From: Radhika Chippada <radhika@curoverse.com>
Date: Mon, 2 Feb 2015 20:20:22 +0000 (-0500)
Subject: 2659: no need for permit_anonymous_browsing_for_public_data filter; instead, directly... 
X-Git-Tag: 1.1.0~1844^2~37
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/d487907328f3581cd7c93f73729b1e089430523d

2659: no need for permit_anonymous_browsing_for_public_data filter; instead, directly use the anonymous token in arvados_api_client.
---

diff --git a/apps/workbench/app/controllers/application_controller.rb b/apps/workbench/app/controllers/application_controller.rb
index 3f36a311a7..02ae656299 100644
--- a/apps/workbench/app/controllers/application_controller.rb
+++ b/apps/workbench/app/controllers/application_controller.rb
@@ -8,7 +8,6 @@ class ApplicationController < ActionController::Base
   ERROR_ACTIONS = [:render_error, :render_not_found]
 
   around_filter :thread_clear
-  before_filter :permit_anonymous_browsing_for_public_data
   around_filter :set_thread_api_token
   # Methods that don't require login should
   #   skip_around_filter :require_thread_api_token
@@ -530,7 +529,6 @@ class ApplicationController < ActionController::Base
   def setup_user_session
     return false unless params[:api_token]
     Thread.current[:arvados_api_token] = params[:api_token]
-    Thread.current[:arvados_anonymous_api_token] = nil
     begin
       user = User.current
     rescue ArvadosApiClient::NotLoggedInException
@@ -566,12 +564,6 @@ class ApplicationController < ActionController::Base
     end
   end
 
-  def permit_anonymous_browsing_for_public_data
-    if !Thread.current[:arvados_api_token] && !params[:api_token] && !session[:arvados_api_token]
-      Thread.current[:arvados_anonymous_api_token] = Rails.configuration.anonymous_user_token
-    end
-  end
-
   # Save the session API token in thread-local storage, and yield.
   # This method also takes care of session setup if the request
   # provides a valid api_token parameter.
diff --git a/apps/workbench/app/models/arvados_api_client.rb b/apps/workbench/app/models/arvados_api_client.rb
index e596eddba7..4e2d964e6d 100644
--- a/apps/workbench/app/models/arvados_api_client.rb
+++ b/apps/workbench/app/models/arvados_api_client.rb
@@ -122,8 +122,8 @@ class ArvadosApiClient
 
     # Use anonymous token if available when it is a GET request
     if ((query["_method"] == "GET") or (query[:_method] == "GET")) && !Thread.current[:user]
-      if Thread.current[:arvados_anonymous_api_token]
-        query["api_token"] = Thread.current[:arvados_anonymous_api_token]
+      if Rails.configuration.respond_to? :anonymous_user_token
+        query["api_token"] = Rails.configuration.anonymous_user_token
       end
     end