projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix permissions to accommodate nodes#ping and user_sessions#create exemptions
[arvados.git] / app / models / orvos_model.rb
diff --git a/app/models/orvos_model.rb b/app/models/orvos_model.rb
index 411296c127a25764ae3f931793ffd384678df112..7ed6e4e5bfa145383caaa1e69665f81e3390034e 100644 (file)
--- a/app/models/orvos_model.rb
+++ b/app/models/orvos_model.rb
@@ -7,7 +7,8 @@ class OrvosModel < ActiveRecord::Base
   attr_protected :modified_by_user
   attr_protected :modified_by_client
   attr_protected :modified_at
-  before_update :permission_to_update
+  before_create :ensure_permission_to_create
+  before_update :ensure_permission_to_update
   before_create :update_modified_by_fields
   before_update :update_modified_by_fields
 
@@ -30,6 +31,18 @@ class OrvosModel < ActiveRecord::Base
 
   protected
 
+  def ensure_permission_to_create
+    raise "Permission denied" unless permission_to_create
+  end
+
+  def permission_to_create
+    current_user
+  end
+
+  def ensure_permission_to_update
+    raise "Permission denied" unless permission_to_update
+  end
+
   def permission_to_update
     if !current_user
       logger.warn "Anonymous user tried to update #{self.class.to_s} #{self.uuid_was}"