Merge pull request #200 from collectionspace/check-connection

Check connection is active when running workflow steps
collectionspace · Dec 21, 2023 · 911de86 · 911de86
2 parents 3c8659f + b1b4754
commit 911de86
Show file tree

Hide file tree

Showing 6 changed files with 44 additions and 23 deletions.
diff --git a/app/controllers/connections_controller.rb b/app/controllers/connections_controller.rb
@@ -20,9 +20,7 @@ def create
         end
       else
         format.html do
-          if @connection.errors.any? && @connection.errors.messages.key?(:verify_error)
-            flash.now[:alert] = @connection.errors.messages[:verify_error].first.capitalize
-          end
+          set_flash_connect_verify_error
           render :new
         end
       end
@@ -38,6 +36,7 @@ def update
                       notice: t('action.updated', record: 'Connection')
         end
       else
+        set_flash_connect_verify_error
         format.html { render :edit }
       end
     end
@@ -56,6 +55,12 @@ def destroy
 
   private
 
+  def set_flash_connect_verify_error
+    if @connection.errors.any? && @connection.errors.messages.key?(:verify_error)
+      flash.now[:alert] = @connection.errors.messages[:verify_error].first.capitalize
+    end
+  end
+
   def set_connection
     @connection = authorize Connection.find(params[:id])
   end

diff --git a/app/controllers/step/archives_controller.rb b/app/controllers/step/archives_controller.rb
@@ -20,6 +20,7 @@ def create
           end
         else
           format.html do
+            flash.now[:alert] = error_messages(@step.errors)
             @step = Step::Archive.new(batch: @batch)
             render :new
           end

diff --git a/app/controllers/step/preprocesses_controller.rb b/app/controllers/step/preprocesses_controller.rb
@@ -20,6 +20,7 @@ def create
           end
         else
           format.html do
+            flash.now[:alert] = error_messages(@step.errors)
             @step = Step::Preprocess.new(batch: @batch)
             render :new
           end

diff --git a/app/controllers/step/processes_controller.rb b/app/controllers/step/processes_controller.rb
@@ -20,6 +20,7 @@ def create
           end
         else
           format.html do
+            flash.now[:alert] = error_messages(@step.errors)
             @step = Step::Process.new(batch: @batch)
             render :new
           end

diff --git a/app/models/concerns/workflow_metadata.rb b/app/models/concerns/workflow_metadata.rb
@@ -15,6 +15,7 @@ module WorkflowMetadata
   included do
     has_many_attached :reports
     validates :reports, content_type: CONTENT_TYPES
+    validate :connection_is_active
   end
 
   def all_rows_accessed?
@@ -62,7 +63,7 @@ def increment_warning!
   end
 
   def incremental?
-    false # by default do not support incremental attachements
+    false # by default do not support incremental attachments
   end
 
   def limbo?
@@ -113,6 +114,12 @@ def warnings?
 
   private
 
+  def connection_is_active
+    if batch && !batch.connection.authorized?
+      errors.add(:verify_error, 'connection or user account lookup failed')
+    end
+  end
+
   # Renderer for realtime updates (uses Superuser so compatible with tests)
   def status_renderer
     ApplicationController.renderer_with_signed_in_user(User.superuser)

diff --git a/app/models/connection.rb b/app/models/connection.rb
@@ -14,6 +14,15 @@ class Connection < ApplicationRecord
   validate :profile_must_be_prefix
   validate :verify_user
 
+  def authorized?
+    return true if Rails.env.test? # TODO: stub response in tests
+
+    response = client.get('accounts/0/accountperms')
+    response.result.success? &&
+      response.parsed.respond_to?(:dig) &&
+      response.parsed.dig('account_permission', 'account', 'userId') == username
+  end
+
   def client
     CollectionSpace::Client.new(
       CollectionSpace::Configuration.new(
@@ -24,6 +33,15 @@ def client
     )
   end
 
+  def csidcache
+    @csidcache_config ||= {
+      redis: Rails.configuration.csidcache_url,
+      domain: client.config.base_uri,
+      lifetime: 5 * 60,
+    }
+    CollectionSpace::RefCache.new(config: @csidcache_config)
+  end
+
   def disabled?
     !enabled?
   end
@@ -32,23 +50,10 @@ def enabled?
     enabled
   end
 
-  def resolve_primary
-    Connection.resolve_primary(user, self)
-  end
-
   def primary?
     primary
   end
 
-  def csidcache
-    @csidcache_config ||= {
-      redis: Rails.configuration.csidcache_url,
-      domain: client.config.base_uri,
-      lifetime: 5 * 60,
-    }
-    CollectionSpace::RefCache.new(config: @csidcache_config)
-  end
-
   def refcache
     @cache_config ||= {
       redis: Rails.configuration.refcache_url,
@@ -58,6 +63,10 @@ def refcache
     CollectionSpace::RefCache.new(config: @cache_config)
   end
 
+  def resolve_primary
+    Connection.resolve_primary(user, self)
+  end
+
   def unset_primary
     self.primary = false
   end
@@ -71,18 +80,15 @@ def self.resolve_primary(user, connection)
   private
 
   def verify_user
-    return if Rails.env.test?
+    return if Rails.env.test? # TODO: stub response in tests
 
     if username.blank? || password.blank?
       errors.add(:verify_error, 'username and password are required to verify user')
       return
     end
 
-    response = client.get('accounts/0/accountperms')
-    unless response.result.success? &&
-           response.parsed.respond_to?(:dig) &&
-           response.parsed.dig('account_permission', 'account', 'userId') == username
-      errors.add(:verify_error, 'user account lookup failed')
+    unless authorized?
+      errors.add(:verify_error, 'connection or user account lookup failed')
     end
   end