From 081ce8c5f4c0d1feeb1959923ed657b3c5cf5741 Mon Sep 17 00:00:00 2001
From: lorenzo-cavazzi <lorenzo.cavazzi.tech@gmail.com>
Date: Mon, 6 Apr 2020 12:25:46 +0200
Subject: [PATCH] feat(environments): allow anonymous users to start
 environments

Anonymous users can start an environment. They will get a temporary identity and they will see
warnings suggesting to log in.

BREAKING CHANGE: Requires backend components supporting anonymous users environments

fix #857
---
 src/api-client/index.js              |  47 +++++----
 src/api-client/notebook-servers.js   |  17 ++--
 src/api-client/pipeline.js           |  41 ++++++++
 src/landing/NavBar.js                |   1 +
 src/model/RenkuModels.js             |   1 +
 src/notebooks/Notebooks.container.js |   6 +-
 src/notebooks/Notebooks.present.js   |  82 +++++++++++++---
 src/notebooks/Notebooks.state.js     | 136 ++++++++++++++++++++++++---
 src/project/Project.present.js       |  81 ++++++----------
 9 files changed, 309 insertions(+), 103 deletions(-)

diff --git a/src/api-client/index.js b/src/api-client/index.js
index 15c93cae3a..7befce77c6 100644
--- a/src/api-client/index.js
+++ b/src/api-client/index.js
@@ -43,6 +43,14 @@ const ACCESS_LEVELS = {
   OWNER: 50,
 };
 
+const FETCH_DEFAULT = {
+  options: { headers: new Headers() },
+  returnType: RETURN_TYPES.json,
+  alertOnErr: false,
+  reLogin: true,
+  anonymousLogin: false
+};
+
 class APIClient {
 
   // GitLab api client for Renku. Note that we do some
@@ -76,35 +84,32 @@ class APIClient {
   // contain a user token.
   clientFetch(
     url,
-    options = { headers: new Headers() },
-    returnType = RETURN_TYPES.json,
-    alertOnErr = false,
-    reLogin = true
+    options = FETCH_DEFAULT.options,
+    returnType = FETCH_DEFAULT.returnType,
+    alertOnErr = FETCH_DEFAULT.alertOnErr,
+    reLogin = FETCH_DEFAULT.reLogin,
+    anonymousLogin = FETCH_DEFAULT.anonymousLogin
   ) {
-
     return renkuFetch(url, options)
       .catch((error) => {
-
         // For permission errors we send the user to login
-        if (reLogin && error.case === API_ERRORS.unauthorizedError)
+        if (reLogin && error.case === API_ERRORS.unauthorizedError) {
+          if (anonymousLogin)
+            return this.doAnonymousLogin();
           return this.doLogin();
-
-
+        }
         // Alert only if corresponding option is set to true
-        else if (alertOnErr)
+        else if (alertOnErr) {
           alertAPIErrors(error);
-
-
+        }
         // Default case: Re-raise the error for the application
         // to take care of it.
-        else
+        else {
           return Promise.reject(error);
-
+        }
       })
-
       .then(response => {
         switch (returnType) {
-
           case RETURN_TYPES.json:
             return response.json().then(data => {
               return {
@@ -112,13 +117,10 @@ class APIClient {
                 pagination: processPaginationHeaders(this, response.headers)
               };
             });
-
           case RETURN_TYPES.text:
             return response.text();
-
           case RETURN_TYPES.full:
             return response;
-
           default:
             return response;
         }
@@ -151,6 +153,11 @@ class APIClient {
     return fetch(urlObject, { headers, method });
   }
 
+  doAnonymousLogin() {
+    window.location = `${this.baseUrl}/auth/jupyterhub/login-tmp` +
+      `?redirect-url=${encodeURIComponent(window.location.href)}`;
+  }
+
   doLogin() {
     window.location = `${this.baseUrl}/auth/login?redirect_url=${encodeURIComponent(window.location.href)}`;
   }
@@ -168,4 +175,4 @@ class APIClient {
 }
 
 export default APIClient;
-export { alertAPIErrors, APIError, ACCESS_LEVELS, API_ERRORS, testClient };
+export { alertAPIErrors, APIError, ACCESS_LEVELS, API_ERRORS, FETCH_DEFAULT, testClient };
diff --git a/src/api-client/notebook-servers.js b/src/api-client/notebook-servers.js
index 69117e727c..95790bd56c 100644
--- a/src/api-client/notebook-servers.js
+++ b/src/api-client/notebook-servers.js
@@ -16,8 +16,10 @@
  * limitations under the License.
  */
 
+import { FETCH_DEFAULT } from "./index";
+
 function addNotebookServersMethods(client) {
-  client.getNotebookServers = (namespace, project, branch, commit) => {
+  client.getNotebookServers = (namespace, project, branch, commit, anonymous = false) => {
     const headers = client.getBasicHeaders();
     const url = `${client.baseUrl}/notebooks/servers`;
     let parameters = {};
@@ -26,11 +28,14 @@ function addNotebookServersMethods(client) {
     if (branch) parameters.branch = branch;
     if (commit) parameters.commit_sha = commit;
 
-    return client.clientFetch(url, {
-      method: "GET",
-      headers,
-      queryParams: parameters
-    }).then(resp => {
+    return client.clientFetch(
+      url,
+      { method: "GET", headers, queryParams: parameters },
+      FETCH_DEFAULT.returnType,
+      FETCH_DEFAULT.alertOnErr,
+      FETCH_DEFAULT.reLogin,
+      anonymous
+    ).then(resp => {
       return { "data": resp.data.servers };
     });
   };
diff --git a/src/api-client/pipeline.js b/src/api-client/pipeline.js
index 70e9fd3758..834656305e 100644
--- a/src/api-client/pipeline.js
+++ b/src/api-client/pipeline.js
@@ -16,6 +16,8 @@
  * limitations under the License.
  */
 
+import { API_ERRORS } from "./errors";
+
 function addPipelineMethods(client) {
   client.runPipeline = (projectId) => {
     const headers = client.getBasicHeaders();
@@ -63,6 +65,7 @@ function addPipelineMethods(client) {
       method: "GET",
       headers,
     }).then(response => response.data);
+    //return Promise.resolve([{ id: projectId, "status": "success" }]);
   };
 
   /**
@@ -81,6 +84,44 @@ function addPipelineMethods(client) {
       headers,
     }).then(response => response.data);
   };
+
+  /**
+   * Get the array of pipeline from GitLab
+   *
+   * @param {number|string} projectId - project id or slug
+   */
+  client.getRegistries = (projectId) => {
+    const headers = client.getBasicHeaders();
+    headers.append("Content-Type", "application/json");
+    const url = `${client.baseUrl}/projects/${projectId}/registry/repositories`;
+
+    return client.clientFetch(url, {
+      method: "GET",
+      headers,
+    }).then(response => response.data);
+  };
+
+  /**
+   * Get the array of pipeline from GitLab
+   *
+   * @param {number|string} projectId - project id or slug
+   * @param {number} registryId - registry id
+   * @param {string} tag - tag name, our convention uses the first 7 chars from commit id
+   */
+  client.getRegistryTag = (projectId, registryId, tag) => {
+    const headers = client.getBasicHeaders();
+    headers.append("Content-Type", "application/json");
+    const url = `${client.baseUrl}/projects/${projectId}/registry/repositories` +
+      `/${registryId}/tags/${tag}`;
+
+    return client.clientFetch(url, { method: "GET", headers })
+      .then(response => response.data)
+      .catch((error) => {
+        if (error.case === API_ERRORS.notFoundError)
+          return null;
+        throw error;
+      });
+  };
 }
 
 export default addPipelineMethods;
diff --git a/src/landing/NavBar.js b/src/landing/NavBar.js
index ce1b3f9236..5a37b258c5 100644
--- a/src/landing/NavBar.js
+++ b/src/landing/NavBar.js
@@ -261,6 +261,7 @@ class AnonymousNavBar extends Component {
             <ul className="navbar-nav mr-auto">
               <RenkuNavLink to="/projects" title="Projects" />
               <RenkuNavLink to="/datasets" title="Datasets" />
+              <RenkuNavLink to="/environments" title="Environments" />
             </ul>
             <ul className="navbar-nav">
               <RenkuToolbarHelpMenu />
diff --git a/src/model/RenkuModels.js b/src/model/RenkuModels.js
index 2972bc0248..9c1a7e27c4 100644
--- a/src/model/RenkuModels.js
+++ b/src/model/RenkuModels.js
@@ -211,6 +211,7 @@ const notebooksSchema = new Schema({
       poller: { initial: null },
       fetched: { initial: null },
       fetching: { initial: false },
+      type: { initial: null },
 
       lastParameters: { initial: null },
       lastMainId: { initial: null },
diff --git a/src/notebooks/Notebooks.container.js b/src/notebooks/Notebooks.container.js
index a8cadd4c9a..ff00a19ff2 100644
--- a/src/notebooks/Notebooks.container.js
+++ b/src/notebooks/Notebooks.container.js
@@ -43,7 +43,8 @@ class Notebooks extends Component {
   constructor(props) {
     super(props);
     this.model = props.model.subModel("notebooks");
-    this.coordinator = new NotebooksCoordinator(props.client, this.model);
+    this.userModel = props.model.subModel("user");
+    this.coordinator = new NotebooksCoordinator(props.client, this.model, this.userModel);
     // temporarily reset data since notebooks model was not designed to be static
     this.coordinator.reset();
 
@@ -134,7 +135,8 @@ class StartNotebookServer extends Component {
   constructor(props) {
     super(props);
     this.model = props.model.subModel("notebooks");
-    this.coordinator = new NotebooksCoordinator(props.client, this.model);
+    this.userModel = props.model.subModel("user");
+    this.coordinator = new NotebooksCoordinator(props.client, this.model, this.userModel);
     // temporarily reset data since notebooks model was not designed to be static
     this.coordinator.reset();
 
diff --git a/src/notebooks/Notebooks.present.js b/src/notebooks/Notebooks.present.js
index 37bc170f7b..e0595b8fca 100644
--- a/src/notebooks/Notebooks.present.js
+++ b/src/notebooks/Notebooks.present.js
@@ -584,6 +584,22 @@ class EnvironmentLogs extends Component {
   }
 }
 
+function pipelineAvailable(pipelines) {
+  const { pipelineTypes } = NotebooksHelper;
+  const mainPipeline = pipelines.main;
+
+  if (pipelines.type === pipelineTypes.logged) {
+    if (mainPipeline.status === "success" || mainPipeline.status === undefined)
+      return true;
+  }
+  else if (pipelines.type === pipelineTypes.anonymous) {
+    if (mainPipeline && mainPipeline.path)
+      return true;
+  }
+
+  return false;
+}
+
 // * StartNotebookServer code * //
 class StartNotebookServer extends Component {
   constructor(props) {
@@ -604,13 +620,12 @@ class StartNotebookServer extends Component {
       pipelines: pipelines.fetching,
       commits: this.props.data.fetching
     };
+
     let show = {};
     show.commits = !fetching.branches && branch.name ? true : false;
     show.pipelines = show.commits && !fetching.commits && commit.id;
     show.options = show.pipelines && pipelines.fetched && (
-      pipelines.main.status === "success" || pipelines.main.status === undefined
-      || this.state.ignorePipeline
-      || this.props.justStarted
+      this.props.justStarted || this.state.ignorePipeline || pipelineAvailable(pipelines)
     );
 
     const messageOutput = message ?
@@ -787,19 +802,37 @@ class StartNotebookPipelines extends Component {
 
 class StartNotebookPipelinesBadge extends Component {
   render() {
+    const pipelineType = this.props.pipelines.type;
     const pipeline = this.props.pipelines.main;
+
     let color, text;
-    if (pipeline.status === "success") {
-      color = "success";
-      text = "available";
-    }
-    else if (pipeline.status === undefined) {
-      color = "danger";
-      text = "not available";
+    if (pipelineType === NotebooksHelper.pipelineTypes.logged) {
+      if (pipeline.status === "success") {
+        color = "success";
+        text = "available";
+      }
+      else if (pipeline.status === undefined) {
+        color = "danger";
+        text = "not available";
+      }
+      else if (pipeline.status === "running" || pipeline.status === "pending") {
+        color = "warning";
+        text = "building";
+      }
+      else {
+        color = "danger";
+        text = "error";
+      }
     }
-    else if (pipeline.status === "running" || pipeline.status === "pending") {
-      color = "warning";
-      text = "building";
+    else if (pipelineType === NotebooksHelper.pipelineTypes.anonymous) {
+      if (pipeline && pipeline.path) {
+        color = "success";
+        text = "available";
+      }
+      else {
+        color = "warning";
+        text = "pending";
+      }
     }
     else {
       color = "danger";
@@ -813,6 +846,29 @@ class StartNotebookPipelinesBadge extends Component {
 class StartNotebookPipelinesContent extends Component {
   render() {
     const pipeline = this.props.pipelines.main;
+    const pipelineType = this.props.pipelines.type;
+    const { pipelineTypes } = NotebooksHelper;
+
+    // unexpected case
+    if (pipelineType !== pipelineTypes.anonymous && pipelineType !== pipelineTypes.logged)
+      return (<div><p>Unexpected state.</p></div>);
+
+    // anonymous
+    if (pipelineType === pipelineTypes.anonymous) {
+      if (pipeline && pipeline.path)
+        return null;
+
+      return (
+        <div>
+          <Label>
+            <FontAwesomeIcon icon={faCog} spin /> The Docker image for the environment is not ready.
+            Please wait a moment...
+          </Label>
+        </div>
+      );
+    }
+
+    // logged in
     if (pipeline.status === "success")
       return null;
 
diff --git a/src/notebooks/Notebooks.state.js b/src/notebooks/Notebooks.state.js
index 68e89a7b92..1aa19da164 100644
--- a/src/notebooks/Notebooks.state.js
+++ b/src/notebooks/Notebooks.state.js
@@ -31,6 +31,11 @@ const IMAGE_BUILD_JOB = "image_build";
 const RENKU_INI_PATH = ".renku/renku.ini";
 const RENKU_INI_SECTION = `renku "interactive"`;
 
+const PIPELINE_TYPES = {
+  anonymous: "regististries",
+  logged: "jobs"
+};
+
 const ExpectedAnnotations = {
   domain: "renku.io",
   "renku.io": {
@@ -168,13 +173,16 @@ const NotebooksHelper = {
       return true;
 
     return false;
-  }
+  },
+
+  pipelineTypes: PIPELINE_TYPES
 };
 
 class NotebooksCoordinator {
-  constructor(client, model) {
+  constructor(client, model, userModel) {
     this.client = client;
     this.model = model;
+    this.userModel = userModel;
   }
 
   /**
@@ -239,6 +247,7 @@ class NotebooksCoordinator {
   setCommit(commit) {
     this.model.setObject({
       notebooks: { fetched: null },
+      pipelines: { fetched: null },
       filters: { commit: { $set: commit } }
     });
     this.fetchNotebooks();
@@ -282,8 +291,13 @@ class NotebooksCoordinator {
       }
     });
 
+    // get user status
+    const anonym = this.userModel.get("logged") ?
+      false :
+      true;
+
     // get notebooks
-    return this.client.getNotebookServers(filters.namespace, filters.project, filters.branch, filters.commit)
+    return this.client.getNotebookServers(filters.namespace, filters.project, filters.branch, filters.commit, anonym)
       .then(resp => {
         let updatedNotebooks = { fetching: false };
         // check if result is still valid
@@ -508,6 +522,73 @@ class NotebooksCoordinator {
     return mainPipeline;
   }
 
+  async fetchRegistries() {
+    // check if already fetching data
+    const fetching = this.model.get("pipelines.fetching");
+    if (fetching)
+      return;
+
+    // get filters and stop fetching if not all parameters are available
+    let filters = this.getQueryFilters();
+    if (filters.branch === null || filters.commit === null) {
+      this.stopPipelinePolling();
+      return;
+    }
+    const projectId = `${encodeURIComponent(filters.namespace)}%2F${filters.project}`;
+
+    // verify if parameters have changed and if I have an id
+    const lastParameters = this.model.get("pipelines.lastParameters");
+    const lastMainId = this.model.get("pipelines.lastMainId");
+    const newParameters = JSON.stringify(filters);
+    let newMainId, pipelinesState = {};
+    if (newParameters === lastParameters && lastMainId != null) {
+      newMainId = lastMainId;
+    }
+    else {
+      // update current state and start fetching
+      this.model.setObject({
+        pipelines: {
+          fetching: true,
+          lastParameters: newParameters
+        }
+      });
+      const registries = await this.client.getRegistries(projectId)
+        .catch(error => {
+          this.model.set("pipelines.fetching", false);
+          throw error;
+        });
+
+      // TODO: check if filters are oupdated due to discrepancies
+      // TODO: in lastParameters -- remember to re-get filters before comparing!
+      // verify that a registry can be found
+      pipelinesState = { fetching: false };
+      if (registries.length === 0) {
+        pipelinesState.fetched = null;
+        pipelinesState.lastMainId = null;
+        this.model.setObject({ pipelines: pipelinesState });
+        return {};
+      }
+
+      newMainId = registries[0].id;
+      pipelinesState.lastMainId = newMainId;
+    }
+
+    // use the registry id to get the image
+    const tag_id = filters.commit.substring(0, 7);
+    const tag = await this.client.getRegistryTag(projectId, newMainId, tag_id);
+    pipelinesState.fetched = true;
+    pipelinesState.main = tag ?
+      tag :
+      { $set: {} };
+
+    // TODO: polish here, adapt the present component
+    // TODO: to show the correct status on tag status
+    // console.log("ANONYM - NOT IMPLEMENTED YET - ", tag);
+    this.model.setObject({ pipelines: pipelinesState });
+    // this.model.setObject({ pipelines: { ...pipelinesState, main: {} } });
+    return;
+  }
+
 
   // * Handle polling * //
   startNotebookPolling(interval = POLLING_INTERVAL) {
@@ -532,20 +613,51 @@ class NotebooksCoordinator {
   }
 
   startPipelinePolling(interval = POLLING_INTERVAL) {
-    // start polling or invalidate previous data
+    // get old data
     const oldPoller = this.model.get("pipelines.poller");
-    if (oldPoller == null) {
-      const newPoller = setInterval(() => {
-        this.fetchPipeline();
-      }, interval);
-      this.model.set("pipelines.poller", newPoller);
+    const oldPipelinesType = this.model.get("pipelines.type");
 
-      // fetch immediatly
-      return this.fetchPipeline();
+    // compute current data
+    let anonymous, newPipelinesType;
+    if (this.userModel.get("logged")) {
+      anonymous = false;
+      newPipelinesType = PIPELINE_TYPES.logged;
+    }
+    else {
+      anonymous = true;
+      newPipelinesType = PIPELINE_TYPES.anonymous;
     }
 
-    this.model.set("pipelines.fetched", null);
+    // if poller type changes, stop the old one and re-invoke later
+    if (oldPoller != null) {
+      if (oldPipelinesType !== newPipelinesType) {
+        this.model.set("pipelines.fetched", null);
+        this.stopPipelinePolling();
+        setTimeout(() => { this.startPipelinePolling(); }, 1000);
+        return false;
+      }
+    }
+    else {
+      let newPipelines = {
+        fetched: null,
+        type: newPipelinesType
+      };
+
+      let returnValue;
+      if (anonymous) {
+        const newPoller = setInterval(() => { this.fetchRegistries(); }, interval);
+        newPipelines.poller = newPoller;
+        returnValue = this.fetchRegistries();
+      }
+      else {
+        const newPoller = setInterval(() => { this.fetchPipeline(); }, interval);
+        newPipelines.poller = newPoller;
+        returnValue = this.fetchPipeline();
+      }
 
+      this.model.setObject({ pipelines: newPipelines });
+      return returnValue;
+    }
   }
 
   stopPipelinePolling() {
diff --git a/src/project/Project.present.js b/src/project/Project.present.js
index df12a09c7d..72f7ef5b95 100644
--- a/src/project/Project.present.js
+++ b/src/project/Project.present.js
@@ -765,26 +765,6 @@ class ProjectViewFiles extends Component {
   }
 }
 
-function notebookLauncher(userLogged, notebookLauncher, postLoginUrl) {
-  if (!userLogged) {
-    const to = { "pathname": "/login", "state": { previous: postLoginUrl } };
-    return (
-      <div>
-        <p>
-          You do not have sufficient permissions to launch an interactive environment for this project.
-        </p>
-        <InfoAlert timeout={0} key="login-info">
-          <p className="mb-0">
-            <Link className="btn btn-primary btn-sm" to={to} previous={postLoginUrl}>Log in</Link> to use
-            interactive environments.
-          </p>
-        </InfoAlert>
-      </div>
-    );
-  }
-  return (<div>{notebookLauncher}</div>);
-}
-
 class OverviewDatasetRow extends Component {
   render() {
     return <tr>
@@ -856,27 +836,28 @@ class ProjectEnvironments extends Component {
 
 function notebookWarning(userLogged, accessLevel, fork, postLoginUrl, externalUrl) {
   if (!userLogged) {
-    return null;
-
-    // TODO: draft implementation
-    // const to = { "pathname": "/login", "state": { previous: postLoginUrl } };
-    // return (
-    //   <WarnAlert timeout={0} key="permissions-warning">
-    //     <p>As an anonymous user, you can start an environment but you cannot save your work.</p>
-    //     <p className="mb-0">
-    //       <Link className="btn btn-primary btn-sm btn-warning" to={to} previous={postLoginUrl}>Log in</Link> to use
-    //       all the features we provide through <ExternalLink role="text" title="Interactive Envirnonments"
-    //         url="https://renku.readthedocs.io/en/latest/developer/services/notebooks_service.html" />
-    //       .
-    //     </p>
-    //   </WarnAlert>
-    // );
+    const to = { "pathname": "/login", "state": { previous: postLoginUrl } };
+    return (
+      <InfoAlert timeout={0} key="permissions-warning">
+        <p>
+          <FontAwesomeIcon icon={faExclamationTriangle} /> As
+          an anonymous user, you can start <ExternalLink role="text" title="Interactive Envirnonments"
+            url="https://renku.readthedocs.io/en/latest/developer/services/notebooks_service.html" /> but
+          you cannot save your work.
+        </p>
+        <p className="mb-0">
+          <Link className="btn btn-primary btn-sm" to={to} previous={postLoginUrl}>Log in</Link> to
+          get all the benefits.
+        </p>
+      </InfoAlert>
+    );
   }
   else if (accessLevel < ACCESS_LEVELS.DEVELOPER) {
     return (
       <InfoAlert timeout={0} key="permissions-warning">
         <p>
-          You have limited permissions for this project.
+          <FontAwesomeIcon icon={faExclamationTriangle} /> You
+          have limited permissions for this project.
           If you want to save your work, consider one of the following:
         </p>
         <ul className="mb-0">
@@ -909,13 +890,13 @@ class ProjectNotebookServers extends Component {
       user.logged, visibility.accessLevel, toggleForkModal, location.pathname, externalUrl
     );
 
-    let content = (
+    return (
       <Notebooks standalone={false} client={client} model={model}
         message={warning}
         urlNewEnvironment={launchNotebookUrl}
-        scope={{ namespace: this.props.core.namespace_path, project: this.props.core.project_path }} />
+        scope={{ namespace: this.props.core.namespace_path, project: this.props.core.project_path }}
+      />
     );
-    return (notebookLauncher(user.logged, content, location.pathname));
   }
 }
 
@@ -929,17 +910,17 @@ class ProjectStartNotebookServer extends Component {
       user.logged, visibility.accessLevel, toggleForkModal, location.pathname, externalUrl
     );
 
-    let content = (<StartNotebookServer client={client} model={model} history={history}
-      message={warning}
-      branches={system.branches}
-      autosaved={system.autosaved}
-      refreshBranches={fetchBranches}
-      externalUrl={externalUrl}
-      successUrl={notebookServersUrl}
-      scope={{ namespace: this.props.core.namespace_path, project: this.props.core.project_path }}
-    />);
-
-    return (notebookLauncher(user.logged, content, location.pathname));
+    return (
+      <StartNotebookServer client={client} model={model} history={history}
+        message={warning}
+        branches={system.branches}
+        autosaved={system.autosaved}
+        refreshBranches={fetchBranches}
+        externalUrl={externalUrl}
+        successUrl={notebookServersUrl}
+        scope={{ namespace: this.props.core.namespace_path, project: this.props.core.project_path }}
+      />
+    );
   }
 }