2659: skip require_thread_api_token filter only when anonymous config enabled.

diff --git a/apps/workbench/app/controllers/collections_controller.rb b/apps/workbench/app/controllers/collections_controller.rb
index 85ea47dded65adfb6359e7c70bc395c248beab15..36c214c7da8106145a1142fd2d39a8a74a26a776 100644 (file)
--- a/apps/workbench/app/controllers/collections_controller.rb
+++ b/apps/workbench/app/controllers/collections_controller.rb
@@ -3,8 +3,13 @@ require "arvados/keep"
 class CollectionsController < ApplicationController
   include ActionController::Live
 
-  skip_around_filter(:require_thread_api_token,
-                     only: [:show_file, :show_file_links, :show])
+  if Rails.configuration.anonymous_user_token
+    skip_around_filter(:require_thread_api_token,
+                       only: [:show_file, :show_file_links, :show])
+  else
+    skip_around_filter(:require_thread_api_token,
+                       only: [:show_file, :show_file_links])
+  end
   skip_before_filter(:find_object_by_uuid,
                      only: [:provenance, :show_file, :show_file_links])
   # We depend on show_file to display the user agreement:

diff --git a/apps/workbench/app/controllers/jobs_controller.rb b/apps/workbench/app/controllers/jobs_controller.rb
index a85a70b26896047f378cd4101043733410a970e3..9090d6404aac4b49f32f1414933cf598a46a37c5 100644 (file)
--- a/apps/workbench/app/controllers/jobs_controller.rb
+++ b/apps/workbench/app/controllers/jobs_controller.rb
@@ -1,5 +1,7 @@
 class JobsController < ApplicationController
-  skip_around_filter :require_thread_api_token, only: :show
+  if Rails.configuration.anonymous_user_token
+    skip_around_filter :require_thread_api_token, only: :show
+  end
 
   include JobsHelper
 

diff --git a/apps/workbench/app/controllers/pipeline_instances_controller.rb b/apps/workbench/app/controllers/pipeline_instances_controller.rb
index 231f923ac74aa956361244225b2d0c94c18d87ef..2f875edf255bbbee2cfe532ddf6a020050d88c3e 100644 (file)
--- a/apps/workbench/app/controllers/pipeline_instances_controller.rb
+++ b/apps/workbench/app/controllers/pipeline_instances_controller.rb
@@ -1,7 +1,9 @@
 class PipelineInstancesController < ApplicationController
   skip_before_filter :find_object_by_uuid, only: :compare
   before_filter :find_objects_by_uuid, only: :compare
-  skip_around_filter :require_thread_api_token, only: :show
+  if Rails.configuration.anonymous_user_token
+    skip_around_filter :require_thread_api_token, only: :show
+  end
 
   include PipelineInstancesHelper
   include PipelineComponentsHelper

diff --git a/apps/workbench/app/controllers/pipeline_templates_controller.rb b/apps/workbench/app/controllers/pipeline_templates_controller.rb
index cf84aef96e393faad2b37dc73ae83e15937ca794..eb5f3793d71b3042cc3fa1138f057c7c3ff9302b 100644 (file)
--- a/apps/workbench/app/controllers/pipeline_templates_controller.rb
+++ b/apps/workbench/app/controllers/pipeline_templates_controller.rb
@@ -1,5 +1,7 @@
 class PipelineTemplatesController < ApplicationController
-  skip_around_filter :require_thread_api_token, only: :show
+  if Rails.configuration.anonymous_user_token
+    skip_around_filter :require_thread_api_token, only: :show
+  end
 
   include PipelineComponentsHelper
 

diff --git a/apps/workbench/app/controllers/projects_controller.rb b/apps/workbench/app/controllers/projects_controller.rb
index 978395140b28d27ce84b02371eaf30620a5de135..d0c5f8c307e620f22f03029c911f87b2ddc2d81d 100644 (file)
--- a/apps/workbench/app/controllers/projects_controller.rb
+++ b/apps/workbench/app/controllers/projects_controller.rb
@@ -1,6 +1,8 @@
 class ProjectsController < ApplicationController
   before_filter :set_share_links, if: -> { defined? @object }
-  skip_around_filter :require_thread_api_token, only: [:show, :tab_counts]
+  if Rails.configuration.anonymous_user_token
+    skip_around_filter :require_thread_api_token, only: [:show, :tab_counts]
+  end
 
   def model_class
     Group

diff --git a/apps/workbench/test/controllers/application_controller_test.rb b/apps/workbench/test/controllers/application_controller_test.rb
index d0d9c5dfd142357a7c024a57f0e0bce10cbd4efb..30da596266765f6153e8b0e9ca4d4880a49df45a 100644 (file)
--- a/apps/workbench/test/controllers/application_controller_test.rb
+++ b/apps/workbench/test/controllers/application_controller_test.rb
@@ -325,4 +325,38 @@ class ApplicationControllerTest < ActionController::TestCase
       Rails.configuration.arvados_v1_base = orig_api_server
     end
   end
+
+  [
+    ['collections', false, api_fixture('collections')['user_agreement_in_anonymously_accessible_project']],
+    ['jobs', false, api_fixture('jobs')['running_job_in_publicly_accessible_project']],
+    ['pipeline_instances', false, api_fixture('pipeline_instances')['pipeline_in_publicly_accessible_project']],
+    ['pipeline_templates', false, api_fixture('pipeline_templates')['pipeline_template_in_publicly_accessible_project']],
+    ['projects', false, api_fixture('groups')['anonymously_accessible_project']],
+  ].each do |controller, use_config, fixture|
+    test "#{controller} show method with anonymous config enabled #{use_config}" do
+      if use_config
+        Rails.configuration.anonymous_user_token = api_fixture('api_client_authorizations')['anonymous']['api_token']
+      else
+        Rails.configuration.anonymous_user_token = false
+      end
+
+      case controller
+      when 'collections'
+        @controller = CollectionsController.new
+      when 'jobs'
+        @controller = JobsController.new
+      when 'pipeline_instances'
+        @controller = PipelineInstancesController.new
+      when 'pipeline_templates'
+        @controller = PipelineTemplatesController.new
+      when 'projects'
+        @controller = ProjectsController.new
+      end
+
+      get(:show, {id: fixture['uuid']})
+
+      assert_response :redirect
+      assert_match /welcome/, @response.redirect_url
+    end
+  end
 end