services/api/app/controllers/arvados/v1/collections_controller.rb

   1 class Arvados::V1::CollectionsController < ApplicationController
   2   def create
   3     # Collections are owned by system_user. Creating a collection has
   4     # two effects: The collection is added if it doesn't already
   5     # exist, and a "permission" Link is added (if one doesn't already
   6     # exist) giving the current user (or specified owner_uuid)
   7     # permission to read it.
   8     owner_uuid = resource_attrs.delete(:owner_uuid) || current_user.uuid
   9     owner_kind = if owner_uuid.match(/-(\w+)-/)[1] == User.uuid_prefix
  10                    'arvados#user'
  11                  else
  12                    'arvados#group'
  13                  end
  14     unless current_user.can? write: owner_uuid
  15       logger.warn "User #{current_user.andand.uuid} tried to set collection owner_uuid to #{owner_uuid}"
  16       raise ArvadosModel::PermissionDeniedError
  17     end
  18     act_as_system_user do
  19       @object = model_class.new resource_attrs.reject { |k,v| k == :owner_uuid }
  20       begin
  21         @object.save!
  22       rescue ActiveRecord::RecordNotUnique
  23         logger.debug resource_attrs.inspect
  24         if resource_attrs[:manifest_text] and resource_attrs[:uuid]
  25           @existing_object = model_class.
  26             where('uuid=? and manifest_text=?',
  27                   resource_attrs[:uuid],
  28                   resource_attrs[:manifest_text]).
  29             first
  30           @object = @existing_object || @object
  31         end
  32       end
  33
  34       if @object
  35         link_attrs = {
  36           owner_uuid: owner_uuid,
  37           link_class: 'permission',
  38           name: 'can_read',
  39           head_kind: 'arvados#collection',
  40           head_uuid: @object.uuid,
  41           tail_kind: owner_kind,
  42           tail_uuid: owner_uuid
  43         }
  44         ActiveRecord::Base.transaction do
  45           if Link.where(link_attrs).empty?
  46             Link.create! link_attrs
  47           end
  48         end
  49       end
  50     end
  51     show
  52   end
  53
  54   def collection_uuid(uuid)
  55     m = /([a-f0-9]{32}(\+[0-9]+)?)(\+.*)?/.match(uuid)
  56     if m
  57       m[1]
  58     else
  59       nil
  60     end
  61   end
  62
  63   def script_param_edges(visited, sp)
  64     case sp
  65     when Hash
  66       sp.each do |k, v|
  67         script_param_edges(visited, v)
  68       end
  69     when Array
  70       sp.each do |v|
  71         script_param_edges(visited, v)
  72       end
  73     when String
  74       return if sp.empty?
  75       m = collection_uuid(sp)
  76       if m
  77         generate_provenance_edges(visited, m)
  78       end
  79     end
  80   end
  81
  82   def generate_provenance_edges(visited, uuid)
  83     m = collection_uuid(uuid)
  84     uuid = m if m
  85
  86     if not uuid or uuid.empty? or visited[uuid]
  87       return ""
  88     end
  89
  90     logger.debug "visiting #{uuid}"
  91
  92     if m
  93       # uuid is a collection
  94       Collection.readable_by(current_user).where(uuid: uuid).each do |c|
  95         visited[uuid] = c.as_api_response
  96         visited[uuid][:files] = []
  97         c.files.each do |f|
  98           visited[uuid][:files] << f
  99         end
 100       end
 101
 102       Job.readable_by(current_user).where(output: uuid).each do |job|
 103         generate_provenance_edges(visited, job.uuid)
 104       end
 105
 106       Job.readable_by(current_user).where(log: uuid).each do |job|
 107         generate_provenance_edges(visited, job.uuid)
 108       end
 109
 110     else
 111       # uuid is something else
 112       rsc = ArvadosModel::resource_class_for_uuid uuid
 113       if rsc == Job
 114         Job.readable_by(current_user).where(uuid: uuid).each do |job|
 115           visited[uuid] = job.as_api_response
 116           script_param_edges(visited, job.script_parameters)
 117         end
 118       elsif rsc != nil
 119         rsc.where(uuid: uuid).each do |r|
 120           visited[uuid] = r.as_api_response
 121         end
 122       end
 123     end
 124
 125     Link.readable_by(current_user).
 126       where(head_uuid: uuid, link_class: "provenance").
 127       each do |link|
 128       visited[link.uuid] = link.as_api_response
 129       generate_provenance_edges(visited, link.tail_uuid)
 130     end
 131
 132     #puts "finished #{uuid}"
 133   end
 134
 135   def provenance
 136     visited = {}
 137     generate_provenance_edges(visited, @object[:uuid])
 138     render json: visited
 139   end
 140
 141   def generate_used_by_edges(visited, uuid)
 142     m = collection_uuid(uuid)
 143     uuid = m if m
 144
 145     if not uuid or uuid.empty? or visited[uuid]
 146       return ""
 147     end
 148
 149     logger.debug "visiting #{uuid}"
 150
 151     if m
 152       # uuid is a collection
 153       Collection.readable_by(current_user).where(uuid: uuid).each do |c|
 154         visited[uuid] = c.as_api_response
 155         visited[uuid][:files] = []
 156         c.files.each do |f|
 157           visited[uuid][:files] << f
 158         end
 159       end
 160
 161       if uuid == "d41d8cd98f00b204e9800998ecf8427e+0"
 162         # special case for empty collection
 163         return
 164       end
 165
 166       Job.readable_by(current_user).where(["jobs.script_parameters like ?", "%#{uuid}%"]).each do |job|
 167         generate_used_by_edges(visited, job.uuid)
 168       end
 169
 170     else
 171       # uuid is something else
 172       rsc = ArvadosModel::resource_class_for_uuid uuid
 173       if rsc == Job
 174         Job.readable_by(current_user).where(uuid: uuid).each do |job|
 175           visited[uuid] = job.as_api_response
 176           generate_used_by_edges(visited, job.output)
 177         end
 178       elsif rsc != nil
 179         rsc.where(uuid: uuid).each do |r|
 180           visited[uuid] = r.as_api_response
 181         end
 182       end
 183     end
 184
 185     Link.readable_by(current_user).
 186       where(tail_uuid: uuid, link_class: "provenance").
 187       each do |link|
 188       visited[link.uuid] = link.as_api_response
 189       generate_used_by_edges(visited, link.head_uuid)
 190     end
 191
 192     #puts "finished #{uuid}"
 193   end
 194
 195   def used_by
 196     visited = {}
 197     generate_used_by_edges(visited, @object[:uuid])
 198     render json: visited
 199   end
 200
 201   protected
 202   def find_object_by_uuid
 203     super
 204     if !@object and !params[:uuid].match(/^[0-9a-f]+\+\d+$/)
 205       # Normalize the given uuid and search again.
 206       hash_part = params[:uuid].match(/^([0-9a-f]*)/)[1]
 207       collection = Collection.where('uuid like ?', hash_part + '+%').first
 208       if collection
 209         # We know the collection exists, and what its real uuid is in
 210         # the database. Now, throw out @objects and repeat the usual
 211         # lookup procedure. (Returning the collection at this point
 212         # would bypass permission checks.)
 213         @objects = nil
 214         @where = { uuid: collection.uuid }
 215         find_objects_for_index
 216         @object = @objects.first
 217       end
 218     end
 219   end
 220
 221 end