radhika [Fri, 30 May 2014 01:59:14 +0000 (21:59 -0400)]
2929: provenance graph is cutoff on the left. Removed the absolute positioning on the div to resolve the issue.
We now have functioning provenance graph display for pipeline instances, jobs, and collections.
Tim Pierce [Thu, 29 May 2014 21:08:22 +0000 (17:08 -0400)]
2755: code review.
* arv-put returns an unsigned manifest UUID.
* The ArvPutSignedManifest test first confirms that the collection is
not present in the API server. Also asserts that the arv-put command
completed successfully.
* Additional tests for KeepPermissionTestCase for each potential
combination of wrong authorization and signature.
Peter Amstutz [Thu, 29 May 2014 14:18:53 +0000 (10:18 -0400)]
Added rescue AccessForbiddenException to collections controller and view to
disable the "sharing link" feature when the client is untrusted. refs #2766
Peter Amstutz [Thu, 29 May 2014 13:22:43 +0000 (09:22 -0400)]
Go Keep client correctly closes response body on client requests, should fix
lingering connections problem. Also added graceful shutdown on SIGINT to
keepproxy. refs #1885
Tim Pierce [Wed, 28 May 2014 21:58:09 +0000 (17:58 -0400)]
2755: add support to arv-put for signed manifests.
When arv-put finishes a stream, the manifest it stores in Keep now has
been stripped of signatures and other variable hints.
test_cmdline.py tests arv-put's handling of the manifest to make sure
that, when permissions are enabled, the manifest in Keep lacks
signatures, and the same manifest returned from the API server includes
signatures.
Peter Amstutz [Wed, 28 May 2014 15:19:37 +0000 (11:19 -0400)]
2044: Fixed CollectionsController#search_scopes to use 'filter' correctly
instead of using 'where' incorrectly. Reverted most changes to
ArvadosModel#ensure_owner_uuid_is_permitted. Added rescue to
collections/show.html.erb when log.event_at is nil.
radhika [Tue, 27 May 2014 14:35:03 +0000 (10:35 -0400)]
2678: update a-r-p-i to set the owner_uuid on the newly created job when the pi belongs to a group. also, update crunch-dspatch to create the log lines with the group's owner_uuid.
Brett Smith [Mon, 26 May 2014 15:36:11 +0000 (11:36 -0400)]
2863: Remove debugging print from Python KeepClient.
Other tools like crunch-job parse the output of tools like arv-get and
arv-put. Right now crunch-job is saving this debug output in the log
attribute of running jobs, which confuses several other tools like
Workbench.
Tim Pierce [Sat, 24 May 2014 04:44:06 +0000 (00:44 -0400)]
2755: incorporate code review.
* Unit tests cover all permutations of signature/authorization when
--enforce-permissions=false
* Keep is more forgiving about the structure of locators, permits
locator hints of unknown type (as long as they begin with an uppercase
letter)
* Keep delivers 400 Bad Request for requests that do not match any
route, or are lexically invalid. 404 Not Found only for requests with
a syntactically valid hash not found on disk.
Tim Pierce [Wed, 21 May 2014 14:58:18 +0000 (10:58 -0400)]
2755: add support for signed locators in the Python SDK.
* arvados.Keep.put() saves the response body (which may contain a
signed locator) and returns it to the caller.
* arvados.Keep.get() passes the full signed locator to the remote Keep
server. The bare MD5 hash is still used for caching and for
shuffled_service_roots
* run_test_server.run_keep() takes arguments 'blob_signing_key' and
'enforce_permissions', for testing permission signatures in unit
tests.
* test_keep_client: new unit tests for permissions:
- with --enforce-permissions=true:
- GET with a signed locator works
- GET with an unsigned locator fails
- unauthenticated GET fails
- with --enforce-permissions=false:
- GET with a signed locator works
- GET with an unsigned locator works
- unauthenticated GET works
Bug fixes to permission handling in the Keep server:
* Locator hints may appear in any order; be flexible. Parse them in
GetBlockHandler rather than in the REST router.
* Returned locators are terminated with newline (consistent with
Warehouse, and more friendly for human debugging).
* The locator returned from a PUT request always has a size hint.
* The correct Authorization header keyword is "OAuth2", not
"OAuth". D'oh.
* Updated unit tests to accommodate newlines, size hints and OAuth2.
projects / arvados.git / log