[ARVADOS] updated: 9f7a232bbdce6e1640012c0cca87862b5c1be4f4
git at public.curoverse.com
git at public.curoverse.com
Mon Apr 28 13:00:50 EDT 2014
Summary of changes:
.gitignore | 9 +-
apps/workbench/.gitignore | 18 +--
apps/workbench/app/controllers/users_controller.rb | 29 +++-
apps/workbench/app/helpers/application_helper.rb | 18 +-
apps/workbench/app/models/arvados_api_client.rb | 2 +-
apps/workbench/app/models/group.rb | 4 +
apps/workbench/app/models/user.rb | 5 +
.../app/views/layouts/application.html.erb | 1 -
.../app/views/users/_show_activity.html.erb | 2 +-
apps/workbench/app/views/users/activity.html.erb | 16 +-
apps/workbench/app/views/users/storage.html.erb | 66 +++++++
apps/workbench/config/routes.rb | 1 +
.../pipeline_instances_controller_test.rb | 18 ++-
apps/workbench/test/test_helper.rb | 16 ++-
apps/workbench/test/unit/user_test.rb | 15 ++-
doc/_config.yml | 2 -
doc/_includes/_tutorial_hash_script_py.liquid | 8 +-
doc/api/methods.html.textile.liquid | 17 +--
.../api_client_authorizations.html.textile.liquid | 37 +----
doc/api/methods/api_clients.html.textile.liquid | 38 +----
.../methods/authorized_keys.html.textile.liquid | 37 +----
doc/api/methods/collections.html.textile.liquid | 38 +----
doc/api/methods/groups.html.textile.liquid | 34 ++--
doc/api/methods/humans.html.textile.liquid | 37 +----
doc/api/methods/job_tasks.html.textile.liquid | 37 +----
doc/api/methods/jobs.html.textile.liquid | 145 ++++++---------
doc/api/methods/keep_disks.html.textile.liquid | 38 +----
doc/api/methods/links.html.textile.liquid | 39 +----
doc/api/methods/logs.html.textile.liquid | 37 +----
doc/api/methods/nodes.html.textile.liquid | 37 +----
.../methods/pipeline_instances.html.textile.liquid | 37 +----
.../methods/pipeline_templates.html.textile.liquid | 37 +----
doc/api/methods/repositories.html.textile.liquid | 37 +----
doc/api/methods/specimens.html.textile.liquid | 37 +----
doc/api/methods/traits.html.textile.liquid | 37 +----
doc/api/methods/users.html.textile.liquid | 33 ++--
.../methods/virtual_machines.html.textile.liquid | 63 ++-----
doc/api/resources.html.textile.liquid | 4 +-
doc/api/schema/ApiClient.html.textile.liquid | 22 +--
.../ApiClientAuthorization.html.textile.liquid | 23 +--
doc/api/schema/AuthorizedKey.html.textile.liquid | 21 +--
doc/api/schema/Collection.html.textile.liquid | 11 +-
doc/api/schema/Commit.html.textile.liquid | 38 ----
doc/api/schema/CommitAncestor.html.textile.liquid | 39 ----
doc/api/schema/Group.html.textile.liquid | 23 +--
doc/api/schema/Human.html.textile.liquid | 23 +--
doc/api/schema/Job.html.textile.liquid | 56 ++----
doc/api/schema/JobTask.html.textile.liquid | 10 +-
doc/api/schema/KeepDisk.html.textile.liquid | 21 +--
doc/api/schema/Link.html.textile.liquid | 16 +-
doc/api/schema/Log.html.textile.liquid | 13 +-
doc/api/schema/Node.html.textile.liquid | 23 +--
.../schema/PipelineInstance.html.textile.liquid | 23 +--
.../schema/PipelineTemplate.html.textile.liquid | 25 +--
doc/api/schema/Repository.html.textile.liquid | 21 +--
doc/api/schema/Specimen.html.textile.liquid | 23 +--
doc/api/schema/Trait.html.textile.liquid | 23 +--
doc/api/schema/User.html.textile.liquid | 23 +--
doc/api/schema/VirtualMachine.html.textile.liquid | 21 +--
.../create-standard-objects.html.textile.liquid | 10 +-
doc/install/install-api-server.html.textile.liquid | 87 ++++++---
.../install-crunch-dispatch.html.textile.liquid | 2 +-
.../install-workbench-app.html.textile.liquid | 42 ++++-
.../getting_started/ssh-access.html.textile.liquid | 42 ++--
doc/user/index.html.textile.liquid | 10 +-
doc/user/reference/api-tokens.html.textile.liquid | 2 +-
doc/user/topics/keep.html.textile.liquid | 4 +-
...nning-pipeline-command-line.html.textile.liquid | 4 +-
.../topics/tutorial-job-debug.html.textile.liquid | 6 +-
doc/user/topics/tutorial-job1.html.textile.liquid | 10 +-
.../topics/tutorial-parallel.html.textile.liquid | 8 +-
.../tutorial-trait-search.html.textile.liquid | 28 ++--
.../tutorials/intro-crunch.html.textile.liquid | 2 +-
.../running-external-program.html.textile.liquid | 6 +-
.../tutorial-firstscript.html.textile.liquid | 24 ++--
.../tutorials/tutorial-keep.html.textile.liquid | 4 +-
.../tutorial-new-pipeline.html.textile.liquid | 6 +-
sdk/cli/bin/arv-run-pipeline-instance | 38 +++--
services/api/.gitignore | 20 +--
.../api/app/controllers/api_clients_controller.rb | 2 -
.../api/app/controllers/application_controller.rb | 195 ++++++++++++++------
.../v1/api_client_authorizations_controller.rb | 29 ++-
.../app/controllers/arvados/v1/jobs_controller.rb | 31 ++--
.../api/app/controllers/collections_controller.rb | 2 -
.../app/controllers/commit_ancestors_controller.rb | 2 -
services/api/app/controllers/commits_controller.rb | 2 -
services/api/app/controllers/nodes_controller.rb | 30 ---
.../controllers/pipeline_instances_controller.rb | 2 -
services/api/app/controllers/users_controller.rb | 2 -
services/api/app/models/group.rb | 1 +
services/api/app/models/job.rb | 2 +-
services/api/app/models/pipeline_instance.rb | 2 +-
services/api/config/application.rb | 2 +
services/api/config/database.yml.sample | 8 +-
services/api/config/routes.rb | 163 +++++------------
.../20140421140924_add_group_class_to_groups.rb | 6 +
.../20140421151939_rename_auth_keys_user_index.rb | 11 +
.../migrate/20140421151940_timestamps_not_null.rb | 13 ++
services/api/db/schema.rb | 4 +-
services/api/lib/assign_uuid.rb | 11 +-
services/api/lib/common_api_template.rb | 1 -
services/api/test/fixtures/groups.yml | 24 +++
services/api/test/fixtures/links.yml | 28 +++
services/api/test/fixtures/pipeline_instances.yml | 19 ++-
services/api/test/fixtures/specimens.yml | 12 ++
.../api/test/functional/admin_notifier_test.rb | 7 -
.../api_client_authorizations_controller_test.rb | 43 +++--
.../arvados/v1/collections_controller_test.rb | 6 +-
.../arvados/v1/groups_controller_test.rb | 112 +++++++++++
.../arvados/v1/job_reuse_controller_test.rb | 132 ++++++++++++--
.../arvados/v1/keep_disks_controller_test.rb | 2 +-
.../functional/arvados/v1/links_controller_test.rb | 2 +-
.../functional/arvados/v1/nodes_controller_test.rb | 4 +-
.../functional/arvados/v1/users_controller_test.rb | 86 ++++++++-
.../functional/commit_ancestors_controller_test.rb | 7 -
.../api/test/functional/commits_controller_test.rb | 7 -
services/api/test/functional/user_notifier_test.rb | 7 -
.../api_client_authorizations_api_test.rb | 6 +-
.../api/test/integration/collections_api_test.rb | 24 ++--
services/api/test/integration/errors_test.rb | 27 +++
services/api/test/integration/jobs_api_test.rb | 4 +-
services/api/test/integration/permissions_test.rb | 12 +-
services/api/test/integration/valid_links_test.rb | 2 +-
services/api/test/test_helper.rb | 8 +-
services/api/test/unit/pipeline_instance_test.rb | 36 +++--
125 files changed, 1411 insertions(+), 1666 deletions(-)
create mode 100644 apps/workbench/app/views/users/storage.html.erb
delete mode 100644 doc/api/schema/Commit.html.textile.liquid
delete mode 100644 doc/api/schema/CommitAncestor.html.textile.liquid
delete mode 100644 services/api/app/controllers/api_clients_controller.rb
delete mode 100644 services/api/app/controllers/collections_controller.rb
delete mode 100644 services/api/app/controllers/commit_ancestors_controller.rb
delete mode 100644 services/api/app/controllers/commits_controller.rb
delete mode 100644 services/api/app/controllers/nodes_controller.rb
delete mode 100644 services/api/app/controllers/pipeline_instances_controller.rb
delete mode 100644 services/api/app/controllers/users_controller.rb
create mode 100644 services/api/db/migrate/20140421140924_add_group_class_to_groups.rb
create mode 100644 services/api/db/migrate/20140421151939_rename_auth_keys_user_index.rb
create mode 100644 services/api/db/migrate/20140421151940_timestamps_not_null.rb
delete mode 100644 services/api/test/functional/admin_notifier_test.rb
delete mode 100644 services/api/test/functional/commit_ancestors_controller_test.rb
delete mode 100644 services/api/test/functional/commits_controller_test.rb
delete mode 100644 services/api/test/functional/user_notifier_test.rb
create mode 100644 services/api/test/integration/errors_test.rb
via 9f7a232bbdce6e1640012c0cca87862b5c1be4f4 (commit)
via 699b56aacd21b5435f3cee967d21d8d6178e681c (commit)
via 71b1b7b045419817d1c9dc62a3a296b746d9117c (commit)
via 6974d01c522e31ca585425fc5c6d5928f62d29b3 (commit)
via 7fbcd989af9949b11ddfec0c9ebfaa96a655eef4 (commit)
via c3457ad20bfd00c99facef396f1dbdbcbdbad241 (commit)
via b914818fb9e794dab68c428a52666507352a6770 (commit)
via 6d2128ae15825ef03472897e09710b176e3cc1d9 (commit)
via d61f56590d4c1bc2c965b640698217a5d4af1d8c (commit)
via 62ce10f18cb083d701471d0fe27e964c85214200 (commit)
via f93ebd504f60b3055c254e23ba987ed29e8987b2 (commit)
via 416374d4bbf381f5689fe2d1c72705d0796e8382 (commit)
via f078a2d38f8bfe17732d171895fa23471f8217c1 (commit)
via 288ea0d2e35bf94d8a9f0bc609bac1467c1c5b9e (commit)
via 1ba54c139354125459f3a25ad7a2894a02c7d1f4 (commit)
via 660ebe707d2f7c28648b38ff9be826622fbefd39 (commit)
via 41863948b43264bbd09358d145177a7fadd864cf (commit)
via 25e42ea5b6e0751d930ee8ca8e76316eaa04d577 (commit)
via 19c292c1757bf98ecb3f1979c0b759f54c0aad7a (commit)
via b6a0ff1443bb40b52df7b30fd269aa6f05591b31 (commit)
via 475c550e2ee1377b2f7b2ad9fcfdf392ecbd983b (commit)
via ad79a64bd1503e1e47d3849a00b894c4a6bc9810 (commit)
via 4aef6531076e8c9d00252050d0757b32a22519c1 (commit)
via 73e28547278ddff84847c12ad7f926e717ae553a (commit)
via 6f918d1fc451f1ad72350677155a0d67f40a9628 (commit)
via 2ed4ec45553b9931f78ca88b694f590102ed2bbd (commit)
via ca0d33c522fad9b3467f4a58b8fe336665ed493b (commit)
via c0aeec88f6507f441796d25ad2dfb49c78185731 (commit)
via d6399c117f03f45e83648dca6e23dd7174793253 (commit)
via 8905037aede017ccdb66dd2850bfbd2284904e4e (commit)
via 17e1d2d431280a8911ecd1f028de1924a7dc3aed (commit)
via 7f7cd27d5fc31dc5bbec7f95905fd394a5b317c7 (commit)
via 8a0051a6fdd00f83e566cc87b88d2ac23ad5487d (commit)
via 0e7a1577b51111a9d503f21d40582da62c2dd7b9 (commit)
via 7cbc35ccbc4d78bb43c901e197a1746a325173c0 (commit)
via 7fc48a11da8740deb01b0063faa2ceb687709205 (commit)
via 694e4fdd124150f1b0a237ce6a698f3d00d92eb9 (commit)
via 7efcc87e3cba4f03429751f9f3d109cc88e6926c (commit)
via 75fa6afdd3f0f85d48e7a95372dd8cf094811221 (commit)
via d2d9ff48a6c111293340ac351f94428e5204366f (commit)
via d325f035a861d1421f6e2fe0d2f01e9f3e93d749 (commit)
via 61f4536217e0beeafab54a8b66d40f859fdd1306 (commit)
via 04e99ad773e4a47dabc7f0e1b624f67a00ff00b9 (commit)
via 6f6c9a2c6e7b871ad9ee592f45ebfdb7f5f26ee1 (commit)
via deed6e331c70c4410b161f260e2b93fa71b39d50 (commit)
via 44480d99e71e1868f61024035d7d58acd69eac50 (commit)
via 448cff33fc343a54caa1a33f4a536d88e3e4eaa1 (commit)
via 5588c452453499d0aa130abe6421df5e85cf5703 (commit)
via cc6030b1b1b2f056ee63873e042077fe0f0dd64f (commit)
via 2c157382b1ecf0175f0356d6c3a457dca942f5f3 (commit)
via 39e3f82b53db6a86f17ef1f7aa63a6c4ba155a1c (commit)
via eded84b99309a2cc84ba5cabb29c8f218cbcb599 (commit)
via 5d83a6b6e8a76bfa79a9929c0658eeb7409c4574 (commit)
via 153056777f77f09a6d29543e73db315a7fb6b0fb (commit)
via 172496748cb0a149426e8a10cb4fd1c64e20dbe7 (commit)
via 61ddcaf192e3f39ed8a1242f35bf1b28ff1fe121 (commit)
via 3e7478a9a822686e1b5291fb0909a2ee2fcfeace (commit)
via 441549528f2fcea8e55fde62416a69f2bfc6816d (commit)
via 8f03c71e76376e8fa767d049a06d55836c94444c (commit)
via b49b532b27ec9013e088eb48d43de75b5e5a7d9c (commit)
via 3a1eb3b2205c10236faa28ad9731c8b515533500 (commit)
via 4f4c0d83cee7cd6783cfb20ac8d79687b8912e4a (commit)
via bef270550d49533c46df8741db9f9dfa67afc1b8 (commit)
via c3e86c9c7d6c01929152259f8b53a8f48853380c (commit)
via 56b07eaa6ad92b04d31098913632a397c4aa62d5 (commit)
via edc4704eb45c67aaad8428dc493e4e07480b86e3 (commit)
via a1a8d260132fc8884c0296fd925b531ef9cc575d (commit)
from deb9df305fbe98e244e3f93607ac661fc8263717 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 9f7a232bbdce6e1640012c0cca87862b5c1be4f4
Author: Brett Smith <brett at curoverse.com>
Date: Mon Apr 28 13:01:18 2014 -0400
api: Support filters in API client auths index.
Per comments on Refs #1904. filters is generally the preferred way to
do searching now. I maintained existing limits on what can be
searched with this method.
diff --git a/services/api/app/controllers/application_controller.rb b/services/api/app/controllers/application_controller.rb
index a86e35b..b091397 100644
--- a/services/api/app/controllers/application_controller.rb
+++ b/services/api/app/controllers/application_controller.rb
@@ -207,6 +207,10 @@ class ApplicationController < ActionController::Base
end
end
+ def default_orders
+ ["#{table_name}.modified_at desc"]
+ end
+
def load_limit_offset_order_params
if params[:limit]
unless params[:limit].to_s.match(/^\d+$/)
@@ -239,7 +243,7 @@ class ApplicationController < ActionController::Base
end
end
if @orders.empty?
- @orders << "#{table_name}.modified_at desc"
+ @orders = default_orders
end
end
diff --git a/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb b/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
index ff322a7..3daeae2 100644
--- a/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
+++ b/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
@@ -34,20 +34,31 @@ class Arvados::V1::ApiClientAuthorizationsController < ApplicationController
protected
+ def default_orders
+ ["#{table_name}.created_at desc"]
+ end
+
def find_objects_for_index
# Here we are deliberately less helpful about searching for client
- # authorizations. Rather than use the generic index/where/order
- # features, we look up tokens belonging to the current user and
- # filter by exact match on api_token (which we expect in the form
- # of a where[uuid] parameter to make things easier for API client
- # libraries).
+ # authorizations. We look up tokens belonging to the current user
+ # and filter by exact matches on api_token and scopes.
+ wanted_scopes = [@where.andand['scopes']]
+ if @filters
+ wanted_scopes.concat(@filters.map { |attr, operator, operand|
+ ((attr == 'scopes') and (operator == '=')) ? operand : nil
+ })
+ end
+ @where.andand.select! { |attr, val| attr == 'uuid' }
+ @filters.andand.select! { |attr, operator, operand|
+ (attr == 'uuid') and (operator == '=')
+ }
@objects = model_class.
includes(:user, :api_client).
- where('user_id=? and (? or api_token=?)', current_user.id, !@where['uuid'], @where['uuid']).
- order('created_at desc')
- unless @where['scopes'].nil?
+ where('user_id=?', current_user.id)
+ super
+ wanted_scopes.compact.each do |scope_list|
@objects = @objects.select { |auth|
- (auth.scopes & @where['scopes']) == (auth.scopes | @where['scopes'])
+ (auth.scopes & scope_list) == (auth.scopes | scope_list)
}
end
end
diff --git a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
index 0072792..8877719 100644
--- a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
@@ -37,22 +37,33 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes
assert_response 403
end
- test "admin search filters where scopes exactly match" do
- def check_tokens_by_scopes(scopes, *expected_tokens)
- expected_tokens.map! { |name| api_client_authorizations(name).api_token }
- get :index, where: {scopes: scopes}
- assert_response :success
- got_tokens = JSON.parse(@response.body)['items']
- .map { |auth| auth['api_token'] }
- assert_equal(expected_tokens.sort, got_tokens.sort,
- "wrong results for scopes = #{scopes}")
+ def assert_found_tokens(auth, search_params, *expected_tokens)
+ authorize_with auth
+ expected_tokens.map! { |name| api_client_authorizations(name).api_token }
+ get :index, search_params
+ assert_response :success
+ got_tokens = JSON.parse(@response.body)['items']
+ .map { |auth| auth['api_token'] }
+ assert_equal(expected_tokens.sort, got_tokens.sort,
+ "wrong results for #{search_params.inspect}")
+ end
+
+ # Three-tuples with auth to use, scopes to find, and expected tokens.
+ # Make two tests for each tuple, one searching with where and the other
+ # with filter.
+ [[:admin_trustedclient, [], :admin_noscope],
+ [:active_trustedclient, ["GET /arvados/v1/users"], :active_userlist],
+ [:active_trustedclient,
+ ["POST /arvados/v1/api_client_authorizations",
+ "GET /arvados/v1/api_client_authorizations"],
+ :active_apitokens],
+ ].each do |auth, scopes, *expected|
+ test "#{auth.to_s} can find auths where scopes=#{scopes.inspect}" do
+ assert_found_tokens(auth, {where: {scopes: scopes}}, *expected)
+ end
+
+ test "#{auth.to_s} can find auths filtered with scopes=#{scopes.inspect}" do
+ assert_found_tokens(auth, {filters: [['scopes', '=', scopes]]}, *expected)
end
- authorize_with :admin_trustedclient
- check_tokens_by_scopes([], :admin_noscope)
- authorize_with :active_trustedclient
- check_tokens_by_scopes(["GET /arvados/v1/users"], :active_userlist)
- check_tokens_by_scopes(["POST /arvados/v1/api_client_authorizations",
- "GET /arvados/v1/api_client_authorizations"],
- :active_apitokens)
end
end
commit 699b56aacd21b5435f3cee967d21d8d6178e681c
Merge: 6974d01 71b1b7b
Author: Brett Smith <brett at curoverse.com>
Date: Mon Apr 28 11:04:07 2014 -0400
Merge branch 'master' into 1904-object-scopes-wip
commit 6974d01c522e31ca585425fc5c6d5928f62d29b3
Merge: deb9df3 7fbcd98
Author: Brett Smith <brett at curoverse.com>
Date: Mon Apr 28 09:51:18 2014 -0400
Merge branch 'master' into 1904-object-scopes-wip
diff --cc services/api/app/controllers/application_controller.rb
index c9e7150,713f2cf..a86e35b
--- a/services/api/app/controllers/application_controller.rb
+++ b/services/api/app/controllers/application_controller.rb
@@@ -7,12 -7,9 +7,9 @@@ class ApplicationController < ActionCon
around_filter :thread_with_auth_info, :except => [:render_error, :render_not_found]
before_filter :remote_ip
- before_filter :require_auth_scope_all, :except => :render_not_found
+ before_filter :require_auth_scope, :except => :render_not_found
before_filter :catch_redirect_hint
- before_filter :load_where_param, :only => :index
- before_filter :load_filters_param, :only => :index
- before_filter :find_objects_for_index, :only => :index
before_filter :find_object_by_uuid, :except => [:index, :create,
:render_error,
:render_not_found]
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list