1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: AGPL-3.0
5 # Protect referential integrity of owner_uuid columns in other tables
6 # that can refer to the uuid column in this table.
10 def self.included(base)
11 base.extend(ClassMethods)
13 # Rails' "has_many" can prevent us from destroying the owner
14 # record when other objects refer to it.
15 ActiveRecord::Base.connection.tables.each do |t|
16 next if t == base.table_name
19 'permission_refresh_lock',
20 'ar_internal_metadata',
27 'materialized_permissions',
35 klass = t.classify.constantize
36 next unless klass and 'owner_uuid'.in?(klass.columns.collect(&:name))
37 base.has_many(t.to_sym,
38 foreign_key: 'owner_uuid',
40 dependent: :restrict_with_exception)
42 # We need custom protection for changing an owner's primary
43 # key. (Apart from this restriction, admins are allowed to change
45 base.validate :restrict_uuid_change_breaking_associations
49 def install_view(type)
50 conn = ActiveRecord::Base.connection
52 # Check whether the temporary view has already been created
53 # during this connection. If not, create it.
54 conn.exec_query "SAVEPOINT check_#{type}_view"
56 conn.exec_query("SELECT 1 FROM #{type}_view LIMIT 0")
58 conn.exec_query "ROLLBACK TO SAVEPOINT check_#{type}_view"
59 sql = File.read(Rails.root.join("lib", "create_#{type}_view.sql"))
62 conn.exec_query "RELEASE SAVEPOINT check_#{type}_view"
68 def descendant_project_uuids
69 self.class.install_view('ancestor')
70 ActiveRecord::Base.connection.
71 exec_query('SELECT ancestor_view.uuid
73 LEFT JOIN groups ON groups.uuid=ancestor_view.uuid
74 WHERE ancestor_uuid = $1 AND groups.group_class = $2',
75 # "name" arg is a query label that appears in logs:
76 "descendant_project_uuids for #{self.uuid}",
77 # "binds" arg is an array of [col_id, value] for '$1' vars:
78 [self.uuid, 'project'],
79 ).rows.map do |project_uuid,|
86 def restrict_uuid_change_breaking_associations
87 return true if new_record? or not uuid_changed?
89 # Check for objects that have my old uuid listed as their owner.
90 self.class.reflect_on_all_associations(:has_many).each do |assoc|
91 next unless assoc.foreign_key == 'owner_uuid'
92 if assoc.klass.where(owner_uuid: uuid_was).any?
94 "cannot be changed on a #{self.class} that owns objects")
99 # if I owned myself before, I'll just continue to own myself with
101 if owner_uuid == uuid_was
102 self.owner_uuid = uuid