respond_to :html, :json, :js
protect_from_forgery
around_filter :thread_clear
- around_filter :thread_with_api_token, :except => [:render_exception, :render_not_found]
+ around_filter :thread_with_mandatory_api_token, :except => [:render_exception, :render_not_found]
+ around_filter :thread_with_optional_api_token
before_filter :find_object_by_uuid, :except => [:index, :render_exception, :render_not_found]
before_filter :check_user_agreements, :except => [:render_exception, :render_not_found]
before_filter :check_user_notifications, :except => [:render_exception, :render_not_found]
end
end
- def thread_with_optional_api_token
- thread_with_api_token(true) do
+ def thread_with_mandatory_api_token
+ thread_with_api_token do
yield
end
end
+ # This runs after thread_with_mandatory_api_token in the filter chain.
+ def thread_with_optional_api_token
+ if Thread.current[:arvados_api_token]
+ # We are already inside thread_with_mandatory_api_token.
+ yield
+ else
+ # We skipped thread_with_mandatory_api_token. Use the optional version.
+ thread_with_api_token(true) do
+ yield
+ end
+ end
+ end
+
def verify_api_token
begin
Link.where(uuid: 'just-verifying-my-api-token')
}
@@notification_tests.push lambda { |controller, current_user|
- AuthorizedKey.limit(1).where(authorized_user_uuid: current_user.uuid).each do
+ AuthorizedKey.limit(1).where(authorized_user_uuid: current_user.uuid).each do
return nil
end
return lambda { |view|
}
@@notification_tests.push lambda { |controller, current_user|
- Job.limit(1).where(created_by: current_user.uuid).each do
+ Job.limit(1).where(created_by: current_user.uuid).each do
return nil
end
return lambda { |view|
}
@@notification_tests.push lambda { |controller, current_user|
- Collection.limit(1).where(created_by: current_user.uuid).each do
+ Collection.limit(1).where(created_by: current_user.uuid).each do
return nil
end
return lambda { |view|
}
@@notification_tests.push lambda { |controller, current_user|
- PipelineInstance.limit(1).where(created_by: current_user.uuid).each do
+ PipelineInstance.limit(1).where(created_by: current_user.uuid).each do
return nil
end
return lambda { |view|
class SessionsController < ApplicationController
- skip_around_filter :thread_with_api_token, :only => [:destroy, :index]
+ skip_around_filter :thread_with_mandatory_api_token, :only => [:destroy, :index]
+ skip_around_filter :thread_with_optional_api_token, :only => [:destroy, :index]
skip_before_filter :find_object_by_uuid, :only => [:destroy, :index]
def destroy
session.clear