X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/bd1f0b637be6c97374b31ed5c442ff88d25e626e..c58a2c83fa6338358962b8161c576e5391d7bf2b:/apps/workbench/app/controllers/application_controller.rb diff --git a/apps/workbench/app/controllers/application_controller.rb b/apps/workbench/app/controllers/application_controller.rb index b211f51bdc..b52591bc0c 100644 --- a/apps/workbench/app/controllers/application_controller.rb +++ b/apps/workbench/app/controllers/application_controller.rb @@ -12,10 +12,10 @@ class ApplicationController < ActionController::Base # Methods that don't require login should # skip_around_filter :require_thread_api_token around_filter :require_thread_api_token, except: ERROR_ACTIONS + before_filter :set_cache_buster before_filter :accept_uuid_as_id_param, except: ERROR_ACTIONS before_filter :check_user_agreements, except: ERROR_ACTIONS before_filter :check_user_profile, except: ERROR_ACTIONS - before_filter :check_user_notifications, except: ERROR_ACTIONS before_filter :load_filters_and_paging_params, except: ERROR_ACTIONS before_filter :find_object_by_uuid, except: [:create, :index, :choose] + ERROR_ACTIONS theme :select_theme @@ -31,6 +31,12 @@ class ApplicationController < ActionController::Base with: :render_exception) end + def set_cache_buster + response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate" + response.headers["Pragma"] = "no-cache" + response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" + end + def unprocessable(message=nil) @errors ||= [] @@ -39,6 +45,9 @@ class ApplicationController < ActionController::Base end def render_error(opts={}) + # Helpers can rely on the presence of @errors to know they're + # being used in an error page. + @errors ||= [] opts[:status] ||= 500 respond_to do |f| # json must come before html here, so it gets used as the @@ -98,8 +107,28 @@ class ApplicationController < ActionController::Base end end + # params[:order]: + # + # The order can be left empty to allow it to default. + # Or it can be a comma separated list of real database column names, one per model. + # Column names should always be qualified by a table name and a direction is optional, defaulting to asc + # (e.g. "collections.name" or "collections.name desc"). + # If a column name is specified, that table will be sorted by that column. + # If there are objects from different models that will be shown (such as in Jobs and Pipelines tab), + # then a sort column name can optionally be specified for each model, passed as an comma-separated list (e.g. "jobs.script, pipeline_instances.name") + # Currently only one sort column name and direction can be specified for each model. def load_filters_and_paging_params - @order = params[:order] || 'created_at desc' + if params[:order].blank? + @order = 'created_at desc' + elsif params[:order].is_a? Array + @order = params[:order] + else + begin + @order = JSON.load(params[:order]) + rescue + @order = params[:order].split(',') + end + end @order = [@order] unless @order.is_a? Array @limit ||= 200 @@ -128,6 +157,8 @@ class ApplicationController < ActionController::Base end end end + # After this, params[:filters] can be trusted to be an array of arrays: + params[:filters] = filters @filters += filters end end @@ -135,11 +166,23 @@ class ApplicationController < ActionController::Base def find_objects_for_index @objects ||= model_class @objects = @objects.filter(@filters).limit(@limit).offset(@offset) + @objects.fetch_multiple_pages(false) end def render_index respond_to do |f| - f.json { render json: @objects } + f.json { + if params[:partial] + @next_page_href = next_page_href(partial: params[:partial], filters: @filters.to_json) + render json: { + content: render_to_string(partial: "show_#{params[:partial]}", + formats: [:html]), + next_page_href: @next_page_href + } + else + render json: @objects + end + } f.html { if params[:tab_pane] render_pane params[:tab_pane] @@ -202,14 +245,22 @@ class ApplicationController < ActionController::Base return render_not_found("object not found") end respond_to do |f| - f.json { render json: @object.attributes.merge(href: url_for(action: :show, id: @object)) } + f.json do + extra_attrs = { href: url_for(action: :show, id: @object) } + @object.textile_attributes.each do |textile_attr| + extra_attrs.merge!({ "#{textile_attr}Textile" => view_context.render_markup(@object.attributes[textile_attr]) }) + end + render json: @object.attributes.merge(extra_attrs) + end f.html { if params['tab_pane'] - render_pane params['tab_pane'] - elsif request.method.in? ['GET', 'HEAD'] + render_pane(if params['tab_pane'].is_a? Hash then params['tab_pane']["name"] else params['tab_pane'] end) + elsif request.request_method.in? ['GET', 'HEAD'] render else - redirect_to params[:return_to] || @object + redirect_to (params[:return_to] || + polymorphic_url(@object, + anchor: params[:redirect_to_anchor])) end } f.js { render } @@ -273,16 +324,11 @@ class ApplicationController < ActionController::Base @new_resource_attrs ||= {} @new_resource_attrs.reject! { |k,v| k.to_s == 'uuid' } @object ||= model_class.new @new_resource_attrs, params["options"] + if @object.save - respond_to do |f| - f.json { render json: @object.attributes.merge(href: url_for(action: :show, id: @object)) } - f.html { - redirect_to @object - } - f.js { render } - end + show else - self.render_error status: 422 + render_error status: 422 end end @@ -340,8 +386,56 @@ class ApplicationController < ActionController::Base %w(Attributes Advanced) end + def set_share_links + @user_is_manager = false + @share_links = [] + + if @object.uuid != current_user.andand.uuid + begin + @share_links = Link.permissions_for(@object) + @user_is_manager = true + rescue ArvadosApiClient::AccessForbiddenException, + ArvadosApiClient::NotFoundException + end + end + end + + def share_with + if not params[:uuids].andand.any? + @errors = ["No user/group UUIDs specified to share with."] + return render_error(status: 422) + end + results = {"success" => [], "errors" => []} + params[:uuids].each do |shared_uuid| + begin + Link.create(tail_uuid: shared_uuid, link_class: "permission", + name: "can_read", head_uuid: @object.uuid) + rescue ArvadosApiClient::ApiError => error + error_list = error.api_response.andand[:errors] + if error_list.andand.any? + results["errors"] += error_list.map { |e| "#{shared_uuid}: #{e}" } + else + error_code = error.api_status || "Bad status" + results["errors"] << "#{shared_uuid}: #{error_code} response" + end + else + results["success"] << shared_uuid + end + end + if results["errors"].empty? + results.delete("errors") + status = 200 + else + status = 422 + end + respond_to do |f| + f.json { render(json: results, status: status) } + end + end + protected + helper_method :strip_token_from_path def strip_token_from_path(path) path.sub(/([\?&;])api_token=[^&;]*[&;]?/, '\1') end @@ -364,12 +458,17 @@ class ApplicationController < ActionController::Base false # For convenience to return from callbacks end - def using_specific_api_token(api_token) + def using_specific_api_token(api_token, opts={}) start_values = {} [:arvados_api_token, :user].each do |key| start_values[key] = Thread.current[key] end - load_api_token(api_token) + if opts.fetch(:load_user, true) + load_api_token(api_token) + else + Thread.current[:arvados_api_token] = api_token + Thread.current[:user] = nil + end begin yield ensure @@ -399,7 +498,7 @@ class ApplicationController < ActionController::Base else @object = model_class.find(params[:uuid]) end - rescue ArvadosApiClient::NotFoundException, RuntimeError => error + rescue ArvadosApiClient::NotFoundException, ArvadosApiClient::NotLoggedInException, RuntimeError => error if error.is_a?(RuntimeError) and (error.message !~ /^argument to find\(/) raise end @@ -548,6 +647,7 @@ class ApplicationController < ActionController::Base end def check_user_profile + return true if !current_user if request.method.downcase != 'get' || params[:partial] || params[:tab_pane] || params[:action_method] || params[:action] == 'setup_popup' @@ -615,26 +715,12 @@ class ApplicationController < ActionController::Base } } - def check_user_notifications - return if params['tab_pane'] - - @notification_count = 0 - @notifications = [] - - if current_user.andand.is_active - @showallalerts = false - @@notification_tests.each do |t| - a = t.call(self, current_user) - if a - @notification_count += 1 - @notifications.push a - end - end - end - - if @notification_count == 0 - @notification_count = '' - end + helper_method :user_notifications + def user_notifications + return [] if @errors or not current_user.andand.is_active + @notifications ||= @@notification_tests.map do |t| + t.call(self, current_user) + end.compact end helper_method :all_projects @@ -684,6 +770,50 @@ class ApplicationController < ActionController::Base end.reverse end + helper_method :running_pipelines + def running_pipelines + pi = PipelineInstance.order(["started_at asc", "created_at asc"]).filter([["state", "in", ["RunningOnServer", "RunningOnClient"]]]) + jobs = {} + pi.each do |pl| + pl.components.each do |k,v| + if v.is_a? Hash and v[:job] + jobs[v[:job][:uuid]] = {} + end + end + end + + if jobs.keys.any? + Job.filter([["uuid", "in", jobs.keys]]).each do |j| + jobs[j[:uuid]] = j + end + + pi.each do |pl| + pl.components.each do |k,v| + if v.is_a? Hash and v[:job] + v[:job] = jobs[v[:job][:uuid]] + end + end + end + end + + pi + end + + helper_method :finished_pipelines + def finished_pipelines lim + PipelineInstance.limit(lim).order(["finished_at desc"]).filter([["state", "in", ["Complete", "Failed", "Paused"]], ["finished_at", "!=", nil]]) + end + + helper_method :recent_collections + def recent_collections lim + c = Collection.limit(lim).order(["modified_at desc"]).filter([["owner_uuid", "is_a", "arvados#group"]]) + own = {} + Group.filter([["uuid", "in", c.map(&:owner_uuid)]]).each do |g| + own[g[:uuid]] = g + end + {collections: c, owners: own} + end + helper_method :my_project_tree def my_project_tree build_project_trees @@ -731,7 +861,7 @@ class ApplicationController < ActionController::Base @my_project_tree = sorted_paths.call buildtree.call(children_of, 'me') @shared_project_tree = - sorted_paths.call({'Shared with me' => + sorted_paths.call({'Projects shared with me' => buildtree.call(children_of, false)}) end @@ -751,6 +881,12 @@ class ApplicationController < ActionController::Base crumbs = [] current = @name_link || @object while current + # Halt if a group ownership loop is detected. API should refuse + # to produce this state, but it could still arise from a race + # condition when group ownership changes between our find() + # queries. + break if crumbs.collect(&:uuid).include? current.uuid + if current.is_a?(Group) and current.group_class == 'project' crumbs.prepend current end