X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/8917fa82999bdf0020f623db9869abae99930b56..0e5198142fdba0ce2af6eb2852d45dff46ffb2e2:/apps/workbench/app/controllers/users_controller.rb

diff --git a/apps/workbench/app/controllers/users_controller.rb b/apps/workbench/app/controllers/users_controller.rb
index eb07fc3757..d2fcbbb94c 100644
--- a/apps/workbench/app/controllers/users_controller.rb
+++ b/apps/workbench/app/controllers/users_controller.rb
@@ -5,6 +5,22 @@ class UsersController < ApplicationController
   skip_before_filter :find_object_by_uuid, only: [:welcome, :activity, :storage]
   before_filter :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup]
 
+  def show
+    if params[:uuid] == current_user.uuid
+      respond_to do |f|
+        f.html do
+          if request.url.include?("/users/#{current_user.uuid}")
+            super
+          else
+            redirect_to(params[:return_to] || project_path(params[:uuid]))
+          end
+        end
+      end
+    else
+      super
+    end
+  end
+
   def welcome
     if current_user
       redirect_to (params[:return_to] || '/')
@@ -23,7 +39,7 @@ class UsersController < ApplicationController
 
   def activity
     @breadcrumb_page_name = nil
-    @users = User.limit(params[:limit] || 1000).all
+    @users = User.limit(params[:limit])
     @user_activity = {}
     @activity = {
       logins: {},
@@ -40,15 +56,15 @@ class UsersController < ApplicationController
                1.month.ago.beginning_of_month,
                Time.now.beginning_of_month]]
     @spans.each do |span, threshold_start, threshold_end|
-      @activity[:logins][span] = Log.
+      @activity[:logins][span] = Log.select(%w(uuid modified_by_user_uuid)).
         filter([[:event_type, '=', 'login'],
                 [:object_kind, '=', 'arvados#user'],
                 [:created_at, '>=', threshold_start],
                 [:created_at, '<', threshold_end]])
-      @activity[:jobs][span] = Job.
+      @activity[:jobs][span] = Job.select(%w(uuid modified_by_user_uuid)).
         filter([[:created_at, '>=', threshold_start],
                 [:created_at, '<', threshold_end]])
-      @activity[:pipeline_instances][span] = PipelineInstance.
+      @activity[:pipeline_instances][span] = PipelineInstance.select(%w(uuid modified_by_user_uuid)).
         filter([[:created_at, '>=', threshold_start],
                 [:created_at, '<', threshold_end]])
       @activity.each do |type, act|
@@ -76,7 +92,7 @@ class UsersController < ApplicationController
 
   def storage
     @breadcrumb_page_name = nil
-    @users = User.limit(params[:limit] || 1000).all
+    @users = User.limit(params[:limit])
     @user_storage = {}
     total_storage = {}
     @log_date = {}
@@ -127,7 +143,6 @@ class UsersController < ApplicationController
   end
 
   def home
-    @showallalerts = false
     @my_ssh_keys = AuthorizedKey.where(authorized_user_uuid: current_user.uuid)
     @my_tag_links = {}
 
@@ -147,7 +162,7 @@ class UsersController < ApplicationController
       @persist_state[uuid] = 'cache'
     end
 
-    Link.limit(1000).filter([['head_uuid', 'in', collection_uuids],
+    Link.filter([['head_uuid', 'in', collection_uuids],
                              ['link_class', 'in', ['tag', 'resources']]]).
       each do |link|
       case link.link_class
@@ -193,14 +208,32 @@ class UsersController < ApplicationController
         if params['openid_prefix'] && params['openid_prefix'].size>0
           setup_params[:openid_prefix] = params['openid_prefix']
         end
-        if params['repo_name'] && params['repo_name'].size>0
-          setup_params[:repo_name] = params['repo_name']
-        end
         if params['vm_uuid'] && params['vm_uuid'].size>0
           setup_params[:vm_uuid] = params['vm_uuid']
         end
 
-        if User.setup setup_params
+        setup_resp = User.setup setup_params
+        if setup_resp
+          vm_link = nil
+          setup_resp[:items].each do |item|
+            if item[:head_kind] == "arvados#virtualMachine"
+              vm_link = item
+              break
+            end
+          end
+          if params[:groups]
+            new_groups = params[:groups].split(',').map(&:strip).select{|i| !i.empty?}
+            if vm_link and new_groups != vm_link[:properties][:groups]
+              vm_login_link = Link.where(uuid: vm_link[:uuid])
+              if vm_login_link.items_available > 0
+                link = vm_login_link.results.first
+                props = link.properties
+                props[:groups] = new_groups
+                link.save!
+              end
+            end
+          end
+
           format.js
         else
           self.render_error status: 422
@@ -222,22 +255,35 @@ class UsersController < ApplicationController
     end
   end
 
-  def manage_account
-    # repositories current user can read / write
-    repo_links = []
-    Link.filter([['head_uuid', 'is_a', 'arvados#repository'],
-                 ['tail_uuid', '=', current_user.uuid],
-                 ['link_class', '=', 'permission'],
-                 ['name', 'in', ['can_write', 'can_read']],
-               ]).
-          each do |perm_link|
-            repo_links << perm_link[:head_uuid]
-          end
-    @my_repositories = Repository.where(uuid: repo_links)
+  def repositories
+    repo_links = Link.
+      filter([['head_uuid', 'is_a', 'arvados#repository'],
+              ['tail_uuid', '=', current_user.uuid],
+              ['link_class', '=', 'permission'],
+             ])
 
-    # virtual machines the current user can login into
+    owned_repositories = Repository.where(owner_uuid: @object.uuid)
+
+    @my_repositories = (Repository.where(uuid: repo_links.collect(&:head_uuid)) |
+                        owned_repositories).
+                       uniq { |repo| repo.uuid }
+
+
+    @repo_writable = {}
+    repo_links.each do |link|
+      if link.name.in? ['can_write', 'can_manage']
+        @repo_writable[link.head_uuid] = link.name
+      end
+    end
+
+    owned_repositories.each do |repo|
+      @repo_writable[repo.uuid] = 'can_manage'
+    end
+  end
+
+  def virtual_machines
     @my_vm_logins = {}
-    Link.where(tail_uuid: current_user.uuid,
+    Link.where(tail_uuid: @object.uuid,
                link_class: 'permission',
                name: 'can_login').
           each do |perm_link|
@@ -247,13 +293,10 @@ class UsersController < ApplicationController
             end
           end
     @my_virtual_machines = VirtualMachine.where(uuid: @my_vm_logins.keys)
+  end
 
-    # current user's ssh keys
-    @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: current_user.uuid)
-
-    respond_to do |f|
-      f.html { render template: 'users/manage_account' }
-    end
+  def ssh_keys
+    @my_ssh_keys = AuthorizedKey.where(key_type: 'SSH', owner_uuid: @object.uuid)
   end
 
   def add_ssh_key_popup
@@ -289,6 +332,12 @@ class UsersController < ApplicationController
     end
   end
 
+  def request_shell_access
+    logger.warn "request_access: #{params.inspect}"
+    params['request_url'] = request.url
+    RequestShellAccessReporter.send_request(current_user, params).deliver
+  end
+
   protected
 
   def find_current_links user
@@ -329,8 +378,10 @@ class UsersController < ApplicationController
                               link_class: 'permission',
                               name: 'can_login')
     if vm_login_perms.any?
-      vm_uuid = vm_login_perms.first.head_uuid
+      vm_perm = vm_login_perms.first
+      vm_uuid = vm_perm.head_uuid
       current_selections[:vm_uuid] = vm_uuid
+      current_selections[:groups] = vm_perm.properties[:groups].andand.join(', ')
     end
 
     return current_selections