From: Tom Clegg Date: Thu, 7 Nov 2013 17:15:01 +0000 (-0800) Subject: Use current_user to select API response template. fixes #1594 X-Git-Tag: 1.1.0~2973 X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/d6cc9d6e055974384be446f6da8218ff7da048ae Use current_user to select API response template. fixes #1594 --- diff --git a/services/api/app/controllers/application_controller.rb b/services/api/app/controllers/application_controller.rb index 9878547f30..2f07c39460 100644 --- a/services/api/app/controllers/application_controller.rb +++ b/services/api/app/controllers/application_controller.rb @@ -24,7 +24,7 @@ class ApplicationController < ActionController::Base def show if @object - render json: @object.as_api_response(:superuser) + render json: @object.as_api_response else render_not_found("object not found") end @@ -332,7 +332,7 @@ class ApplicationController < ActionController::Base :self_link => "", :next_page_token => "", :next_link => "", - :items => @objects.as_api_response(:superuser) + :items => @objects.as_api_response(nil) } render json: @object_list end diff --git a/services/api/app/controllers/arvados/v1/nodes_controller.rb b/services/api/app/controllers/arvados/v1/nodes_controller.rb index 1f7c1b085b..33c7ea7e24 100644 --- a/services/api/app/controllers/arvados/v1/nodes_controller.rb +++ b/services/api/app/controllers/arvados/v1/nodes_controller.rb @@ -17,4 +17,13 @@ class Arvados::V1::NodesController < ApplicationController ec2_instance_id: params[:instance_id] }) show end + + def index + if current_user.andand.is_admin + super + else + @objects = model_class.where('last_ping_at >= ?', Time.now - 1.hours) + render_list + end + end end diff --git a/services/api/app/models/api_client.rb b/services/api/app/models/api_client.rb index 3bda9f3d65..3e1dcd6c4a 100644 --- a/services/api/app/models/api_client.rb +++ b/services/api/app/models/api_client.rb @@ -4,7 +4,7 @@ class ApiClient < ActiveRecord::Base include CommonApiTemplate has_many :api_client_authorizations - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :name t.add :url_prefix t.add :is_trusted diff --git a/services/api/app/models/api_client_authorization.rb b/services/api/app/models/api_client_authorization.rb index dde15f4428..fca57dce8f 100644 --- a/services/api/app/models/api_client_authorization.rb +++ b/services/api/app/models/api_client_authorization.rb @@ -7,7 +7,7 @@ class ApiClientAuthorization < ArvadosModel after_initialize :assign_random_api_token serialize :scopes, Array - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :owner_uuid t.add :user_id t.add :api_client_id diff --git a/services/api/app/models/authorized_key.rb b/services/api/app/models/authorized_key.rb index d079952bee..afb33e60f8 100644 --- a/services/api/app/models/authorized_key.rb +++ b/services/api/app/models/authorized_key.rb @@ -7,7 +7,7 @@ class AuthorizedKey < ArvadosModel belongs_to :authorized_user, :foreign_key => :authorized_user_uuid, :class_name => 'User', :primary_key => :uuid - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :name t.add :key_type t.add :authorized_user_uuid diff --git a/services/api/app/models/collection.rb b/services/api/app/models/collection.rb index 7403b9a15a..df84b09dfb 100644 --- a/services/api/app/models/collection.rb +++ b/services/api/app/models/collection.rb @@ -3,7 +3,7 @@ class Collection < ArvadosModel include KindAndEtag include CommonApiTemplate - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :data_size t.add :files end diff --git a/services/api/app/models/group.rb b/services/api/app/models/group.rb index 94a392d5eb..9666257ea4 100644 --- a/services/api/app/models/group.rb +++ b/services/api/app/models/group.rb @@ -3,7 +3,7 @@ class Group < ArvadosModel include KindAndEtag include CommonApiTemplate - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :name t.add :description end diff --git a/services/api/app/models/human.rb b/services/api/app/models/human.rb index f031915a8f..3717f81c8f 100644 --- a/services/api/app/models/human.rb +++ b/services/api/app/models/human.rb @@ -4,7 +4,7 @@ class Human < ArvadosModel include CommonApiTemplate serialize :properties, Hash - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :properties end end diff --git a/services/api/app/models/job.rb b/services/api/app/models/job.rb index 154e2724db..d34d6df6b6 100644 --- a/services/api/app/models/job.rb +++ b/services/api/app/models/job.rb @@ -14,7 +14,7 @@ class Job < ArvadosModel class SubmitIdReused < StandardError end - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :submit_id t.add :priority t.add :script diff --git a/services/api/app/models/job_task.rb b/services/api/app/models/job_task.rb index e2f7930087..7d568e952a 100644 --- a/services/api/app/models/job_task.rb +++ b/services/api/app/models/job_task.rb @@ -6,7 +6,7 @@ class JobTask < ArvadosModel after_update :delete_created_job_tasks_if_failed after_update :assign_created_job_tasks_qsequence_if_succeeded - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :job_uuid t.add :created_by_job_task_uuid t.add :sequence diff --git a/services/api/app/models/keep_disk.rb b/services/api/app/models/keep_disk.rb index 3913077846..ee285d969a 100644 --- a/services/api/app/models/keep_disk.rb +++ b/services/api/app/models/keep_disk.rb @@ -4,7 +4,7 @@ class KeepDisk < ArvadosModel include CommonApiTemplate before_validation :ensure_ping_secret - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :node_uuid t.add :filesystem_uuid t.add :ping_secret diff --git a/services/api/app/models/link.rb b/services/api/app/models/link.rb index af7226b6df..1d4e13d186 100644 --- a/services/api/app/models/link.rb +++ b/services/api/app/models/link.rb @@ -12,7 +12,7 @@ class Link < ArvadosModel attr_accessor :head attr_accessor :tail - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :tail_kind t.add :tail_uuid t.add :link_class diff --git a/services/api/app/models/log.rb b/services/api/app/models/log.rb index d856455f4d..29efc9dc11 100644 --- a/services/api/app/models/log.rb +++ b/services/api/app/models/log.rb @@ -6,7 +6,7 @@ class Log < ArvadosModel before_validation :set_default_event_at attr_accessor :object - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :object_kind t.add :object_uuid t.add :object, :if => :object diff --git a/services/api/app/models/node.rb b/services/api/app/models/node.rb index cf1dd06693..8e17a8765d 100644 --- a/services/api/app/models/node.rb +++ b/services/api/app/models/node.rb @@ -18,15 +18,17 @@ class Node < ArvadosModel @@domain = Rails.configuration.compute_node_domain rescue `hostname --domain`.strip @@nameservers = Rails.configuration.compute_node_nameservers - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, :extend => :common do |t| t.add :hostname t.add :domain t.add :ip_address - t.add :first_ping_at t.add :last_ping_at - t.add :info t.add :slot_number t.add :status + end + api_accessible :superuser, :extend => :user do |t| + t.add :first_ping_at + t.add :info t.add lambda { |x| @@nameservers }, :as => :nameservers end diff --git a/services/api/app/models/pipeline_instance.rb b/services/api/app/models/pipeline_instance.rb index c73d059661..43497da6f4 100644 --- a/services/api/app/models/pipeline_instance.rb +++ b/services/api/app/models/pipeline_instance.rb @@ -10,7 +10,7 @@ class PipelineInstance < ArvadosModel before_validation :bootstrap_components before_validation :update_success - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :pipeline_template_uuid t.add :pipeline_template, :if => :pipeline_template t.add :name diff --git a/services/api/app/models/pipeline_template.rb b/services/api/app/models/pipeline_template.rb index 205ce696fa..3b099ed794 100644 --- a/services/api/app/models/pipeline_template.rb +++ b/services/api/app/models/pipeline_template.rb @@ -4,7 +4,7 @@ class PipelineTemplate < ArvadosModel include CommonApiTemplate serialize :components, Hash - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :name t.add :components end diff --git a/services/api/app/models/repository.rb b/services/api/app/models/repository.rb index 47e0ad4f0d..6b027d1889 100644 --- a/services/api/app/models/repository.rb +++ b/services/api/app/models/repository.rb @@ -3,7 +3,7 @@ class Repository < ArvadosModel include KindAndEtag include CommonApiTemplate - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :name t.add :fetch_url t.add :push_url diff --git a/services/api/app/models/specimen.rb b/services/api/app/models/specimen.rb index ea97fa012a..bcfcd7a5f2 100644 --- a/services/api/app/models/specimen.rb +++ b/services/api/app/models/specimen.rb @@ -4,7 +4,7 @@ class Specimen < ArvadosModel include CommonApiTemplate serialize :properties, Hash - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :material t.add :properties end diff --git a/services/api/app/models/trait.rb b/services/api/app/models/trait.rb index d16e7d07a9..85ab2368a8 100644 --- a/services/api/app/models/trait.rb +++ b/services/api/app/models/trait.rb @@ -4,7 +4,7 @@ class Trait < ArvadosModel include CommonApiTemplate serialize :properties, Hash - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :name t.add :properties end diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb index 2fb3df3926..6bb562be8e 100644 --- a/services/api/app/models/user.rb +++ b/services/api/app/models/user.rb @@ -10,7 +10,7 @@ class User < ArvadosModel has_many :authorized_keys, :foreign_key => :authorized_user_uuid, :primary_key => :uuid - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :email t.add :full_name t.add :first_name diff --git a/services/api/app/models/virtual_machine.rb b/services/api/app/models/virtual_machine.rb index 9b36ab5ad7..d2830cfcc2 100644 --- a/services/api/app/models/virtual_machine.rb +++ b/services/api/app/models/virtual_machine.rb @@ -5,7 +5,7 @@ class VirtualMachine < ArvadosModel has_many :login_permissions, :foreign_key => :head_uuid, :class_name => 'Link', :primary_key => :uuid, :conditions => "link_class = 'permission' and name = 'can_login'" - api_accessible :superuser, :extend => :common do |t| + api_accessible :user, extend: :common do |t| t.add :hostname end diff --git a/services/api/lib/common_api_template.rb b/services/api/lib/common_api_template.rb index 5426d13c23..d474581ef3 100644 --- a/services/api/lib/common_api_template.rb +++ b/services/api/lib/common_api_template.rb @@ -1,7 +1,11 @@ module CommonApiTemplate def self.included(base) - base.extend(ClassMethods) base.acts_as_api + base.class_eval do + alias_method :as_api_response_orig, :as_api_response + include InstanceMethods + end + base.extend(ClassMethods) base.api_accessible :common do |t| t.add :href t.add :kind @@ -16,6 +20,21 @@ module CommonApiTemplate end end + module InstanceMethods + # choose template based on opts[:for_user] + def as_api_response(template=nil, opts={}) + if template.nil? + user = opts[:for_user] || current_user + if user.is_admin and self.respond_to? :api_accessible_superuser + template = :superuser + else + template = :user + end + end + self.as_api_response_orig(template, opts) + end + end + module ClassMethods end end diff --git a/services/api/test/fixtures/nodes.yml b/services/api/test/fixtures/nodes.yml new file mode 100644 index 0000000000..780c3db362 --- /dev/null +++ b/services/api/test/fixtures/nodes.yml @@ -0,0 +1,19 @@ +running: + uuid: zzzzz-7ekkf-53y36l1lu5ijveb + owner_uuid: zzzzz-tpzed-d9tiejq69daie8f + hostname: compute0 + domain: "" + ip_address: 172.17.2.172 + last_ping_at: <%= 1.minute.ago.to_s(:db) %> + first_ping_at: <%= 23.hour.ago.to_s(:db) %> + info: {ping_secret: "48dpm3b8ijyj3jkr2yczxw0844dqd2752bhll7klodvgz9bg80"} + +down: + uuid: zzzzz-7ekkf-2vbompg3ecc6e2s + owner_uuid: zzzzz-tpzed-d9tiejq69daie8f + hostname: compute1 + domain: "" + ip_address: 172.17.2.173 + last_ping_at: <%= 1.hour.ago.to_s(:db) %> + first_ping_at: <%= 23.hour.ago.to_s(:db) %> + info: {ping_secret: "2k3i71depad36ugwmlgzilbi4e8n0illb2r8l4efg9mzkb3a1k"} diff --git a/services/api/test/functional/arvados/v1/nodes_controller_test.rb b/services/api/test/functional/arvados/v1/nodes_controller_test.rb index 76915eddc3..49d3a30d20 100644 --- a/services/api/test/functional/arvados/v1/nodes_controller_test.rb +++ b/services/api/test/functional/arvados/v1/nodes_controller_test.rb @@ -2,19 +2,24 @@ require 'test_helper' class Arvados::V1::NodesControllerTest < ActionController::TestCase - test "should get index" do + test "should get index with ping_secret" do authorize_with :admin get :index assert_response :success assert_not_nil assigns(:objects) + node_items = JSON.parse(@response.body)['items'] + assert_not_equal 0, node_items.size + assert_not_nil node_items[0]['info'].andand['ping_secret'] end # inactive user should not see any nodes - test "should get empty index" do + test "should get index without ping_secret" do authorize_with :inactive get :index assert_response :success - assert_equal 0, JSON.parse(@response.body)['items'].size + node_items = JSON.parse(@response.body)['items'] + assert_not_equal 0, node_items.size + assert_nil node_items[0]['info'].andand['ping_secret'] end end