[arvados] created: 2.4.1-15-g549ad3ac5
git repository hosting
git at public.arvados.org
Wed Aug 3 20:33:17 UTC 2022
at 549ad3ac5dd288d549ec8310f2dc84509e260a60 (commit)
commit 549ad3ac5dd288d549ec8310f2dc84509e260a60
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Wed Aug 3 15:49:09 2022 -0400
Merge branch '19328-security-policy' refs #19328
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/.licenseignore b/.licenseignore
index 203c378bd..6ddb5c009 100644
--- a/.licenseignore
+++ b/.licenseignore
@@ -92,3 +92,4 @@ sdk/cwl/tests/wf/hello.txt
sdk/cwl/tests/wf/indir1/hello2.txt
sdk/cwl/tests/chipseq/data/Genomes/*
CITATION.cff
+SECURITY.md
\ No newline at end of file
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..4e16ed5f7
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,42 @@
+# Arvados Project Security Policy
+
+## Supported Versions
+
+The Arvados project will issue security fixes by making point releases
+on the current stable release series (X.Y.0, X.Y.1, X.Y.2, etc).
+
+The most recent stable release version, along with release notes and
+upgrade notes documenting security fixes, can be found at these
+locations:
+
+https://arvados.org/releases/
+
+https://doc.arvados.org/admin/upgrading.html
+
+The Arvados project does not support versions older than the current
+stable release except by special arrangement (contact info at curii.com).
+
+Release announcements, including notification of security fixes, are
+sent to the Arvados announcement list:
+
+https://lists.arvados.org//mailman/listinfo/arvados
+
+## Reporting Security Issues
+
+If you believe you have found a security vulnerability in any Arvados-owned repository, please report it to us through coordinated disclosure.
+
+**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Instead, please send an email to dev at curii.com.
+
+Please include as much of the information listed below as you can to help us better understand and resolve the issue:
+
+ * The type of issue (e.g., remote code execution, SQL injection, or cross-site scripting)
+ * Full paths of source file(s) related to the manifestation of the issue
+ * The location of the affected source code (tag/branch/commit or direct URL)
+ * Any special configuration required to reproduce the issue
+ * Step-by-step instructions to reproduce the issue
+ * Proof-of-concept or exploit code (if possible)
+ * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
commit 38cbc26130805a748086384e7bea966cfaf34e09
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Fri Jul 22 12:21:57 2022 -0300
Merge branch '19291-tzinfo-upgrade'. Closes #19291
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/apps/workbench/Gemfile.lock b/apps/workbench/Gemfile.lock
index 1102ca103..a70add7af 100644
--- a/apps/workbench/Gemfile.lock
+++ b/apps/workbench/Gemfile.lock
@@ -291,7 +291,7 @@ GEM
thor (1.2.1)
thread_safe (0.3.6)
tilt (2.0.9)
- tzinfo (1.2.9)
+ tzinfo (1.2.10)
thread_safe (~> 0.1)
uglifier (2.7.2)
execjs (>= 0.3.0)
diff --git a/services/api/Gemfile.lock b/services/api/Gemfile.lock
index bc6215496..6bc53be4f 100644
--- a/services/api/Gemfile.lock
+++ b/services/api/Gemfile.lock
@@ -222,7 +222,7 @@ GEM
power_assert
thor (1.2.1)
thread_safe (0.3.6)
- tzinfo (1.2.9)
+ tzinfo (1.2.10)
thread_safe (~> 0.1)
websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0)
commit c9c74e8e41c87c3b8650d3eff1ab2bc6331b0a7e
Author: Tom Clegg <tom at curii.com>
Date: Mon Jul 25 13:30:11 2022 -0400
Merge branch '19296-remove-recursive'
fixes #19296
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --git a/sdk/python/arvados/collection.py b/sdk/python/arvados/collection.py
index a44d42b6a..998481ab6 100644
--- a/sdk/python/arvados/collection.py
+++ b/sdk/python/arvados/collection.py
@@ -827,7 +827,7 @@ class RichCollectionBase(CollectionBase):
self.set_committed(False)
self.notify(DEL, self, pathcomponents[0], deleteditem)
else:
- item.remove(pathcomponents[1])
+ item.remove(pathcomponents[1], recursive=recursive)
def _clonefrom(self, source):
for k,v in listitems(source):
diff --git a/sdk/python/tests/test_collections.py b/sdk/python/tests/test_collections.py
index 5cf4993b2..b4849c21f 100644
--- a/sdk/python/tests/test_collections.py
+++ b/sdk/python/tests/test_collections.py
@@ -969,6 +969,20 @@ class NewCollectionTestCase(unittest.TestCase, CollectionTestMixin):
with self.assertRaises(arvados.errors.ArgumentError):
c.remove("")
+ def test_remove_recursive(self):
+ c = Collection('. 781e5e245d69b566979b86e28d23f2c7+10 0:10:a/b/c/d/efg.txt 0:10:xyz.txt\n')
+ self.assertEqual(". 781e5e245d69b566979b86e28d23f2c7+10 0:10:xyz.txt\n./a/b/c/d 781e5e245d69b566979b86e28d23f2c7+10 0:10:efg.txt\n", c.portable_manifest_text())
+ self.assertIn("a", c)
+ self.assertEqual(1, len(c["a"].keys()))
+ # cannot remove non-empty directory with default recursive=False
+ with self.assertRaises(OSError):
+ c.remove("a/b")
+ with self.assertRaises(OSError):
+ c.remove("a/b/c/d")
+ c.remove("a/b", recursive=True)
+ self.assertEqual(0, len(c["a"].keys()))
+ self.assertEqual(". 781e5e245d69b566979b86e28d23f2c7+10 0:10:xyz.txt\n./a d41d8cd98f00b204e9800998ecf8427e+0 0:0:\\056\n", c.portable_manifest_text())
+
def test_find(self):
c = Collection('. 781e5e245d69b566979b86e28d23f2c7+10 0:10:count1.txt 0:10:count2.txt\n')
self.assertIs(c.find("."), c)
commit 71774e0e8890a77cfc08871fa30351409ec7f91c
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Thu Jul 28 11:33:35 2022 -0300
Merge branch '19297-inexistent-field-filter-fix'. Closes #19297
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/services/api/app/controllers/arvados/v1/groups_controller.rb b/services/api/app/controllers/arvados/v1/groups_controller.rb
index 3473c7e4e..e9bc006a3 100644
--- a/services/api/app/controllers/arvados/v1/groups_controller.rb
+++ b/services/api/app/controllers/arvados/v1/groups_controller.rb
@@ -263,6 +263,9 @@ class Arvados::V1::GroupsController < ApplicationController
included_by_uuid = {}
seen_last_class = false
+ error_by_class = {}
+ any_success = false
+
klasses.each do |klass|
# check if current klass is same as params['last_object_class']
seen_last_class = true if((params['count'].andand.==('none')) and
@@ -318,7 +321,19 @@ class Arvados::V1::GroupsController < ApplicationController
# Adjust the limit based on number of objects fetched so far
klass_limit = limit_all - all_objects.count
@limit = klass_limit
- apply_where_limit_order_params klass
+
+ begin
+ apply_where_limit_order_params klass
+ rescue ArgumentError => e
+ if e.inspect =~ /Invalid attribute '.+' for operator '.+' in filter/ or
+ e.inspect =~ /Invalid attribute '.+' for subproperty filter/
+ error_by_class[klass.name] = e
+ next
+ end
+ raise
+ else
+ any_success = true
+ end
# This actually fetches the objects
klass_object_list = object_list(model_class: klass)
@@ -349,6 +364,14 @@ class Arvados::V1::GroupsController < ApplicationController
end
end
+ # Only error out when every searchable object type errored out
+ if !any_success && error_by_class.size > 0
+ error_msg = error_by_class.collect do |klass, err|
+ "#{err} on object type #{klass}"
+ end.join("\n")
+ raise ArgumentError.new(error_msg)
+ end
+
if params["include"]
@extra_included = included_by_uuid.values
end
diff --git a/services/api/lib/record_filters.rb b/services/api/lib/record_filters.rb
index 2f5b67074..65c25810a 100644
--- a/services/api/lib/record_filters.rb
+++ b/services/api/lib/record_filters.rb
@@ -136,7 +136,7 @@ module RecordFilters
raise ArgumentError.new("Invalid operator for subproperty search '#{operator}'")
end
elsif operator == "exists"
- if col.type != :jsonb
+ if col.nil? or col.type != :jsonb
raise ArgumentError.new("Invalid attribute '#{attr}' for operator '#{operator}' in filter")
end
diff --git a/services/api/test/functional/arvados/v1/filters_test.rb b/services/api/test/functional/arvados/v1/filters_test.rb
index dd8eeaa7b..3916d63c5 100644
--- a/services/api/test/functional/arvados/v1/filters_test.rb
+++ b/services/api/test/functional/arvados/v1/filters_test.rb
@@ -236,6 +236,58 @@ class Arvados::V1::FiltersTest < ActionController::TestCase
json_response['errors'].join(' '))
end
+ test "groups contents with properties filter succeeds on objects with properties field" do
+ @controller = Arvados::V1::GroupsController.new
+ authorize_with :admin
+ get :contents, params: {
+ filters: [
+ ['properties', 'exists', 'foo'],
+ ['uuid', 'is_a', ["arvados#group","arvados#collection","arvados#containerRequest"]],
+ ]
+ }
+ assert_response 200
+ assert json_response['items'].length == 0
+ end
+
+ # Tests bug #19297
+ test "groups contents with properties filter succeeds on some objects with properties field" do
+ @controller = Arvados::V1::GroupsController.new
+ authorize_with :admin
+ get :contents, params: {
+ filters: [
+ ['properties', 'exists', 'foo'],
+ ['uuid', 'is_a', ["arvados#group","arvados#workflow"]],
+ ]
+ }
+ assert_response 200
+ assert json_response['items'].length == 0
+ end
+
+ # Tests bug #19297
+ test "groups contents with properties filter fails on objects without properties field" do
+ @controller = Arvados::V1::GroupsController.new
+ authorize_with :admin
+ get :contents, params: {
+ filters: [
+ ['properties', 'exists', 'foo'],
+ ['uuid', 'is_a', ["arvados#workflow"]],
+ ]
+ }
+ assert_response 422
+ assert_match(/Invalid attribute 'properties' for operator 'exists'.*on object type Workflow/, json_response['errors'].join(' '))
+ end
+
+ test "groups contents without filters and limit=0, count=none" do
+ @controller = Arvados::V1::GroupsController.new
+ authorize_with :admin
+ get :contents, params: {
+ limit: 0,
+ count: 'none',
+ }
+ assert_response 200
+ assert json_response['items'].length == 0
+ end
+
test "replication_desired = 2" do
@controller = Arvados::V1::CollectionsController.new
authorize_with :admin
commit 5975bd3171a0cba95a4d3a9c400dba859a867c99
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Tue Jul 19 14:03:54 2022 -0300
Merge branch '19278-activerecord-update'. Closes #19278
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/apps/workbench/Gemfile.lock b/apps/workbench/Gemfile.lock
index ebb4b64c6..1102ca103 100644
--- a/apps/workbench/Gemfile.lock
+++ b/apps/workbench/Gemfile.lock
@@ -16,43 +16,43 @@ GEM
remote: https://rubygems.org/
specs:
RedCloth (4.3.2)
- actioncable (5.2.8)
- actionpack (= 5.2.8)
+ actioncable (5.2.8.1)
+ actionpack (= 5.2.8.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
- actionmailer (5.2.8)
- actionpack (= 5.2.8)
- actionview (= 5.2.8)
- activejob (= 5.2.8)
+ actionmailer (5.2.8.1)
+ actionpack (= 5.2.8.1)
+ actionview (= 5.2.8.1)
+ activejob (= 5.2.8.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
- actionpack (5.2.8)
- actionview (= 5.2.8)
- activesupport (= 5.2.8)
+ actionpack (5.2.8.1)
+ actionview (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
- actionview (5.2.8)
- activesupport (= 5.2.8)
+ actionview (5.2.8.1)
+ activesupport (= 5.2.8.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
- activejob (5.2.8)
- activesupport (= 5.2.8)
+ activejob (5.2.8.1)
+ activesupport (= 5.2.8.1)
globalid (>= 0.3.6)
- activemodel (5.2.8)
- activesupport (= 5.2.8)
- activerecord (5.2.8)
- activemodel (= 5.2.8)
- activesupport (= 5.2.8)
+ activemodel (5.2.8.1)
+ activesupport (= 5.2.8.1)
+ activerecord (5.2.8.1)
+ activemodel (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
arel (>= 9.0)
- activestorage (5.2.8)
- actionpack (= 5.2.8)
- activerecord (= 5.2.8)
+ activestorage (5.2.8.1)
+ actionpack (= 5.2.8.1)
+ activerecord (= 5.2.8.1)
marcel (~> 1.0.0)
- activesupport (5.2.8)
+ activesupport (5.2.8.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
@@ -179,7 +179,7 @@ GEM
net-ssh-gateway (2.0.0)
net-ssh (>= 4.0.0)
nio4r (2.5.8)
- nokogiri (1.13.6)
+ nokogiri (1.13.7)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
npm-rails (0.2.1)
@@ -200,23 +200,23 @@ GEM
websocket-driver (>= 0.2.0)
public_suffix (4.0.6)
racc (1.6.0)
- rack (2.2.3.1)
+ rack (2.2.4)
rack-mini-profiler (1.0.2)
rack (>= 1.2.0)
- rack-test (1.1.0)
- rack (>= 1.0, < 3)
- rails (5.2.8)
- actioncable (= 5.2.8)
- actionmailer (= 5.2.8)
- actionpack (= 5.2.8)
- actionview (= 5.2.8)
- activejob (= 5.2.8)
- activemodel (= 5.2.8)
- activerecord (= 5.2.8)
- activestorage (= 5.2.8)
- activesupport (= 5.2.8)
+ rack-test (2.0.2)
+ rack (>= 1.3)
+ rails (5.2.8.1)
+ actioncable (= 5.2.8.1)
+ actionmailer (= 5.2.8.1)
+ actionpack (= 5.2.8.1)
+ actionview (= 5.2.8.1)
+ activejob (= 5.2.8.1)
+ activemodel (= 5.2.8.1)
+ activerecord (= 5.2.8.1)
+ activestorage (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
bundler (>= 1.3.0)
- railties (= 5.2.8)
+ railties (= 5.2.8.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
@@ -228,9 +228,9 @@ GEM
rails-html-sanitizer (1.4.3)
loofah (~> 2.3)
rails-perftest (0.0.7)
- railties (5.2.8)
- actionpack (= 5.2.8)
- activesupport (= 5.2.8)
+ railties (5.2.8.1)
+ actionpack (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
diff --git a/services/api/Gemfile.lock b/services/api/Gemfile.lock
index 49fa58493..bc6215496 100644
--- a/services/api/Gemfile.lock
+++ b/services/api/Gemfile.lock
@@ -8,43 +8,43 @@ GIT
GEM
remote: https://rubygems.org/
specs:
- actioncable (5.2.8)
- actionpack (= 5.2.8)
+ actioncable (5.2.8.1)
+ actionpack (= 5.2.8.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
- actionmailer (5.2.8)
- actionpack (= 5.2.8)
- actionview (= 5.2.8)
- activejob (= 5.2.8)
+ actionmailer (5.2.8.1)
+ actionpack (= 5.2.8.1)
+ actionview (= 5.2.8.1)
+ activejob (= 5.2.8.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
- actionpack (5.2.8)
- actionview (= 5.2.8)
- activesupport (= 5.2.8)
+ actionpack (5.2.8.1)
+ actionview (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
- actionview (5.2.8)
- activesupport (= 5.2.8)
+ actionview (5.2.8.1)
+ activesupport (= 5.2.8.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
- activejob (5.2.8)
- activesupport (= 5.2.8)
+ activejob (5.2.8.1)
+ activesupport (= 5.2.8.1)
globalid (>= 0.3.6)
- activemodel (5.2.8)
- activesupport (= 5.2.8)
- activerecord (5.2.8)
- activemodel (= 5.2.8)
- activesupport (= 5.2.8)
+ activemodel (5.2.8.1)
+ activesupport (= 5.2.8.1)
+ activerecord (5.2.8.1)
+ activemodel (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
arel (>= 9.0)
- activestorage (5.2.8)
- actionpack (= 5.2.8)
- activerecord (= 5.2.8)
+ activestorage (5.2.8.1)
+ actionpack (= 5.2.8.1)
+ activerecord (= 5.2.8.1)
marcel (~> 1.0.0)
- activesupport (5.2.8)
+ activesupport (5.2.8.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
@@ -140,7 +140,7 @@ GEM
multi_json (1.15.0)
multipart-post (2.1.1)
nio4r (2.5.8)
- nokogiri (1.13.6)
+ nokogiri (1.13.7)
mini_portile2 (~> 2.8.0)
racc (~> 1.4)
oj (3.9.2)
@@ -153,21 +153,21 @@ GEM
power_assert (1.1.4)
public_suffix (4.0.6)
racc (1.6.0)
- rack (2.2.3.1)
- rack-test (1.1.0)
- rack (>= 1.0, < 3)
- rails (5.2.8)
- actioncable (= 5.2.8)
- actionmailer (= 5.2.8)
- actionpack (= 5.2.8)
- actionview (= 5.2.8)
- activejob (= 5.2.8)
- activemodel (= 5.2.8)
- activerecord (= 5.2.8)
- activestorage (= 5.2.8)
- activesupport (= 5.2.8)
+ rack (2.2.4)
+ rack-test (2.0.2)
+ rack (>= 1.3)
+ rails (5.2.8.1)
+ actioncable (= 5.2.8.1)
+ actionmailer (= 5.2.8.1)
+ actionpack (= 5.2.8.1)
+ actionview (= 5.2.8.1)
+ activejob (= 5.2.8.1)
+ activemodel (= 5.2.8.1)
+ activerecord (= 5.2.8.1)
+ activestorage (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
bundler (>= 1.3.0)
- railties (= 5.2.8)
+ railties (= 5.2.8.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
@@ -181,9 +181,9 @@ GEM
rails-observers (0.1.5)
activemodel (>= 4.0)
rails-perftest (0.0.7)
- railties (5.2.8)
- actionpack (= 5.2.8)
- activesupport (= 5.2.8)
+ railties (5.2.8.1)
+ actionpack (= 5.2.8.1)
+ activesupport (= 5.2.8.1)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
commit c3fd4f9725088b539f8f36f69d796a3a9fcbd44b
Author: Tom Clegg <tom at curii.com>
Date: Tue Jun 21 15:31:44 2022 -0400
Merge branch '19192-fix-deadlock'
refs #19192
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --git a/sdk/go/arvados/fs_base.go b/sdk/go/arvados/fs_base.go
index bebb74261..ce9253ab3 100644
--- a/sdk/go/arvados/fs_base.go
+++ b/sdk/go/arvados/fs_base.go
@@ -415,7 +415,7 @@ func (n *treenode) MemorySize() (size int64) {
for _, inode := range n.inodes {
size += inode.MemorySize()
}
- return
+ return 64 + size
}
type fileSystem struct {
diff --git a/sdk/go/arvados/fs_collection.go b/sdk/go/arvados/fs_collection.go
index f4dae746e..ccfbdc4da 100644
--- a/sdk/go/arvados/fs_collection.go
+++ b/sdk/go/arvados/fs_collection.go
@@ -1159,15 +1159,17 @@ func (dn *dirnode) MemorySize() (size int64) {
case *dirnode:
size += node.MemorySize()
case *filenode:
+ size += 64
for _, seg := range node.segments {
switch seg := seg.(type) {
case *memSegment:
size += int64(seg.Len())
}
+ size += 64
}
}
}
- return
+ return 64 + size
}
// caller must have write lock.
diff --git a/sdk/go/arvados/fs_collection_test.go b/sdk/go/arvados/fs_collection_test.go
index b221aaa08..c2cac3c6c 100644
--- a/sdk/go/arvados/fs_collection_test.go
+++ b/sdk/go/arvados/fs_collection_test.go
@@ -1221,7 +1221,8 @@ func (s *CollectionFSSuite) TestFlushFullBlocksOnly(c *check.C) {
c.Assert(err, check.IsNil)
}
}
- c.Check(fs.MemorySize(), check.Equals, int64(nDirs*67<<20))
+ inodebytes := int64((nDirs*(67*2+1) + 1) * 64)
+ c.Check(fs.MemorySize(), check.Equals, int64(nDirs*67<<20)+inodebytes)
c.Check(flushed, check.Equals, int64(0))
waitForFlush := func(expectUnflushed, expectFlushed int64) {
@@ -1232,27 +1233,27 @@ func (s *CollectionFSSuite) TestFlushFullBlocksOnly(c *check.C) {
}
// Nothing flushed yet
- waitForFlush((nDirs*67)<<20, 0)
+ waitForFlush((nDirs*67)<<20+inodebytes, 0)
// Flushing a non-empty dir "/" is non-recursive and there are
// no top-level files, so this has no effect
fs.Flush("/", false)
- waitForFlush((nDirs*67)<<20, 0)
+ waitForFlush((nDirs*67)<<20+inodebytes, 0)
// Flush the full block in dir0
fs.Flush("dir0", false)
- waitForFlush((nDirs*67-64)<<20, 64<<20)
+ waitForFlush((nDirs*67-64)<<20+inodebytes, 64<<20)
err = fs.Flush("dir-does-not-exist", false)
c.Check(err, check.NotNil)
// Flush full blocks in all dirs
fs.Flush("", false)
- waitForFlush(nDirs*3<<20, nDirs*64<<20)
+ waitForFlush(nDirs*3<<20+inodebytes, nDirs*64<<20)
// Flush non-full blocks, too
fs.Flush("", true)
- waitForFlush(0, nDirs*67<<20)
+ waitForFlush(inodebytes, nDirs*67<<20)
}
// Even when writing lots of files/dirs from different goroutines, as
diff --git a/sdk/go/arvados/fs_lookup.go b/sdk/go/arvados/fs_lookup.go
index 471dc69c8..2bb09995e 100644
--- a/sdk/go/arvados/fs_lookup.go
+++ b/sdk/go/arvados/fs_lookup.go
@@ -6,7 +6,6 @@ package arvados
import (
"os"
- "sync"
"time"
)
@@ -21,9 +20,8 @@ type lookupnode struct {
stale func(time.Time) bool
// internal fields
- staleLock sync.Mutex
- staleAll time.Time
- staleOne map[string]time.Time
+ staleAll time.Time
+ staleOne map[string]time.Time
}
// Sync flushes pending writes for loaded children and, if successful,
@@ -33,29 +31,28 @@ func (ln *lookupnode) Sync() error {
if err != nil {
return err
}
- ln.staleLock.Lock()
+ ln.Lock()
ln.staleAll = time.Time{}
ln.staleOne = nil
- ln.staleLock.Unlock()
+ ln.Unlock()
return nil
}
func (ln *lookupnode) Readdir() ([]os.FileInfo, error) {
- ln.staleLock.Lock()
- defer ln.staleLock.Unlock()
+ ln.Lock()
checkTime := time.Now()
if ln.stale(ln.staleAll) {
all, err := ln.loadAll(ln)
if err != nil {
+ ln.Unlock()
return nil, err
}
for _, child := range all {
- ln.treenode.Lock()
_, err = ln.treenode.Child(child.FileInfo().Name(), func(inode) (inode, error) {
return child, nil
})
- ln.treenode.Unlock()
if err != nil {
+ ln.Unlock()
return nil, err
}
}
@@ -65,6 +62,7 @@ func (ln *lookupnode) Readdir() ([]os.FileInfo, error) {
// newer than ln.staleAll. Reclaim memory.
ln.staleOne = nil
}
+ ln.Unlock()
return ln.treenode.Readdir()
}
@@ -72,8 +70,6 @@ func (ln *lookupnode) Readdir() ([]os.FileInfo, error) {
// children, instead calling loadOne when a non-existing child is
// looked up.
func (ln *lookupnode) Child(name string, replace func(inode) (inode, error)) (inode, error) {
- ln.staleLock.Lock()
- defer ln.staleLock.Unlock()
checkTime := time.Now()
var existing inode
var err error
diff --git a/sdk/go/arvados/fs_site_test.go b/sdk/go/arvados/fs_site_test.go
index bf24efa7e..3abe2b457 100644
--- a/sdk/go/arvados/fs_site_test.go
+++ b/sdk/go/arvados/fs_site_test.go
@@ -11,6 +11,7 @@ import (
"net/http"
"os"
"strings"
+ "sync"
"syscall"
"time"
@@ -372,3 +373,117 @@ func (s *SiteFSSuite) TestSnapshotSplice(c *check.C) {
c.Check(string(buf), check.Equals, string(thisfile))
}
}
+
+func (s *SiteFSSuite) TestLocks(c *check.C) {
+ DebugLocksPanicMode = false
+ done := make(chan struct{})
+ defer close(done)
+ ticker := time.NewTicker(2 * time.Second)
+ go func() {
+ for {
+ timeout := time.AfterFunc(5*time.Second, func() {
+ // c.FailNow() doesn't break deadlock, but this sure does
+ panic("timed out -- deadlock?")
+ })
+ select {
+ case <-done:
+ timeout.Stop()
+ return
+ case <-ticker.C:
+ c.Logf("MemorySize == %d", s.fs.MemorySize())
+ }
+ timeout.Stop()
+ }
+ }()
+ ncolls := 5
+ ndirs := 3
+ nfiles := 5
+ projects := make([]Group, 5)
+ for pnum := range projects {
+ c.Logf("make project %d", pnum)
+ err := s.client.RequestAndDecode(&projects[pnum], "POST", "arvados/v1/groups", nil, map[string]interface{}{
+ "group": map[string]string{
+ "name": fmt.Sprintf("TestLocks project %d", pnum),
+ "owner_uuid": fixtureAProjectUUID,
+ "group_class": "project",
+ },
+ "ensure_unique_name": true,
+ })
+ c.Assert(err, check.IsNil)
+ for cnum := 0; cnum < ncolls; cnum++ {
+ c.Logf("make project %d collection %d", pnum, cnum)
+ var coll Collection
+ err = s.client.RequestAndDecode(&coll, "POST", "arvados/v1/collections", nil, map[string]interface{}{
+ "collection": map[string]string{
+ "name": fmt.Sprintf("TestLocks collection %d", cnum),
+ "owner_uuid": projects[pnum].UUID,
+ },
+ })
+ c.Assert(err, check.IsNil)
+ for d1num := 0; d1num < ndirs; d1num++ {
+ s.fs.Mkdir(fmt.Sprintf("/by_id/%s/dir1-%d", coll.UUID, d1num), 0777)
+ for d2num := 0; d2num < ndirs; d2num++ {
+ s.fs.Mkdir(fmt.Sprintf("/by_id/%s/dir1-%d/dir2-%d", coll.UUID, d1num, d2num), 0777)
+ for fnum := 0; fnum < nfiles; fnum++ {
+ f, err := s.fs.OpenFile(fmt.Sprintf("/by_id/%s/dir1-%d/dir2-%d/file-%d", coll.UUID, d1num, d2num, fnum), os.O_CREATE|os.O_RDWR, 0755)
+ c.Assert(err, check.IsNil)
+ f.Close()
+ f, err = s.fs.OpenFile(fmt.Sprintf("/by_id/%s/dir1-%d/file-%d", coll.UUID, d1num, fnum), os.O_CREATE|os.O_RDWR, 0755)
+ c.Assert(err, check.IsNil)
+ f.Close()
+ }
+ }
+ }
+ }
+ }
+ c.Log("sync")
+ s.fs.Sync()
+ var wg sync.WaitGroup
+ for n := 0; n < 100; n++ {
+ wg.Add(1)
+ go func() {
+ defer wg.Done()
+ for pnum, project := range projects {
+ c.Logf("read project %d", pnum)
+ if pnum%2 == 0 {
+ f, err := s.fs.Open(fmt.Sprintf("/by_id/%s", project.UUID))
+ c.Assert(err, check.IsNil)
+ f.Readdir(-1)
+ f.Close()
+ }
+ for cnum := 0; cnum < ncolls; cnum++ {
+ c.Logf("read project %d collection %d", pnum, cnum)
+ if pnum%2 == 0 {
+ f, err := s.fs.Open(fmt.Sprintf("/by_id/%s/TestLocks collection %d", project.UUID, cnum))
+ c.Assert(err, check.IsNil)
+ _, err = f.Readdir(-1)
+ c.Assert(err, check.IsNil)
+ f.Close()
+ }
+ if pnum%3 == 0 {
+ for d1num := 0; d1num < ndirs; d1num++ {
+ f, err := s.fs.Open(fmt.Sprintf("/by_id/%s/TestLocks collection %d/dir1-%d", project.UUID, cnum, d1num))
+ c.Assert(err, check.IsNil)
+ fis, err := f.Readdir(-1)
+ c.Assert(err, check.IsNil)
+ c.Assert(fis, check.HasLen, ndirs+nfiles)
+ f.Close()
+ }
+ }
+ for d1num := 0; d1num < ndirs; d1num++ {
+ for d2num := 0; d2num < ndirs; d2num++ {
+ f, err := s.fs.Open(fmt.Sprintf("/by_id/%s/TestLocks collection %d/dir1-%d/dir2-%d", project.UUID, cnum, d1num, d2num))
+ c.Assert(err, check.IsNil)
+ fis, err := f.Readdir(-1)
+ c.Assert(err, check.IsNil)
+ c.Assert(fis, check.HasLen, nfiles)
+ f.Close()
+ }
+ }
+ }
+ }
+ }()
+ }
+ wg.Wait()
+ c.Logf("MemorySize == %d", s.fs.MemorySize())
+}
diff --git a/services/keep-web/server_test.go b/services/keep-web/server_test.go
index 2d28dbc5d..ff39f5dca 100644
--- a/services/keep-web/server_test.go
+++ b/services/keep-web/server_test.go
@@ -395,8 +395,10 @@ func (s *IntegrationSuite) TestMetrics(c *check.C) {
c.Check(counters["arvados_keepweb_collectioncache_hits//"].Value, check.Equals, int64(1))
c.Check(counters["arvados_keepweb_collectioncache_pdh_hits//"].Value, check.Equals, int64(1))
c.Check(gauges["arvados_keepweb_collectioncache_cached_manifests//"].Value, check.Equals, float64(1))
- // FooCollection's cached manifest size is 45 ("1f4b0....+45") plus one 51-byte blob signature
- c.Check(gauges["arvados_keepweb_sessions_cached_collection_bytes//"].Value, check.Equals, float64(45+51))
+ // FooCollection's cached manifest size is 45 ("1f4b0....+45")
+ // plus one 51-byte blob signature; session fs counts 3 inodes
+ // * 64 bytes.
+ c.Check(gauges["arvados_keepweb_sessions_cached_collection_bytes//"].Value, check.Equals, float64(45+51+64*3))
// If the Host header indicates a collection, /metrics.json
// refers to a file in the collection -- the metrics handler
commit 5d1ff96194bfb6373e786f618719321f3406e823
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Mon Jun 20 14:26:22 2022 -0400
Pin protobuf version to <4.0.0, refs #19202
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/sdk/python/setup.py b/sdk/python/setup.py
index 126b12f15..d28df0998 100644
--- a/sdk/python/setup.py
+++ b/sdk/python/setup.py
@@ -55,6 +55,7 @@ setup(name='arvados-python-client',
'ruamel.yaml >=0.15.54, <0.17.11',
'setuptools',
'ws4py >=0.4.2',
+ 'protobuf<4.0.0dev'
],
classifiers=[
'Programming Language :: Python :: 3',
commit 99013c6a59b03f5ad494ff2b3393a8b3e405fab8
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Tue Jun 14 12:33:56 2022 -0300
Merge branch '19193-rails-upgrade'. Closes #19193
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/apps/workbench/Gemfile.lock b/apps/workbench/Gemfile.lock
index 4a7dcc5fc..ebb4b64c6 100644
--- a/apps/workbench/Gemfile.lock
+++ b/apps/workbench/Gemfile.lock
@@ -16,43 +16,43 @@ GEM
remote: https://rubygems.org/
specs:
RedCloth (4.3.2)
- actioncable (5.2.6.3)
- actionpack (= 5.2.6.3)
+ actioncable (5.2.8)
+ actionpack (= 5.2.8)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
- actionmailer (5.2.6.3)
- actionpack (= 5.2.6.3)
- actionview (= 5.2.6.3)
- activejob (= 5.2.6.3)
+ actionmailer (5.2.8)
+ actionpack (= 5.2.8)
+ actionview (= 5.2.8)
+ activejob (= 5.2.8)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
- actionpack (5.2.6.3)
- actionview (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ actionpack (5.2.8)
+ actionview (= 5.2.8)
+ activesupport (= 5.2.8)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
- actionview (5.2.6.3)
- activesupport (= 5.2.6.3)
+ actionview (5.2.8)
+ activesupport (= 5.2.8)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
- activejob (5.2.6.3)
- activesupport (= 5.2.6.3)
+ activejob (5.2.8)
+ activesupport (= 5.2.8)
globalid (>= 0.3.6)
- activemodel (5.2.6.3)
- activesupport (= 5.2.6.3)
- activerecord (5.2.6.3)
- activemodel (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ activemodel (5.2.8)
+ activesupport (= 5.2.8)
+ activerecord (5.2.8)
+ activemodel (= 5.2.8)
+ activesupport (= 5.2.8)
arel (>= 9.0)
- activestorage (5.2.6.3)
- actionpack (= 5.2.6.3)
- activerecord (= 5.2.6.3)
+ activestorage (5.2.8)
+ actionpack (= 5.2.8)
+ activerecord (= 5.2.8)
marcel (~> 1.0.0)
- activesupport (5.2.6.3)
+ activesupport (5.2.8)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
@@ -111,7 +111,7 @@ GEM
childprocess (0.9.0)
ffi (~> 1.0, >= 1.0.11)
cliver (0.3.2)
- concurrent-ruby (1.1.9)
+ concurrent-ruby (1.1.10)
crass (1.0.6)
deep_merge (1.2.1)
docile (1.3.1)
@@ -150,7 +150,7 @@ GEM
railties (>= 4)
request_store (~> 1.0)
logstash-event (1.2.02)
- loofah (2.14.0)
+ loofah (2.18.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
@@ -200,23 +200,23 @@ GEM
websocket-driver (>= 0.2.0)
public_suffix (4.0.6)
racc (1.6.0)
- rack (2.2.3)
+ rack (2.2.3.1)
rack-mini-profiler (1.0.2)
rack (>= 1.2.0)
rack-test (1.1.0)
rack (>= 1.0, < 3)
- rails (5.2.6.3)
- actioncable (= 5.2.6.3)
- actionmailer (= 5.2.6.3)
- actionpack (= 5.2.6.3)
- actionview (= 5.2.6.3)
- activejob (= 5.2.6.3)
- activemodel (= 5.2.6.3)
- activerecord (= 5.2.6.3)
- activestorage (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ rails (5.2.8)
+ actioncable (= 5.2.8)
+ actionmailer (= 5.2.8)
+ actionpack (= 5.2.8)
+ actionview (= 5.2.8)
+ activejob (= 5.2.8)
+ activemodel (= 5.2.8)
+ activerecord (= 5.2.8)
+ activestorage (= 5.2.8)
+ activesupport (= 5.2.8)
bundler (>= 1.3.0)
- railties (= 5.2.6.3)
+ railties (= 5.2.8)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
@@ -225,12 +225,12 @@ GEM
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
- rails-html-sanitizer (1.4.2)
+ rails-html-sanitizer (1.4.3)
loofah (~> 2.3)
rails-perftest (0.0.7)
- railties (5.2.6.3)
- actionpack (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ railties (5.2.8)
+ actionpack (= 5.2.8)
+ activesupport (= 5.2.8)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
@@ -283,9 +283,9 @@ GEM
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
- sprockets-rails (3.2.2)
- actionpack (>= 4.0)
- activesupport (>= 4.0)
+ sprockets-rails (3.4.2)
+ actionpack (>= 5.2)
+ activesupport (>= 5.2)
sprockets (>= 3.0.0)
sshkey (2.0.0)
thor (1.2.1)
diff --git a/services/api/Gemfile b/services/api/Gemfile
index 30d877fac..9b401cc6a 100644
--- a/services/api/Gemfile
+++ b/services/api/Gemfile
@@ -7,6 +7,10 @@ source 'https://rubygems.org'
gem 'rails', '~> 5.2.0'
gem 'responders', '~> 2.0'
+# Pin sprockets to < 4.0 to avoid issues when upgrading rails to 5.2
+# See: https://github.com/rails/sprockets-rails/issues/443
+gem 'sprockets', '~> 3.0'
+
group :test, :development do
gem 'factory_bot_rails'
diff --git a/services/api/Gemfile.lock b/services/api/Gemfile.lock
index 70a1e7a00..49fa58493 100644
--- a/services/api/Gemfile.lock
+++ b/services/api/Gemfile.lock
@@ -8,43 +8,43 @@ GIT
GEM
remote: https://rubygems.org/
specs:
- actioncable (5.2.6.3)
- actionpack (= 5.2.6.3)
+ actioncable (5.2.8)
+ actionpack (= 5.2.8)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
- actionmailer (5.2.6.3)
- actionpack (= 5.2.6.3)
- actionview (= 5.2.6.3)
- activejob (= 5.2.6.3)
+ actionmailer (5.2.8)
+ actionpack (= 5.2.8)
+ actionview (= 5.2.8)
+ activejob (= 5.2.8)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
- actionpack (5.2.6.3)
- actionview (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ actionpack (5.2.8)
+ actionview (= 5.2.8)
+ activesupport (= 5.2.8)
rack (~> 2.0, >= 2.0.8)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
- actionview (5.2.6.3)
- activesupport (= 5.2.6.3)
+ actionview (5.2.8)
+ activesupport (= 5.2.8)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
- activejob (5.2.6.3)
- activesupport (= 5.2.6.3)
+ activejob (5.2.8)
+ activesupport (= 5.2.8)
globalid (>= 0.3.6)
- activemodel (5.2.6.3)
- activesupport (= 5.2.6.3)
- activerecord (5.2.6.3)
- activemodel (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ activemodel (5.2.8)
+ activesupport (= 5.2.8)
+ activerecord (5.2.8)
+ activemodel (= 5.2.8)
+ activesupport (= 5.2.8)
arel (>= 9.0)
- activestorage (5.2.6.3)
- actionpack (= 5.2.6.3)
- activerecord (= 5.2.6.3)
+ activestorage (5.2.8)
+ actionpack (= 5.2.8)
+ activerecord (= 5.2.8)
marcel (~> 1.0.0)
- activesupport (5.2.6.3)
+ activesupport (5.2.8)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
@@ -82,7 +82,7 @@ GEM
multi_json (>= 1.0.0)
builder (3.2.4)
byebug (11.0.1)
- concurrent-ruby (1.1.9)
+ concurrent-ruby (1.1.10)
crass (1.0.6)
erubi (1.10.0)
extlib (0.9.16)
@@ -123,7 +123,7 @@ GEM
railties (>= 4)
request_store (~> 1.0)
logstash-event (1.2.02)
- loofah (2.14.0)
+ loofah (2.18.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
@@ -153,21 +153,21 @@ GEM
power_assert (1.1.4)
public_suffix (4.0.6)
racc (1.6.0)
- rack (2.2.3)
+ rack (2.2.3.1)
rack-test (1.1.0)
rack (>= 1.0, < 3)
- rails (5.2.6.3)
- actioncable (= 5.2.6.3)
- actionmailer (= 5.2.6.3)
- actionpack (= 5.2.6.3)
- actionview (= 5.2.6.3)
- activejob (= 5.2.6.3)
- activemodel (= 5.2.6.3)
- activerecord (= 5.2.6.3)
- activestorage (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ rails (5.2.8)
+ actioncable (= 5.2.8)
+ actionmailer (= 5.2.8)
+ actionpack (= 5.2.8)
+ actionview (= 5.2.8)
+ activejob (= 5.2.8)
+ activemodel (= 5.2.8)
+ activerecord (= 5.2.8)
+ activestorage (= 5.2.8)
+ activesupport (= 5.2.8)
bundler (>= 1.3.0)
- railties (= 5.2.6.3)
+ railties (= 5.2.8)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
@@ -176,14 +176,14 @@ GEM
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
- rails-html-sanitizer (1.4.2)
+ rails-html-sanitizer (1.4.3)
loofah (~> 2.3)
rails-observers (0.1.5)
activemodel (>= 4.0)
rails-perftest (0.0.7)
- railties (5.2.6.3)
- actionpack (= 5.2.6.3)
- activesupport (= 5.2.6.3)
+ railties (5.2.8)
+ actionpack (= 5.2.8)
+ activesupport (= 5.2.8)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
@@ -213,9 +213,9 @@ GEM
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
- sprockets-rails (3.2.2)
- actionpack (>= 4.0)
- activesupport (>= 4.0)
+ sprockets-rails (3.4.2)
+ actionpack (>= 5.2)
+ activesupport (>= 5.2)
sprockets (>= 3.0.0)
sshkey (2.0.0)
test-unit (3.3.1)
@@ -259,6 +259,7 @@ DEPENDENCIES
signet (< 0.12)
simplecov (~> 0.7.1)
simplecov-rcov
+ sprockets (~> 3.0)
sshkey
test-unit (~> 3.0)
themes_for_rails!
commit 78c88904151ad9ca890fc68adce54778a4346ee9
Author: Lucas Di Pentima <lucas.dipentima at curii.com>
Date: Fri Jun 10 11:57:35 2022 -0300
Merge branch '19177-sharing-links-ui-config'. Refs #19177
Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima at curii.com>
diff --git a/apps/workbench/app/views/collections/show.html.erb b/apps/workbench/app/views/collections/show.html.erb
index 56712661c..8a9200aeb 100644
--- a/apps/workbench/app/views/collections/show.html.erb
+++ b/apps/workbench/app/views/collections/show.html.erb
@@ -40,13 +40,11 @@ SPDX-License-Identifier: AGPL-3.0 %>
</h3>
</div>
<div class="panel-body">
- <!--
- <input type="text" class="form-control" placeholder="Search"/>
- -->
-
+ <% if !Rails.configuration.Workbench.DisableSharingURLsUI %>
<div id="sharing-button">
<%= render partial: 'sharing_button' %>
</div>
+ <% end %>
<div style="height:0.5em;"></div>
<% if @projects.andand.any? %>
diff --git a/apps/workbench/test/integration/collections_test.rb b/apps/workbench/test/integration/collections_test.rb
index e7b27fff8..4d6489d4a 100644
--- a/apps/workbench/test/integration/collections_test.rb
+++ b/apps/workbench/test/integration/collections_test.rb
@@ -41,11 +41,19 @@ class CollectionsTest < ActionDispatch::IntegrationTest
send(link_assertion, all("a").select { |a| a[:href] =~ link_regexp })
end
+ test "Hides sharing link button when configured to do so" do
+ Rails.configuration.Workbench.DisableSharingURLsUI = true
+ coll_uuid = api_fixture("collections", "collection_owned_by_active", "uuid")
+ visit page_with_token("active_trustedclient", "/collections/#{coll_uuid}")
+ assert_no_selector 'div#sharing-button'
+ end
+
test "creating and uncreating a sharing link" do
coll_uuid = api_fixture("collections", "collection_owned_by_active", "uuid")
download_link_re =
Regexp.new(Regexp.escape("/c=#{coll_uuid}/"))
visit page_with_token("active_trustedclient", "/collections/#{coll_uuid}")
+ assert_selector 'div#sharing-button'
within "#sharing-button" do
check_sharing(:on, download_link_re)
check_sharing(:off, download_link_re)
diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml
index 98e836655..8ade0f3ae 100644
--- a/lib/config/config.default.yml
+++ b/lib/config/config.default.yml
@@ -1521,6 +1521,11 @@ Clusters:
ShowUserAgreementInline: false
SecretKeyBase: ""
+ # Set this configuration to true to avoid providing an easy way for users
+ # to share data with unauthenticated users; this may be necessary on
+ # installations where strict data access controls are needed.
+ DisableSharingURLsUI: false
+
# Scratch directory used by the remote repository browsing
# feature. If it doesn't exist, it (and any missing parents) will be
# created using mkdir_p.
diff --git a/lib/config/export.go b/lib/config/export.go
index eefa64086..616e67625 100644
--- a/lib/config/export.go
+++ b/lib/config/export.go
@@ -261,6 +261,7 @@ var whitelist = map[string]bool{
"Workbench.ArvadosDocsite": true,
"Workbench.ArvadosPublicDataDocURL": true,
"Workbench.DefaultOpenIdPrefix": false,
+ "Workbench.DisableSharingURLsUI": true,
"Workbench.EnableGettingStartedPopup": true,
"Workbench.EnablePublicProjectsPage": true,
"Workbench.FileViewersConfigURL": true,
diff --git a/sdk/go/arvados/config.go b/sdk/go/arvados/config.go
index bccb8942e..3f69405d4 100644
--- a/sdk/go/arvados/config.go
+++ b/sdk/go/arvados/config.go
@@ -257,6 +257,7 @@ type Cluster struct {
ArvadosDocsite string
ArvadosPublicDataDocURL string
DefaultOpenIdPrefix string
+ DisableSharingURLsUI bool
EnableGettingStartedPopup bool
EnablePublicProjectsPage bool
FileViewersConfigURL string
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list