[ARVADOS] updated: 9f7a232bbdce6e1640012c0cca87862b5c1be4f4

git at public.curoverse.com git at public.curoverse.com
Mon Apr 28 13:00:50 EDT 2014


Summary of changes:
 .gitignore                                         |    9 +-
 apps/workbench/.gitignore                          |   18 +--
 apps/workbench/app/controllers/users_controller.rb |   29 +++-
 apps/workbench/app/helpers/application_helper.rb   |   18 +-
 apps/workbench/app/models/arvados_api_client.rb    |    2 +-
 apps/workbench/app/models/group.rb                 |    4 +
 apps/workbench/app/models/user.rb                  |    5 +
 .../app/views/layouts/application.html.erb         |    1 -
 .../app/views/users/_show_activity.html.erb        |    2 +-
 apps/workbench/app/views/users/activity.html.erb   |   16 +-
 apps/workbench/app/views/users/storage.html.erb    |   66 +++++++
 apps/workbench/config/routes.rb                    |    1 +
 .../pipeline_instances_controller_test.rb          |   18 ++-
 apps/workbench/test/test_helper.rb                 |   16 ++-
 apps/workbench/test/unit/user_test.rb              |   15 ++-
 doc/_config.yml                                    |    2 -
 doc/_includes/_tutorial_hash_script_py.liquid      |    8 +-
 doc/api/methods.html.textile.liquid                |   17 +--
 .../api_client_authorizations.html.textile.liquid  |   37 +----
 doc/api/methods/api_clients.html.textile.liquid    |   38 +----
 .../methods/authorized_keys.html.textile.liquid    |   37 +----
 doc/api/methods/collections.html.textile.liquid    |   38 +----
 doc/api/methods/groups.html.textile.liquid         |   34 ++--
 doc/api/methods/humans.html.textile.liquid         |   37 +----
 doc/api/methods/job_tasks.html.textile.liquid      |   37 +----
 doc/api/methods/jobs.html.textile.liquid           |  145 ++++++---------
 doc/api/methods/keep_disks.html.textile.liquid     |   38 +----
 doc/api/methods/links.html.textile.liquid          |   39 +----
 doc/api/methods/logs.html.textile.liquid           |   37 +----
 doc/api/methods/nodes.html.textile.liquid          |   37 +----
 .../methods/pipeline_instances.html.textile.liquid |   37 +----
 .../methods/pipeline_templates.html.textile.liquid |   37 +----
 doc/api/methods/repositories.html.textile.liquid   |   37 +----
 doc/api/methods/specimens.html.textile.liquid      |   37 +----
 doc/api/methods/traits.html.textile.liquid         |   37 +----
 doc/api/methods/users.html.textile.liquid          |   33 ++--
 .../methods/virtual_machines.html.textile.liquid   |   63 ++-----
 doc/api/resources.html.textile.liquid              |    4 +-
 doc/api/schema/ApiClient.html.textile.liquid       |   22 +--
 .../ApiClientAuthorization.html.textile.liquid     |   23 +--
 doc/api/schema/AuthorizedKey.html.textile.liquid   |   21 +--
 doc/api/schema/Collection.html.textile.liquid      |   11 +-
 doc/api/schema/Commit.html.textile.liquid          |   38 ----
 doc/api/schema/CommitAncestor.html.textile.liquid  |   39 ----
 doc/api/schema/Group.html.textile.liquid           |   23 +--
 doc/api/schema/Human.html.textile.liquid           |   23 +--
 doc/api/schema/Job.html.textile.liquid             |   56 ++----
 doc/api/schema/JobTask.html.textile.liquid         |   10 +-
 doc/api/schema/KeepDisk.html.textile.liquid        |   21 +--
 doc/api/schema/Link.html.textile.liquid            |   16 +-
 doc/api/schema/Log.html.textile.liquid             |   13 +-
 doc/api/schema/Node.html.textile.liquid            |   23 +--
 .../schema/PipelineInstance.html.textile.liquid    |   23 +--
 .../schema/PipelineTemplate.html.textile.liquid    |   25 +--
 doc/api/schema/Repository.html.textile.liquid      |   21 +--
 doc/api/schema/Specimen.html.textile.liquid        |   23 +--
 doc/api/schema/Trait.html.textile.liquid           |   23 +--
 doc/api/schema/User.html.textile.liquid            |   23 +--
 doc/api/schema/VirtualMachine.html.textile.liquid  |   21 +--
 .../create-standard-objects.html.textile.liquid    |   10 +-
 doc/install/install-api-server.html.textile.liquid |   87 ++++++---
 .../install-crunch-dispatch.html.textile.liquid    |    2 +-
 .../install-workbench-app.html.textile.liquid      |   42 ++++-
 .../getting_started/ssh-access.html.textile.liquid |   42 ++--
 doc/user/index.html.textile.liquid                 |   10 +-
 doc/user/reference/api-tokens.html.textile.liquid  |    2 +-
 doc/user/topics/keep.html.textile.liquid           |    4 +-
 ...nning-pipeline-command-line.html.textile.liquid |    4 +-
 .../topics/tutorial-job-debug.html.textile.liquid  |    6 +-
 doc/user/topics/tutorial-job1.html.textile.liquid  |   10 +-
 .../topics/tutorial-parallel.html.textile.liquid   |    8 +-
 .../tutorial-trait-search.html.textile.liquid      |   28 ++--
 .../tutorials/intro-crunch.html.textile.liquid     |    2 +-
 .../running-external-program.html.textile.liquid   |    6 +-
 .../tutorial-firstscript.html.textile.liquid       |   24 ++--
 .../tutorials/tutorial-keep.html.textile.liquid    |    4 +-
 .../tutorial-new-pipeline.html.textile.liquid      |    6 +-
 sdk/cli/bin/arv-run-pipeline-instance              |   38 +++--
 services/api/.gitignore                            |   20 +--
 .../api/app/controllers/api_clients_controller.rb  |    2 -
 .../api/app/controllers/application_controller.rb  |  195 ++++++++++++++------
 .../v1/api_client_authorizations_controller.rb     |   29 ++-
 .../app/controllers/arvados/v1/jobs_controller.rb  |   31 ++--
 .../api/app/controllers/collections_controller.rb  |    2 -
 .../app/controllers/commit_ancestors_controller.rb |    2 -
 services/api/app/controllers/commits_controller.rb |    2 -
 services/api/app/controllers/nodes_controller.rb   |   30 ---
 .../controllers/pipeline_instances_controller.rb   |    2 -
 services/api/app/controllers/users_controller.rb   |    2 -
 services/api/app/models/group.rb                   |    1 +
 services/api/app/models/job.rb                     |    2 +-
 services/api/app/models/pipeline_instance.rb       |    2 +-
 services/api/config/application.rb                 |    2 +
 services/api/config/database.yml.sample            |    8 +-
 services/api/config/routes.rb                      |  163 +++++------------
 .../20140421140924_add_group_class_to_groups.rb    |    6 +
 .../20140421151939_rename_auth_keys_user_index.rb  |   11 +
 .../migrate/20140421151940_timestamps_not_null.rb  |   13 ++
 services/api/db/schema.rb                          |    4 +-
 services/api/lib/assign_uuid.rb                    |   11 +-
 services/api/lib/common_api_template.rb            |    1 -
 services/api/test/fixtures/groups.yml              |   24 +++
 services/api/test/fixtures/links.yml               |   28 +++
 services/api/test/fixtures/pipeline_instances.yml  |   19 ++-
 services/api/test/fixtures/specimens.yml           |   12 ++
 .../api/test/functional/admin_notifier_test.rb     |    7 -
 .../api_client_authorizations_controller_test.rb   |   43 +++--
 .../arvados/v1/collections_controller_test.rb      |    6 +-
 .../arvados/v1/groups_controller_test.rb           |  112 +++++++++++
 .../arvados/v1/job_reuse_controller_test.rb        |  132 ++++++++++++--
 .../arvados/v1/keep_disks_controller_test.rb       |    2 +-
 .../functional/arvados/v1/links_controller_test.rb |    2 +-
 .../functional/arvados/v1/nodes_controller_test.rb |    4 +-
 .../functional/arvados/v1/users_controller_test.rb |   86 ++++++++-
 .../functional/commit_ancestors_controller_test.rb |    7 -
 .../api/test/functional/commits_controller_test.rb |    7 -
 services/api/test/functional/user_notifier_test.rb |    7 -
 .../api_client_authorizations_api_test.rb          |    6 +-
 .../api/test/integration/collections_api_test.rb   |   24 ++--
 services/api/test/integration/errors_test.rb       |   27 +++
 services/api/test/integration/jobs_api_test.rb     |    4 +-
 services/api/test/integration/permissions_test.rb  |   12 +-
 services/api/test/integration/valid_links_test.rb  |    2 +-
 services/api/test/test_helper.rb                   |    8 +-
 services/api/test/unit/pipeline_instance_test.rb   |   36 +++--
 125 files changed, 1411 insertions(+), 1666 deletions(-)
 create mode 100644 apps/workbench/app/views/users/storage.html.erb
 delete mode 100644 doc/api/schema/Commit.html.textile.liquid
 delete mode 100644 doc/api/schema/CommitAncestor.html.textile.liquid
 delete mode 100644 services/api/app/controllers/api_clients_controller.rb
 delete mode 100644 services/api/app/controllers/collections_controller.rb
 delete mode 100644 services/api/app/controllers/commit_ancestors_controller.rb
 delete mode 100644 services/api/app/controllers/commits_controller.rb
 delete mode 100644 services/api/app/controllers/nodes_controller.rb
 delete mode 100644 services/api/app/controllers/pipeline_instances_controller.rb
 delete mode 100644 services/api/app/controllers/users_controller.rb
 create mode 100644 services/api/db/migrate/20140421140924_add_group_class_to_groups.rb
 create mode 100644 services/api/db/migrate/20140421151939_rename_auth_keys_user_index.rb
 create mode 100644 services/api/db/migrate/20140421151940_timestamps_not_null.rb
 delete mode 100644 services/api/test/functional/admin_notifier_test.rb
 delete mode 100644 services/api/test/functional/commit_ancestors_controller_test.rb
 delete mode 100644 services/api/test/functional/commits_controller_test.rb
 delete mode 100644 services/api/test/functional/user_notifier_test.rb
 create mode 100644 services/api/test/integration/errors_test.rb

       via  9f7a232bbdce6e1640012c0cca87862b5c1be4f4 (commit)
       via  699b56aacd21b5435f3cee967d21d8d6178e681c (commit)
       via  71b1b7b045419817d1c9dc62a3a296b746d9117c (commit)
       via  6974d01c522e31ca585425fc5c6d5928f62d29b3 (commit)
       via  7fbcd989af9949b11ddfec0c9ebfaa96a655eef4 (commit)
       via  c3457ad20bfd00c99facef396f1dbdbcbdbad241 (commit)
       via  b914818fb9e794dab68c428a52666507352a6770 (commit)
       via  6d2128ae15825ef03472897e09710b176e3cc1d9 (commit)
       via  d61f56590d4c1bc2c965b640698217a5d4af1d8c (commit)
       via  62ce10f18cb083d701471d0fe27e964c85214200 (commit)
       via  f93ebd504f60b3055c254e23ba987ed29e8987b2 (commit)
       via  416374d4bbf381f5689fe2d1c72705d0796e8382 (commit)
       via  f078a2d38f8bfe17732d171895fa23471f8217c1 (commit)
       via  288ea0d2e35bf94d8a9f0bc609bac1467c1c5b9e (commit)
       via  1ba54c139354125459f3a25ad7a2894a02c7d1f4 (commit)
       via  660ebe707d2f7c28648b38ff9be826622fbefd39 (commit)
       via  41863948b43264bbd09358d145177a7fadd864cf (commit)
       via  25e42ea5b6e0751d930ee8ca8e76316eaa04d577 (commit)
       via  19c292c1757bf98ecb3f1979c0b759f54c0aad7a (commit)
       via  b6a0ff1443bb40b52df7b30fd269aa6f05591b31 (commit)
       via  475c550e2ee1377b2f7b2ad9fcfdf392ecbd983b (commit)
       via  ad79a64bd1503e1e47d3849a00b894c4a6bc9810 (commit)
       via  4aef6531076e8c9d00252050d0757b32a22519c1 (commit)
       via  73e28547278ddff84847c12ad7f926e717ae553a (commit)
       via  6f918d1fc451f1ad72350677155a0d67f40a9628 (commit)
       via  2ed4ec45553b9931f78ca88b694f590102ed2bbd (commit)
       via  ca0d33c522fad9b3467f4a58b8fe336665ed493b (commit)
       via  c0aeec88f6507f441796d25ad2dfb49c78185731 (commit)
       via  d6399c117f03f45e83648dca6e23dd7174793253 (commit)
       via  8905037aede017ccdb66dd2850bfbd2284904e4e (commit)
       via  17e1d2d431280a8911ecd1f028de1924a7dc3aed (commit)
       via  7f7cd27d5fc31dc5bbec7f95905fd394a5b317c7 (commit)
       via  8a0051a6fdd00f83e566cc87b88d2ac23ad5487d (commit)
       via  0e7a1577b51111a9d503f21d40582da62c2dd7b9 (commit)
       via  7cbc35ccbc4d78bb43c901e197a1746a325173c0 (commit)
       via  7fc48a11da8740deb01b0063faa2ceb687709205 (commit)
       via  694e4fdd124150f1b0a237ce6a698f3d00d92eb9 (commit)
       via  7efcc87e3cba4f03429751f9f3d109cc88e6926c (commit)
       via  75fa6afdd3f0f85d48e7a95372dd8cf094811221 (commit)
       via  d2d9ff48a6c111293340ac351f94428e5204366f (commit)
       via  d325f035a861d1421f6e2fe0d2f01e9f3e93d749 (commit)
       via  61f4536217e0beeafab54a8b66d40f859fdd1306 (commit)
       via  04e99ad773e4a47dabc7f0e1b624f67a00ff00b9 (commit)
       via  6f6c9a2c6e7b871ad9ee592f45ebfdb7f5f26ee1 (commit)
       via  deed6e331c70c4410b161f260e2b93fa71b39d50 (commit)
       via  44480d99e71e1868f61024035d7d58acd69eac50 (commit)
       via  448cff33fc343a54caa1a33f4a536d88e3e4eaa1 (commit)
       via  5588c452453499d0aa130abe6421df5e85cf5703 (commit)
       via  cc6030b1b1b2f056ee63873e042077fe0f0dd64f (commit)
       via  2c157382b1ecf0175f0356d6c3a457dca942f5f3 (commit)
       via  39e3f82b53db6a86f17ef1f7aa63a6c4ba155a1c (commit)
       via  eded84b99309a2cc84ba5cabb29c8f218cbcb599 (commit)
       via  5d83a6b6e8a76bfa79a9929c0658eeb7409c4574 (commit)
       via  153056777f77f09a6d29543e73db315a7fb6b0fb (commit)
       via  172496748cb0a149426e8a10cb4fd1c64e20dbe7 (commit)
       via  61ddcaf192e3f39ed8a1242f35bf1b28ff1fe121 (commit)
       via  3e7478a9a822686e1b5291fb0909a2ee2fcfeace (commit)
       via  441549528f2fcea8e55fde62416a69f2bfc6816d (commit)
       via  8f03c71e76376e8fa767d049a06d55836c94444c (commit)
       via  b49b532b27ec9013e088eb48d43de75b5e5a7d9c (commit)
       via  3a1eb3b2205c10236faa28ad9731c8b515533500 (commit)
       via  4f4c0d83cee7cd6783cfb20ac8d79687b8912e4a (commit)
       via  bef270550d49533c46df8741db9f9dfa67afc1b8 (commit)
       via  c3e86c9c7d6c01929152259f8b53a8f48853380c (commit)
       via  56b07eaa6ad92b04d31098913632a397c4aa62d5 (commit)
       via  edc4704eb45c67aaad8428dc493e4e07480b86e3 (commit)
       via  a1a8d260132fc8884c0296fd925b531ef9cc575d (commit)
      from  deb9df305fbe98e244e3f93607ac661fc8263717 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 9f7a232bbdce6e1640012c0cca87862b5c1be4f4
Author: Brett Smith <brett at curoverse.com>
Date:   Mon Apr 28 13:01:18 2014 -0400

    api: Support filters in API client auths index.
    
    Per comments on Refs #1904.  filters is generally the preferred way to
    do searching now.  I maintained existing limits on what can be
    searched with this method.

diff --git a/services/api/app/controllers/application_controller.rb b/services/api/app/controllers/application_controller.rb
index a86e35b..b091397 100644
--- a/services/api/app/controllers/application_controller.rb
+++ b/services/api/app/controllers/application_controller.rb
@@ -207,6 +207,10 @@ class ApplicationController < ActionController::Base
     end
   end
 
+  def default_orders
+    ["#{table_name}.modified_at desc"]
+  end
+
   def load_limit_offset_order_params
     if params[:limit]
       unless params[:limit].to_s.match(/^\d+$/)
@@ -239,7 +243,7 @@ class ApplicationController < ActionController::Base
       end
     end
     if @orders.empty?
-      @orders << "#{table_name}.modified_at desc"
+      @orders = default_orders
     end
   end
 
diff --git a/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb b/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
index ff322a7..3daeae2 100644
--- a/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
+++ b/services/api/app/controllers/arvados/v1/api_client_authorizations_controller.rb
@@ -34,20 +34,31 @@ class Arvados::V1::ApiClientAuthorizationsController < ApplicationController
 
   protected
 
+  def default_orders
+    ["#{table_name}.created_at desc"]
+  end
+
   def find_objects_for_index
     # Here we are deliberately less helpful about searching for client
-    # authorizations. Rather than use the generic index/where/order
-    # features, we look up tokens belonging to the current user and
-    # filter by exact match on api_token (which we expect in the form
-    # of a where[uuid] parameter to make things easier for API client
-    # libraries).
+    # authorizations.  We look up tokens belonging to the current user
+    # and filter by exact matches on api_token and scopes.
+    wanted_scopes = [@where.andand['scopes']]
+    if @filters
+      wanted_scopes.concat(@filters.map { |attr, operator, operand|
+        ((attr == 'scopes') and (operator == '=')) ? operand : nil
+      })
+    end
+    @where.andand.select! { |attr, val| attr == 'uuid' }
+    @filters.andand.select! { |attr, operator, operand|
+      (attr == 'uuid') and (operator == '=')
+    }
     @objects = model_class.
       includes(:user, :api_client).
-      where('user_id=? and (? or api_token=?)', current_user.id, !@where['uuid'], @where['uuid']).
-      order('created_at desc')
-    unless @where['scopes'].nil?
+      where('user_id=?', current_user.id)
+    super
+    wanted_scopes.compact.each do |scope_list|
       @objects = @objects.select { |auth|
-        (auth.scopes & @where['scopes']) == (auth.scopes | @where['scopes'])
+        (auth.scopes & scope_list) == (auth.scopes | scope_list)
       }
     end
   end
diff --git a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
index 0072792..8877719 100644
--- a/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/api_client_authorizations_controller_test.rb
@@ -37,22 +37,33 @@ class Arvados::V1::ApiClientAuthorizationsControllerTest < ActionController::Tes
     assert_response 403
   end
 
-  test "admin search filters where scopes exactly match" do
-    def check_tokens_by_scopes(scopes, *expected_tokens)
-      expected_tokens.map! { |name| api_client_authorizations(name).api_token }
-      get :index, where: {scopes: scopes}
-      assert_response :success
-      got_tokens = JSON.parse(@response.body)['items']
-        .map { |auth| auth['api_token'] }
-      assert_equal(expected_tokens.sort, got_tokens.sort,
-                   "wrong results for scopes = #{scopes}")
+  def assert_found_tokens(auth, search_params, *expected_tokens)
+    authorize_with auth
+    expected_tokens.map! { |name| api_client_authorizations(name).api_token }
+    get :index, search_params
+    assert_response :success
+    got_tokens = JSON.parse(@response.body)['items']
+      .map { |auth| auth['api_token'] }
+    assert_equal(expected_tokens.sort, got_tokens.sort,
+                 "wrong results for #{search_params.inspect}")
+  end
+
+  # Three-tuples with auth to use, scopes to find, and expected tokens.
+  # Make two tests for each tuple, one searching with where and the other
+  # with filter.
+  [[:admin_trustedclient, [], :admin_noscope],
+   [:active_trustedclient, ["GET /arvados/v1/users"], :active_userlist],
+   [:active_trustedclient,
+    ["POST /arvados/v1/api_client_authorizations",
+     "GET /arvados/v1/api_client_authorizations"],
+    :active_apitokens],
+  ].each do |auth, scopes, *expected|
+    test "#{auth.to_s} can find auths where scopes=#{scopes.inspect}" do
+      assert_found_tokens(auth, {where: {scopes: scopes}}, *expected)
+    end
+
+    test "#{auth.to_s} can find auths filtered with scopes=#{scopes.inspect}" do
+      assert_found_tokens(auth, {filters: [['scopes', '=', scopes]]}, *expected)
     end
-    authorize_with :admin_trustedclient
-    check_tokens_by_scopes([], :admin_noscope)
-    authorize_with :active_trustedclient
-    check_tokens_by_scopes(["GET /arvados/v1/users"], :active_userlist)
-    check_tokens_by_scopes(["POST /arvados/v1/api_client_authorizations",
-                            "GET /arvados/v1/api_client_authorizations"],
-                           :active_apitokens)
   end
 end

commit 699b56aacd21b5435f3cee967d21d8d6178e681c
Merge: 6974d01 71b1b7b
Author: Brett Smith <brett at curoverse.com>
Date:   Mon Apr 28 11:04:07 2014 -0400

    Merge branch 'master' into 1904-object-scopes-wip


commit 6974d01c522e31ca585425fc5c6d5928f62d29b3
Merge: deb9df3 7fbcd98
Author: Brett Smith <brett at curoverse.com>
Date:   Mon Apr 28 09:51:18 2014 -0400

    Merge branch 'master' into 1904-object-scopes-wip

diff --cc services/api/app/controllers/application_controller.rb
index c9e7150,713f2cf..a86e35b
--- a/services/api/app/controllers/application_controller.rb
+++ b/services/api/app/controllers/application_controller.rb
@@@ -7,12 -7,9 +7,9 @@@ class ApplicationController < ActionCon
    around_filter :thread_with_auth_info, :except => [:render_error, :render_not_found]
  
    before_filter :remote_ip
 -  before_filter :require_auth_scope_all, :except => :render_not_found
 +  before_filter :require_auth_scope, :except => :render_not_found
    before_filter :catch_redirect_hint
  
-   before_filter :load_where_param, :only => :index
-   before_filter :load_filters_param, :only => :index
-   before_filter :find_objects_for_index, :only => :index
    before_filter :find_object_by_uuid, :except => [:index, :create,
                                                    :render_error,
                                                    :render_not_found]

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list