services/api/app/controllers/arvados/v1/collections_controller.rb

   1 class Arvados::V1::CollectionsController < ApplicationController
   2   def create
   3     # Collections are owned by system_user. Creating a collection has
   4     # two effects: The collection is added if it doesn't already
   5     # exist, and a "permission" Link is added (if one doesn't already
   6     # exist) giving the current user (or specified owner_uuid)
   7     # permission to read it.
   8     owner_uuid = resource_attrs.delete(:owner_uuid) || current_user.uuid
   9     unless current_user.can? write: owner_uuid
  10       logger.warn "User #{current_user.andand.uuid} tried to set collection owner_uuid to #{owner_uuid}"
  11       raise ArvadosModel::PermissionDeniedError
  12     end
  13     act_as_system_user do
  14       @object = model_class.new resource_attrs.reject { |k,v| k == :owner_uuid }
  15       begin
  16         @object.save!
  17       rescue ActiveRecord::RecordNotUnique
  18         logger.debug resource_attrs.inspect
  19         if resource_attrs[:manifest_text] and resource_attrs[:uuid]
  20           @existing_object = model_class.
  21             where('uuid=? and manifest_text=?',
  22                   resource_attrs[:uuid],
  23                   resource_attrs[:manifest_text]).
  24             first
  25           @object = @existing_object || @object
  26         end
  27       end
  28
  29       if @object
  30         link_attrs = {
  31           owner_uuid: owner_uuid,
  32           link_class: 'permission',
  33           name: 'can_read',
  34           head_uuid: @object.uuid,
  35           tail_uuid: owner_uuid
  36         }
  37         ActiveRecord::Base.transaction do
  38           if Link.where(link_attrs).empty?
  39             Link.create! link_attrs
  40           end
  41         end
  42       end
  43     end
  44     show
  45   end
  46
  47   def show
  48     render json: @object.as_api_response(:with_data)
  49   end
  50
  51   def collection_uuid(uuid)
  52     m = /([a-f0-9]{32}(\+[0-9]+)?)(\+.*)?/.match(uuid)
  53     if m
  54       m[1]
  55     else
  56       nil
  57     end
  58   end
  59
  60   def script_param_edges(visited, sp)
  61     case sp
  62     when Hash
  63       sp.each do |k, v|
  64         script_param_edges(visited, v)
  65       end
  66     when Array
  67       sp.each do |v|
  68         script_param_edges(visited, v)
  69       end
  70     when String
  71       return if sp.empty?
  72       m = collection_uuid(sp)
  73       if m
  74         generate_provenance_edges(visited, m)
  75       end
  76     end
  77   end
  78
  79   def generate_provenance_edges(visited, uuid)
  80     m = collection_uuid(uuid)
  81     uuid = m if m
  82
  83     if not uuid or uuid.empty? or visited[uuid]
  84       return ""
  85     end
  86
  87     logger.debug "visiting #{uuid}"
  88
  89     if m
  90       # uuid is a collection
  91       Collection.readable_by(current_user).where(uuid: uuid).each do |c|
  92         visited[uuid] = c.as_api_response
  93         visited[uuid][:files] = []
  94         c.files.each do |f|
  95           visited[uuid][:files] << f
  96         end
  97       end
  98
  99       Job.readable_by(current_user).where(output: uuid).each do |job|
 100         generate_provenance_edges(visited, job.uuid)
 101       end
 102
 103       Job.readable_by(current_user).where(log: uuid).each do |job|
 104         generate_provenance_edges(visited, job.uuid)
 105       end
 106
 107     else
 108       # uuid is something else
 109       rsc = ArvadosModel::resource_class_for_uuid uuid
 110       if rsc == Job
 111         Job.readable_by(current_user).where(uuid: uuid).each do |job|
 112           visited[uuid] = job.as_api_response
 113           script_param_edges(visited, job.script_parameters)
 114         end
 115       elsif rsc != nil
 116         rsc.where(uuid: uuid).each do |r|
 117           visited[uuid] = r.as_api_response
 118         end
 119       end
 120     end
 121
 122     Link.readable_by(current_user).
 123       where(head_uuid: uuid, link_class: "provenance").
 124       each do |link|
 125       visited[link.uuid] = link.as_api_response
 126       generate_provenance_edges(visited, link.tail_uuid)
 127     end
 128
 129     #puts "finished #{uuid}"
 130   end
 131
 132   def provenance
 133     visited = {}
 134     generate_provenance_edges(visited, @object[:uuid])
 135     render json: visited
 136   end
 137
 138   def generate_used_by_edges(visited, uuid)
 139     m = collection_uuid(uuid)
 140     uuid = m if m
 141
 142     if not uuid or uuid.empty? or visited[uuid]
 143       return ""
 144     end
 145
 146     logger.debug "visiting #{uuid}"
 147
 148     if m
 149       # uuid is a collection
 150       Collection.readable_by(current_user).where(uuid: uuid).each do |c|
 151         visited[uuid] = c.as_api_response
 152         visited[uuid][:files] = []
 153         c.files.each do |f|
 154           visited[uuid][:files] << f
 155         end
 156       end
 157
 158       if uuid == "d41d8cd98f00b204e9800998ecf8427e+0"
 159         # special case for empty collection
 160         return
 161       end
 162
 163       Job.readable_by(current_user).where(["jobs.script_parameters like ?", "%#{uuid}%"]).each do |job|
 164         generate_used_by_edges(visited, job.uuid)
 165       end
 166
 167     else
 168       # uuid is something else
 169       rsc = ArvadosModel::resource_class_for_uuid uuid
 170       if rsc == Job
 171         Job.readable_by(current_user).where(uuid: uuid).each do |job|
 172           visited[uuid] = job.as_api_response
 173           generate_used_by_edges(visited, job.output)
 174         end
 175       elsif rsc != nil
 176         rsc.where(uuid: uuid).each do |r|
 177           visited[uuid] = r.as_api_response
 178         end
 179       end
 180     end
 181
 182     Link.readable_by(current_user).
 183       where(tail_uuid: uuid, link_class: "provenance").
 184       each do |link|
 185       visited[link.uuid] = link.as_api_response
 186       generate_used_by_edges(visited, link.head_uuid)
 187     end
 188
 189     #puts "finished #{uuid}"
 190   end
 191
 192   def used_by
 193     visited = {}
 194     generate_used_by_edges(visited, @object[:uuid])
 195     render json: visited
 196   end
 197
 198   protected
 199   def find_object_by_uuid
 200     super
 201     if !@object and !params[:uuid].match(/^[0-9a-f]+\+\d+$/)
 202       # Normalize the given uuid and search again.
 203       hash_part = params[:uuid].match(/^([0-9a-f]*)/)[1]
 204       collection = Collection.where('uuid like ?', hash_part + '+%').first
 205       if collection
 206         # We know the collection exists, and what its real uuid is in
 207         # the database. Now, throw out @objects and repeat the usual
 208         # lookup procedure. (Returning the collection at this point
 209         # would bypass permission checks.)
 210         @objects = nil
 211         @where = { uuid: collection.uuid }
 212         find_objects_for_index
 213         @object = @objects.first
 214       end
 215     end
 216   end
 217
 218 end