1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
5 class Arvados::V1::LinksController < ApplicationController
7 def check_uuid_kind uuid, kind
8 if kind and ArvadosModel::resource_class_for_uuid(uuid).andand.kind != kind
9 send_error("'#{kind}' does not match uuid '#{uuid}', expected '#{ArvadosModel::resource_class_for_uuid(uuid).andand.kind}'",
18 return if ! check_uuid_kind resource_attrs[:head_uuid], resource_attrs[:head_kind]
19 return if ! check_uuid_kind resource_attrs[:tail_uuid], resource_attrs[:tail_kind]
21 resource_attrs.delete :head_kind
22 resource_attrs.delete :tail_kind
27 if current_user.andand.can?(manage: @object)
28 # find all links and return them
29 @objects = Link.unscoped.where(link_class: "permission",
30 head_uuid: params[:uuid])
32 @limit = @objects.count
35 render :json => { errors: ['Forbidden'] }.to_json, status: 403
41 def find_object_by_uuid
42 if params[:id] && params[:id].match(/\D/)
43 params[:uuid] = params.delete :id
45 if action_name == 'get_permissions'
46 # get_permissions accepts a UUID for any kind of object.
47 @object = ArvadosModel::resource_class_for_uuid(params[:uuid])
48 .readable_by(*@read_users)
49 .where(uuid: params[:uuid])
54 # The usual permission-filtering index query is unnecessarily
55 # inefficient, and doesn't match all permission links that
56 # should be visible (see #18865). Instead, we look up the link
57 # by UUID, then check whether (a) its tail_uuid is the current
58 # user or (b) its head_uuid is an object the current_user
60 @object = Link.unscoped.where(uuid: params[:uuid]).first
61 if @object.link_class != 'permission'
64 current_user.uuid != @object.tail_uuid &&
65 !current_user.can?(manage: @object.head_uuid)
71 # Overrides ApplicationController load_where_param
75 # head_kind and tail_kind columns are now virtual,
76 # equivalent functionality is now provided by
77 # 'is_a', so fix up any old-style 'where' clauses.
81 @filters << ['head_uuid', 'is_a', @where[:head_kind]]
82 @where.delete :head_kind
85 @filters << ['tail_uuid', 'is_a', @where[:tail_kind]]
86 @where.delete :tail_kind
91 # Overrides ApplicationController load_filters_param
92 def load_filters_param
95 # head_kind and tail_kind columns are now virtual,
96 # equivalent functionality is now provided by
97 # 'is_a', so fix up any old-style 'filter' clauses.
98 @filters = @filters.map do |k|
99 if k[0] == 'head_kind' and k[1] == '='
100 ['head_uuid', 'is_a', k[2]]
101 elsif k[0] == 'tail_kind' and k[1] == '='
102 ['tail_uuid', 'is_a', k[2]]
108 # If the provided filters are enough to limit the results to
109 # permission links with specific head_uuids or
110 # tail_uuid=current_user, bypass the normal readable_by query
111 # (which doesn't match all can_manage-able items, see #18865) --
112 # just ensure the current user actually has can_manage permission
113 # for the provided head_uuids, removing any that don't. At that
114 # point the caller's filters are an effective permission filter.
115 if @filters.include?(['link_class', '=', 'permission'])
117 if k[0] == 'tail_uuid' && k[1] == '=' && k[2] == current_user.uuid
118 @objects = Link.unscoped
119 elsif k[0] == 'head_uuid'
120 if k[1] == '=' && current_user.can?(manage: k[2])
121 @objects = Link.unscoped
123 k[2].select! do |head_uuid|
124 current_user.can?(manage: head_uuid)
126 @objects = Link.unscoped