rails.configuration.Users.AnonymousUserToken.empty? and 'show' == ctrl.action_name } - skip_around_filter(:require_thread_api_token, + skip_around_action(:require_thread_api_token, only: [:show_file, :show_file_links]) - skip_before_filter(:find_object_by_uuid, + skip_before_action(:find_object_by_uuid, only: [:provenance, :show_file, :show_file_links]) # We depend on show_file to display the user agreement: - skip_before_filter :check_user_agreements, only: :show_file - skip_before_filter :check_user_profile, only: :show_file + skip_before_action :check_user_agreements, only: :show_file + skip_before_action :check_user_profile, only: :show_file RELATION_LIMIT = 5 def show_pane_list - panes = %w(Files Upload Provenance_graph Used_by Advanced) + panes = %w(Files Upload Tags Provenance_graph Used_by Advanced) panes = panes - %w(Upload) unless (@object.editable? rescue false) panes end @@ -30,7 +36,7 @@ class CollectionsController < ApplicationController ['link_class', '=', 'resources'], ['name', '=', 'wants'], ['tail_uuid', '=', current_user.uuid], - ['head_uuid', '=', @object.uuid]]) + ['head_uuid', '=', @object.uuid]]).with_count("none") logger.debug persist_links.inspect else return unprocessable "Invalid value #{value.inspect}" @@ -59,7 +65,7 @@ class CollectionsController < ApplicationController @select ||= Collection.columns.map(&:name) base_search = Collection.select(@select) if params[:search].andand.length.andand > 0 - tags = Link.where(any: ['contains', params[:search]]) + tags = Link.where(any: ['contains', params[:search]]).with_count("none") @objects = (base_search.where(uuid: tags.collect(&:head_uuid)) | base_search.where(any: ['contains', params[:search]])). uniq { |c| c.uuid } @@ -78,7 +84,7 @@ class CollectionsController < ApplicationController @objects = base_search.limit(limit).offset(offset) end - @links = Link.where(head_uuid: @objects.collect(&:uuid)) + @links = Link.where(head_uuid: @objects.collect(&:uuid)).with_count("none") @collection_info = {} @objects.each do |c| @collection_info[c.uuid] = { @@ -109,65 +115,39 @@ class CollectionsController < ApplicationController end def show_file_links - Thread.current[:reader_tokens] = [params[:reader_token]] - return if false.equal?(find_object_by_uuid) - render layout: false + return show_file end def show_file - # We pipe from arv-get to send the file to the user. Before we start it, - # we ask the API server if the file actually exists. This serves two - # purposes: it lets us return a useful status code for common errors, and - # helps us figure out which token to provide to arv-get. # The order of searched tokens is important: because the anonymous user # token is passed along with every API request, we have to check it first. # Otherwise, it's impossible to know whether any other request succeeded # because of the reader token. coll = nil - tokens = [(Rails.configuration.anonymous_user_token || nil), + tokens = [(if !Rails.configuration.Users.AnonymousUserToken.empty? then + Rails.configuration.Users.AnonymousUserToken else nil end), params[:reader_token], Thread.current[:arvados_api_token]].compact usable_token = find_usable_token(tokens) do coll = Collection.find(params[:uuid]) end - - file_name = params[:file].andand.sub(/^(\.\/|\/|)/, './') if usable_token.nil? - return # Response already rendered. - elsif file_name.nil? or not coll.manifest.has_file?(file_name) - return render_not_found - end - - opts = params.merge(arvados_api_token: usable_token) - - # Handle Range requests. Currently we support only 'bytes=0-....' - if request.headers.include? 'HTTP_RANGE' - if m = /^bytes=0-(\d+)/.match(request.headers['HTTP_RANGE']) - opts[:maxbytes] = m[1] - size = params[:size] || '*' - self.response.status = 206 - self.response.headers['Content-Range'] = "bytes 0-#{m[1]}/#{size}" - end + # Response already rendered. + return end - ext = File.extname(params[:file]) - self.response.headers['Content-Type'] = - Rack::Mime::MIME_TYPES[ext] || 'application/octet-stream' - if params[:size] - size = params[:size].to_i - if opts[:maxbytes] - size = [size, opts[:maxbytes].to_i].min - end - self.response.headers['Content-Length'] = size.to_s - end - self.response.headers['Content-Disposition'] = params[:disposition] if params[:disposition] - begin - file_enumerator(opts).each do |bytes| - response.stream.write bytes - end - ensure - response.stream.close + opts = {} + if usable_token == params[:reader_token] + opts[:path_token] = usable_token + elsif usable_token == Rails.configuration.Users.AnonymousUserToken + # Don't pass a token at all + else + # We pass the current user's real token only if it's necessary + # to read the collection. + opts[:query_token] = usable_token end + opts[:disposition] = params[:disposition] if params[:disposition] + return redirect_to keep_web_url(params[:uuid], params[:file], opts) end def sharing_scopes @@ -196,7 +176,7 @@ class CollectionsController < ApplicationController if params["tab_pane"] == "Provenance_graph" @prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg", {:request => request, - :direction => :bottom_up, + :direction => "RL", :combine_jobs => :script_only}) rescue nil end @@ -215,35 +195,31 @@ class CollectionsController < ApplicationController render 'hash_matches' return else - jobs_with = lambda do |conds| - Job.limit(RELATION_LIMIT).where(conds) - .results.sort_by { |j| j.finished_at || j.created_at } + if Job.api_exists?(:index) + jobs_with = lambda do |conds| + Job.limit(RELATION_LIMIT).with_count("none").where(conds) + .results.sort_by { |j| j.finished_at || j.created_at } + end + @output_of = jobs_with.call(output: @object.portable_data_hash) + @log_of = jobs_with.call(log: @object.portable_data_hash) end - @output_of = jobs_with.call(output: @object.portable_data_hash) - @log_of = jobs_with.call(log: @object.portable_data_hash) - @project_links = Link.limit(RELATION_LIMIT).order("modified_at DESC") + + @project_links = Link.limit(RELATION_LIMIT).with_count("none").order("modified_at DESC") .where(head_uuid: @object.uuid, link_class: 'name').results - project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).to_hash + project_hash = Group.where(uuid: @project_links.map(&:tail_uuid)).with_count("none").to_hash @projects = project_hash.values - @permissions = Link.limit(RELATION_LIMIT).order("modified_at DESC") + @permissions = Link.limit(RELATION_LIMIT).with_count("none").order("modified_at DESC") .where(head_uuid: @object.uuid, link_class: 'permission', name: 'can_read').results - @logs = Log.limit(RELATION_LIMIT).order("created_at DESC") - .select(%w(uuid event_type object_uuid event_at summary)) - .where(object_uuid: @object.uuid).results - @is_persistent = Link.limit(1) - .where(head_uuid: @object.uuid, tail_uuid: current_user.uuid, - link_class: 'resources', name: 'wants') - .results.any? @search_sharing = search_scopes if params["tab_pane"] == "Used_by" @used_by_svg = ProvenanceHelper::create_provenance_graph(@object.used_by, "used_by_svg", {:request => request, - :direction => :top_down, - :combine_jobs => :script_only, - :pdata_only => true}) rescue nil + :direction => "LR", + :combine_jobs => :script_only, + :pdata_only => true}) rescue nil end end end @@ -258,7 +234,8 @@ class CollectionsController < ApplicationController helper_method :download_link def download_link - collections_url + "/download/#{@object.uuid}/#{@search_sharing.first.api_token}/" + token = @search_sharing.first.api_token + keep_web_url(@object.uuid, nil, {path_token: token}) end def share @@ -273,6 +250,57 @@ class CollectionsController < ApplicationController sharing_popup end + def remove_selected_files + uuids, source_paths = selected_collection_files params + + arv_coll = Arv::Collection.new(@object.manifest_text) + source_paths[uuids[0]].each do |p| + arv_coll.rm "."+p + end + + if @object.update manifest_text: arv_coll.manifest_text + show + else + self.render_error status: 422 + end + end + + def update + updated_attr = params[:collection].to_unsafe_hash.each.select {|a| a[0].andand.start_with? 'rename-file-path:'} + + if updated_attr.size > 0 + # Is it file rename? + file_path = updated_attr[0][0].split('rename-file-path:')[-1] + + new_file_path = updated_attr[0][1] + if new_file_path.start_with?('./') + # looks good + elsif new_file_path.start_with?('/') + new_file_path = '.' + new_file_path + else + new_file_path = './' + new_file_path + end + + arv_coll = Arv::Collection.new(@object.manifest_text) + + if arv_coll.exist?(new_file_path) + @errors = 'Duplicate file path. Please use a different name.' + self.render_error status: 422 + else + arv_coll.rename "./"+file_path, new_file_path + + if @object.update manifest_text: arv_coll.manifest_text + show + else + self.render_error status: 422 + end + end + else + # Not a file rename; use default + super + end + end + protected def find_usable_token(token_list) @@ -305,42 +333,62 @@ class CollectionsController < ApplicationController return nil end - # Note: several controller and integration tests rely on stubbing - # file_enumerator to return fake file content. - def file_enumerator opts - FileStreamer.new opts - end + def keep_web_url(uuid_or_pdh, file, opts) + munged_id = uuid_or_pdh.sub('+', '-') + + tmpl = Rails.configuration.Services.WebDAV.ExternalURL.to_s + + if Rails.configuration.Services.WebDAVDownload.ExternalURL != URI("") and + (tmpl.empty? or opts[:disposition] == 'attachment') + # Prefer the attachment-only-host when we want an attachment + # (and when there is no preview link configured) + tmpl = Rails.configuration.Services.WebDAVDownload.ExternalURL.to_s + elsif not Rails.configuration.Collections.TrustAllContent + check_uri = URI.parse(tmpl.sub("*", munged_id)) + if opts[:query_token] and + (check_uri.host.nil? or ( + not check_uri.host.start_with?(munged_id + "--") and + not check_uri.host.start_with?(munged_id + "."))) + # We're about to pass a token in the query string, but + # keep-web can't accept that safely at a single-origin URL + # template (unless it's -attachment-only-host). + tmpl = Rails.configuration.Services.WebDAVDownload.ExternalURL.to_s + if tmpl.empty? + raise ArgumentError, "Download precluded by site configuration" + end + logger.warn("Using download link, even though inline content " \ + "was requested: #{check_uri.to_s}") + end + end - class FileStreamer - include ArvadosApiClientHelper - def initialize(opts={}) - @opts = opts + if tmpl == Rails.configuration.Services.WebDAVDownload.ExternalURL.to_s + # This takes us to keep-web's -attachment-only-host so there is + # no need to add ?disposition=attachment. + opts.delete :disposition end - def each - return unless @opts[:uuid] && @opts[:file] - - env = Hash[ENV].dup - - require 'uri' - u = URI.parse(arvados_api_client.arvados_v1_base) - env['ARVADOS_API_HOST'] = "#{u.host}:#{u.port}" - env['ARVADOS_API_TOKEN'] = @opts[:arvados_api_token] - env['ARVADOS_API_HOST_INSECURE'] = "true" if Rails.configuration.arvados_insecure_https - - bytesleft = @opts[:maxbytes].andand.to_i || 2**16 - io = IO.popen([env, 'arv-get', "#{@opts[:uuid]}/#{@opts[:file]}"], 'rb') - while bytesleft > 0 && (buf = io.read([bytesleft, 2**16].min)) != nil - # shrink the bytesleft count, if we were given a maximum byte - # count to read - if @opts.include? :maxbytes - bytesleft = bytesleft - buf.length - end - yield buf + + uri = URI.parse(tmpl.sub("*", munged_id)) + if tmpl.index("*").nil? + uri.path = "/c=#{munged_id}" + end + uri.path += '/' unless uri.path.end_with? '/' + if opts[:path_token] + uri.path += 't=' + opts[:path_token] + '/' + end + uri.path += '_/' + uri.path += ERB::Util.url_encode(file).gsub('%2F', '/') if file + + query = Hash[URI.decode_www_form(uri.query || '')] + { query_token: 'api_token', + disposition: 'disposition' }.each do |opt, param| + if opts.include? opt + query[param] = opts[opt] end - io.close - # "If ios is opened by IO.popen, close sets $?." - # http://www.ruby-doc.org/core-2.1.3/IO.html#method-i-close - Rails.logger.warn("#{@opts[:uuid]}/#{@opts[:file]}: #{$?}") if $? != 0 end + unless query.empty? + uri.query = URI.encode_www_form(query) + end + + uri.to_s end end