end
def thread_with_mandatory_api_token
- thread_with_api_token do
- yield
+ thread_with_api_token(true) do
+ if Thread.current[:arvados_api_token]
+ yield
+ elsif session[:arvados_api_token]
+ # Expired session. Clear it before refreshing login so that,
+ # if this login procedure fails, we end up showing the "please
+ # log in" page instead of getting stuck in a redirect loop.
+ session.delete :arvados_api_token
+ redirect_to_login
+ else
+ render 'users/welcome'
+ end
end
end
end
def check_user_agreements
- if current_user && !current_user.is_active && current_user.is_invited
+ if current_user && !current_user.is_active
+ if not current_user.is_invited
+ return render 'users/inactive'
+ end
signatures = UserAgreement.signatures
@signed_ua_uuids = UserAgreement.signatures.map &:head_uuid
@required_user_agreements = UserAgreement.all.map do |ua|
only: [:show_file, :show_file_links])
skip_before_filter(:find_object_by_uuid,
only: [:provenance, :show_file, :show_file_links])
+ # We depend on show_file to display the user agreement:
+ skip_before_filter :check_user_agreements, only: [:show_file]
RELATION_LIMIT = 5
class UsersController < ApplicationController
skip_before_filter :find_object_by_uuid, :only => [:welcome, :activity, :storage]
- skip_around_filter :thread_with_mandatory_api_token, :only => :welcome
before_filter :ensure_current_user_is_admin, only: [:sudo, :unsetup, :setup]
def welcome
"data-title" => "Set value for #{subattr[-1].to_s}",
"data-name" => dn,
"data-pk" => "{id: \"#{object.uuid}\", key: \"#{object.class.to_s.underscore}\"}",
- "data-showbuttons" => "false",
"data-value" => attrvalue,
+ # "clear" button interferes with form-control's up/down arrows
+ "data-clear" => false,
:class => "editable #{'required' if required} form-control",
:id => id
}.merge(htmloptions)
<% content_for :page_title do %>
<%= (@object.respond_to?(:properties) ? @object.properties[:page_title] : nil) ||
- @object.friendly_link_name %>
+ @name_link.andand.name ||
+ @object.friendly_link_name %>
<% end %>
<% content_for :content_top do %>
<input type="text" class="form-control" placeholder="Search"/>
-->
<div style="height:0.5em;"></div>
- <% if not @logs.andand.any? %>
+ <% name_or_object = @name_link.andand.uuid ? @name_link : @object %>
+ <% if name_or_object.created_at and not @logs.andand.any? %>
<p>
- Created: <%= @object.created_at.to_s(:long) %>
+ Created: <%= name_or_object.created_at.to_s(:long) %>
</p>
<p>
- Last modified: <%= @object.modified_at.to_s(:long) %> by <%= link_to_if_arvados_object @object.modified_by_user_uuid, friendly_name: true %>
+ Last modified: <%= name_or_object.modified_at.to_s(:long) %> by <%= link_to_if_arvados_object name_or_object.modified_by_user_uuid, friendly_name: true %>
</p>
<% else %>
<%= render_arvados_object_list_start(@logs, 'Show all activity',
- logs_path(filters: [['object_uuid','=',@object.uuid]].to_json)) do |log| %>
+ logs_path(filters: [['object_uuid','=',name_or_object.uuid]].to_json)) do |log| %>
<p>
<%= time_ago_in_words(log.event_at) rescue 'unknown time' %> ago: <%= log.summary %>
<% if log.object_uuid %>
<span class="glyphicon glyphicon-arrow-right"></span>
</li>
<li>
- <%= link_to_if_arvados_object @object, {friendly_name: true}, {data: {object_uuid: @object.andand.uuid, name: 'name'}} %>
+ <%= link_to_if_arvados_object (@name_link || @object), {friendly_name: true}, {data: {object_uuid: (@name_link.andand.uuid || @object.andand.uuid), name: 'name'}} %>
</li>
<% end %>
<% end %>
<% end %>
<% if n_inputs == 0 %>
- <p>This pipeline does not need any further inputs specified. You can start it by clicking the "Run" button.</p>
+ <p>This pipeline does not need any further inputs specified. You can start it by clicking the "Run" button whenever you're ready. (It's not too late to change existing settings, though.)</p>
<% else %>
<p><i>Provide <%= n_inputs > 1 ? 'values' : 'a value' %> for the following <%= n_inputs > 1 ? 'parameters' : 'parameter' %>, then click the "Run" button to start the pipeline.</i></p>
<%= content_for :pi_input_form %>
<% end %>
<div style="margin-top: 1em;">
- <p>Click the "Components" tab above to see a full list of pipeline components and parameters.</p>
+ <p>Click the "Components" tab above to see a full list of pipeline settings.</p>
</div>
--- /dev/null
+<% content_for :breadcrumbs do raw '<!-- -->' end %>
+
+<div class="row">
+ <div class="col-sm-8 col-sm-push-4" style="margin-top: 1em">
+ <div class="well clearfix">
+ <%= image_tag "dax.png", style: "width: 147px; height: 197px; max-width: 25%; margin-right: 2em", class: 'pull-left' %>
+
+ <h3>Hi! You're logged in, but...</h3>
+
+ <p>
+
+ Your account is inactive.
+
+ </p><p>
+
+ An administrator must activate your account before you can get
+ any further.
+
+ </p>
+ </div>
+ </div>
+</div>
<% content_for :breadcrumbs do raw '<!-- -->' end %>
-<%= image_tag "dax.png", style: "float: left; max-width: 25%; margin-right: 2em" %>
-<h1>Hi there! Please log in to use <%= Rails.configuration.site_name %>.</h1>
-<div class="row-fluid">
- <div class="col span8" style="margin-top: 1em">
+<div class="row">
+ <div class="col-sm-8 col-sm-push-4" style="margin-top: 1em">
<div class="well clearfix">
- <p>When you click on the button below you will be taken to a Google sign-in page.
- After entering your information, you will be redirected back to <%= Rails.configuration.site_name %>
- If you have never used <%= Rails.configuration.site_name %> before, logging in for the first
- time will also create a new user account. <%= Rails.configuration.site_name %> uses your name and
- email address from Google services only for identification, and can not access any personal information
- beyond that.
- </p>
+ <%= image_tag "dax.png", style: "width: 147px; height: 197px; max-width: 25%; margin-right: 2em", class: 'pull-left' %>
+
+ <h3>Please log in.</h3>
+
+ <p>
+
+ The "Log in" button below will show you a Google sign-in page.
+ After you assure Google that you want to log in here with your
+ Google account, you will be redirected back here to
+ <%= Rails.configuration.site_name %>.
+
+ </p><p>
+
+ If you have never used <%= Rails.configuration.site_name %>
+ before, logging in for the first time will automatically
+ create a new account.
+
+ </p><p>
+
+ <i><%= Rails.configuration.site_name %> uses your name and
+ email address only for identification, and does not retrieve
+ any other personal information from Google.</i>
+
+ </p>
<p>
- <a class="pull-right btn btn-primary" href="<%= arvados_api_client.arvados_login_url(return_to: request.url) %>">
- Click here to log in to <%= Rails.configuration.site_name %> with a Google account</a>
+ <%= link_to arvados_api_client.arvados_login_url(return_to: request.url), class: "pull-right btn btn-primary" do %>
+ Log in to <%= Rails.configuration.site_name %>
+ <i class="fa fa-fw fa-arrow-circle-right"></i>
+ <% end %>
</p>
</div>
</div>
</div>
-
-
assert_not_equal(read_token, session[:arvados_api_token],
"using a reader token set the session's API token")
end
+
+ test "inactive user can retrieve user agreement" do
+ ua_collection = api_fixture('collections')['user_agreement']
+ get :show_file, {
+ uuid: ua_collection['uuid'],
+ file: ua_collection['manifest_text'].match(/ \d+:\d+:(\S+)/)[1]
+ }, session_for(:inactive)
+ assert_nil(assigns(:required_user_agreements),
+ "Did not skip check_user_agreements filter " +
+ "when showing the user agreement.")
+ assert_response :success
+ end
end
require 'test_helper'
class FoldersControllerTest < ActionController::TestCase
- # test "the truth" do
- # assert true
- # end
+ test "inactive user is asked to sign user agreements on front page" do
+ get :index, {}, session_for(:inactive)
+ assert_response :success
+ assert_not_empty assigns(:required_user_agreements),
+ "Inactive user did not have required_user_agreements"
+ assert_template 'user_agreements/index',
+ "Inactive user was not presented with a user agreement at the front page"
+ end
end
end
test "expired token yields login page, not error page" do
- skip
visit page_with_token('expired_trustedclient')
# Even the error page has a "Log in" link. We should look for
# something that only appears the real login page.
- assert page.has_text? 'Please log in'
+ assert page.has_text? 'log in here with your Google account'
end
end