Arvados

h1. Hacking Workbench

{{toc}}

h2. Source tree layout

Everything is in @/apps/workbench@.

Key pieces to know about before going much further:

|/|Usual Rails project layout|

|/app/controllers/application_controller.rb|Controller superclass with authentication setup, error handling, and generic CRUD actions|

|/app/controllers/*.rb|Actions other than generic CRUD (users#activity, jobs#generate_provenance, ...)|

|/app/models/arvados_base.rb|Default Arvados model behavior and ActiveRecord-like accessors and introspection features|

|/app/models/arvados_resource_list.rb|ActiveRelation-like class (what you get from Model.where() etc.)|

h2. Unlike a typical Rails project...

* Most responses are JSON. Very few HTML views. We don't normally talk to browsers, except during authentication.

* We assign UUID strings (see lib/assign_uuid.rb and app/models/arvados_model.rb)

* The Arvados query API is fairly limited and doesn't accept SQL statements, so Workbench has to work harder to get what it needs. (Things will improve when Arvados accepts SPARQL queries.)

* Workbench itself only has the privileges of the Workbench user: when making Arvados API calls, it uses the API token provided by the user.

h2. Unlike what you might expect...

* Workbench doesn't use the Ruby SDK. It uses a sort of baked-in Rails SDK.

** TODO: move it out of Workbench into a gem.

** TODO: use the Ruby SDK under the hood.

h2. Running in development mode

You can get started quickly with SSL by generating a self-signed certificate

Alternatively if you're on debian and have root access you can make a copy that a regular user can use:

 openssl req -new -x509 -nodes -out ~/self-signed.pem -keyout ~/self-signed.key -days 3650 -subj '/CN=arvados.example.com'

Alternatively, download a set from the bottom of the [[API server]] page.

Save something like the following at @~/bin/workbench@, make it executable, make sure ~/bin is in your path:

 #!/bin/sh

set -e

cd ~/arvados/apps/workbench

export RAILS_ENV=development

rvm-exec 2.0.0 bundle install --deployment

exec rvm-exec 2.0.0 bundle exec passenger start -p 3001 --ssl --ssl-certificate ~/self-signed.pem --ssl-certificate-key ~/self-signed.key

The first time you run the above it will take a while to install all the ruby gems. In particular @Installing nokogiri@ takes a while

Once you see:

 =============== Phusion Passenger Standalone web server started ===============

You can visit your server at:

 @https://{ip-or-host}:3001/@

h2. Loading state from API into models

If your model makes an API call that returns the new state of an object, load the new attributes into the local model with @private_reload@:

<pre><code class="ruby">

  api_response = $arvados_api_client.api(...)

  private_reload api_response

</code></pre>

h2. Features

h3. Authentication

ApplicationController uses an around_filter to make sure the user is logged in, redirect to Arvados to complete the login procedure if not, and store the user's API token in Thread.current[:arvados_api_token] if so.

The @current_user@ helper returns User.current if the user is logged in, otherwise nil. (Generally, only special pages like "welcome" and "error" get displayed to users who aren't logged in.)

h3. Default filter behavior

@before_filter :find_object_by_uuid@

* This is enabled by default, @except :index, :create@.

* It renames the @:id@ param to @:uuid@. (The Rails default routing rules use @:id@ to accept params in path components, but @params[:uuid]@ makes more sense everywhere else in our code.)

* If you define a collection method (where there's no point looking up an object with the :id supplied in the request), skip this.

<pre><code class="ruby">

  skip_before_filter :find_object_by_uuid, only: [:action_that_takes_no_uuid_param]

</code></pre>

h3. Error handling

ApplicationController has a render_error method that shows a standard error page. (It's not very good, but it's better than a default Rails stack trace.)

In a controller you get there like this

<pre><code class="ruby">

  @errors = ['I could not achieve what you wanted.']

  render_error status: 500

</code></pre>

You can also do this, anywhere

<pre><code class="ruby">

  raise 'My spoon is too big.'

</code></pre>

The @render_error@ method sends JSON or HTML to the client according to the Accept header in the request (it sends JSON if JavaScript was requested), so reasonable things happen whether or not the request is AJAX.

h2. Development patterns

h3. Add a model

Currently, when the API provides a new model, we need to generate a corresponding model in Workbench: it's not smart enough to pick up the list of models from the API server's discovery document.

_(Need to fill in details here)_

# @rails generate model ....@

# Delete migration

# Change base class

# (probably more steps to fill in here)

Model _attributes_, on the other hand, are populated automatically.

h3. Add a configuration knob

Same situation as API server. See [[Hacking API Server]].

h3. Add an API method

Workbench is not yet smart enough to look in the discovery document for supported API methods. You need to add a method to the appropriate model class before you can use it in the Workbench app.

h3. Writing tests

(TODO)

h3. AJAX using Rails UJS (remote:true with JavaScript response)

This pattern is the best way to make a button/link that invokes an asynchronous action on the Workbench server side, i.e., before/without navigating away from the current page.

# Add <code class="ruby">remote: true</code> to a link or button. This makes Rails put a <code class="html">data-remote="true"</code> attribute in the HTML element. Say, in @app/views/fizz_buzzes/index.html.erb@:

<pre><code class="ruby">

<%= link_to "Blurfl", blurfl_fizz_buzz_url(id: @object.uuid), {class: 'btn btn-primary', remote: true} %>

</code></pre>

# Ensure the targeted action responds appropriately to both "js" and "html" requests. At minimum:

<pre><code class="ruby">

class FizzBuzzesController

  #...

  def blurfl

    @howmany = 1

    #...

    respond_to do |format|

      format.js

      format.html

    end

  end

end

</code></pre>

# The @html@ view is used if this is a normal page load (presumably this means the client has turned off JS).

#* @app/views/fizz_buzz/blurfl.html.erb@

<pre><code>

<p>I am <%= @howmany %></p>

</code></pre>

# The @js@ view is used if this is an AJAX request. It renders as JavaScript code which will be executed in the browser. Say, in @app/views/fizz_buzz/blurfl.js.erb@:

<pre><code class="javascript">

window.alert('I am <%= @howmany %>');

</code></pre>

# The browser opens an alert box:

<pre>

I am 1

</pre>

# A common task is to render a partial and use it to update part of the page. Say the partial is in @app/views/fizz_buzz/_latest_news.html.erb@:

<pre><code class="javascript">

var new_content = "<%= escape_javascript(render partial: 'latest_news') %>";

if ($('div#latest-news').html() != new_content)

   $('div#latest-news').html(new_content);

</code></pre>

*TODO: error handling*

h3. AJAX invoked from custom JavaScript (JSON response)

(and error handling)

h3. Add JavaScript triggers and fancy behavior

Some guidelines for implementing stuff nicely in JavaScript:

* Don't rely on the DOM being loaded before your script is loaded.

** If you need to inspect/alter the DOM as soon as it's loaded, make a setup function that fires on "document ready" and "ajax:complete".

** jQuery's delegated event pattern can help keep your code clean. See http://api.jquery.com/on/

<pre><code class="javascript">

// worse:

$('table.fizzbuzzer tr').

    on('mouseover', function(e, xhr) {

        console.log("This only works if the table exists when this setup script is executed.");

    });

// better:

$(document).

    on('mouseover', 'table.fizzbuzzer tr', function(e, xhr) {

        console.log("This works even if the table appears (or has the fizzbuzzer class added) later.");

    });

</code></pre>

* If your code really only makes sense for a particular view, rather than embedding @<script>@ tags in the middle of the page,

** use this:

<pre><code class="ruby">

<% content_for :js do %>

console.log("hurray, this goes in HEAD");

<% end %>

</code></pre>

** or, if your code should run after [most of] the DOM is loaded:

<pre><code class="ruby">

<% content_for :footer_js do %>

console.log("hurray, this runs at the bottom of the BODY element in the default layout.");

<% end %>

</code></pre>

* Don't just write JavaScript on the @fizz_buzzes/blurfl@ page and rely on the fact that the only @table@ element on the page is the one you want to attach your special behavior to. Instead, add a class to the table, and use a jQuery selector to attach special behavior to it.

** In @app/views/fizz_buzzes/blurfl.html.erb@

<pre>

<table class="fizzbuzzer">

 <tr>

  <td>fizz</td><td>buzz</td>

 </tr>

</table>

</pre>

** In @app/assets/javascripts/fizz_buzzes.js@

<pre><code class="javascript">

<% content_for :js do %>

$(document).on('mouseover', 'table.fizzbuzzer tr', function() {

    console.log('buzz');

});

<% end %>

</code></pre>

** Advantage: You can reuse the special behavior in other tables/pages/classes

** Advantage: The JavaScript can get compiled, minified, cached in the browser, etc., instead of being rendered with every page view

** Advantage: The JavaScript code is available regardless of how the content got into the DOM (regular page view, partial update with AJAX)

h3. Invoking selected-things picker

(TODO)

h3. Tabs/panes on index & show pages

(TODO)

h3. User notifications

(TODO)

h3. Customizing breadcrumbs

(TODO)

h3. Making a page accessible before login

(TODO)

h3. Making a page accessible to non-active users

(TODO)