X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/f159fab8f9d6bc4254192ce43432defd5bd400aa..7bd15984bcce853fa3f9cd18b15537d8f2514ac6:/services/api/app/controllers/application_controller.rb diff --git a/services/api/app/controllers/application_controller.rb b/services/api/app/controllers/application_controller.rb index 1cb49f4674..a0555d13d7 100644 --- a/services/api/app/controllers/application_controller.rb +++ b/services/api/app/controllers/application_controller.rb @@ -82,11 +82,17 @@ class ApplicationController < ActionController::Base end def default_url_options + options = {} if Rails.configuration.host - {:host => Rails.configuration.host} - else - {} + options[:host] = Rails.configuration.host + end + if Rails.configuration.port + options[:port] = Rails.configuration.port + end + if Rails.configuration.protocol + options[:protocol] = Rails.configuration.protocol end + options end def index @@ -338,13 +344,20 @@ class ApplicationController < ActionController::Base # If there are too many reader tokens, assume the request is malicious # and ignore it. if request.get? and params[:reader_tokens] and - params[:reader_tokens].size < 100 + params[:reader_tokens].size < 100 + secrets = params[:reader_tokens].map { |t| + if t.is_a? String and t.starts_with? "v2/" + t.split("/")[2] + else + t + end + } @read_auths += ApiClientAuthorization .includes(:user) .where('api_token IN (?) AND (expires_at IS NULL OR expires_at > CURRENT_TIMESTAMP)', - params[:reader_tokens]) - .all + secrets) + .to_a end @read_auths.select! { |auth| auth.scopes_allow_request? request } @read_users = @read_auths.map(&:user).uniq @@ -557,7 +570,13 @@ class ApplicationController < ActionController::Base location: "query", required: false, default: false - } + }, + cluster_id: { + type: 'string', + description: "Create object on a remote federated cluster instead of the current one.", + location: "query", + required: false, + }, } end