[ARVADOS] updated: 063c5461ff2a709455536c759d849d2f393bda68

git at public.curoverse.com git at public.curoverse.com
Tue Feb 3 17:21:57 EST 2015 

Summary of changes:
 apps/workbench/app/controllers/collections_controller.rb  |  7 +++----
 .../test/controllers/collections_controller_test.rb       | 15 +++++++++------
 2 files changed, 12 insertions(+), 10 deletions(-)

       via  063c5461ff2a709455536c759d849d2f393bda68 (commit)
      from  e0619201d96eb7f9cb8229d1c883f0665d1488ba (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 063c5461ff2a709455536c759d849d2f393bda68
Author: Tom Clegg <tom at curoverse.com>
Date:   Tue Feb 3 17:22:53 2015 -0500

    2659: Do not ask to skip_around_filter(only:...) and skip_around_filter(if:...) for the same filter, because that doesn't work.

diff --git a/apps/workbench/app/controllers/collections_controller.rb b/apps/workbench/app/controllers/collections_controller.rb
index 613ed98..6fcede2 100644
--- a/apps/workbench/app/controllers/collections_controller.rb
+++ b/apps/workbench/app/controllers/collections_controller.rb
@@ -4,11 +4,10 @@ class CollectionsController < ApplicationController
   include ActionController::Live
 
   skip_around_filter :require_thread_api_token, if: proc { |ctrl|
-    Rails.configuration.anonymous_user_token and
-    'show' == ctrl.action_name
+    (Rails.configuration.anonymous_user_token and
+     'show' == ctrl.action_name) or
+    %w(show_file show_file_links).include? ctrl.action_name
   }
-  skip_around_filter(:require_thread_api_token,
-                     only: [:show_file, :show_file_links])
   skip_before_filter(:find_object_by_uuid,
                      only: [:provenance, :show_file, :show_file_links])
   # We depend on show_file to display the user agreement:
diff --git a/apps/workbench/test/controllers/collections_controller_test.rb b/apps/workbench/test/controllers/collections_controller_test.rb
index 14db674..67fc5c3 100644
--- a/apps/workbench/test/controllers/collections_controller_test.rb
+++ b/apps/workbench/test/controllers/collections_controller_test.rb
@@ -174,12 +174,15 @@ class CollectionsControllerTest < ActionController::TestCase
                      "using a reader token set the session's API token")
   end
 
-  test "trying to get from Keep with an unscoped reader token prompts login" do
-    params = collection_params(:foo_file, 'foo')
-    params[:reader_token] =
-      api_fixture('api_client_authorizations')['active_noscope']['api_token']
-    get(:show_file, params)
-    assert_response :redirect
+  [false, true].each do |anon_conf|
+    test "trying to get from Keep with an unscoped reader token prompts login (anon_configured=#{anon_conf})" do
+      Rails.configuration.anonymous_user_token = anon_conf
+      params = collection_params(:foo_file, 'foo')
+      params[:reader_token] =
+        api_fixture('api_client_authorizations')['active_noscope']['api_token']
+      get(:show_file, params)
+      assert_response :redirect
+    end
   end
 
   test "can get a file with an unpermissioned auth but in-scope reader token" do

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list