Merge branch '3178-discoverable-parameters' closes #3178

[arvados.git] / services / api / app / models / user.rb

diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index e79c485f17493cde51cb7bec59c212bb5dc7857e..4fc6204eb504cf941e14abba0d15113dd1935ccc 100644 (file)
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -51,9 +51,13 @@ class User < ArvadosModel
   def can?(actions)
     return true if is_admin
     actions.each do |action, target|
-      target_uuid = target
-      if target.respond_to? :uuid
-        target_uuid = target.uuid
+      unless target.nil?
+        if target.respond_to? :uuid
+          target_uuid = target.uuid
+        else
+          target_uuid = target
+          target = ArvadosModel.find_by_uuid(target_uuid)
+        end
       end
       next if target_uuid == self.uuid
       next if (group_permissions[target_uuid] and
@@ -157,7 +161,7 @@ class User < ArvadosModel
     # delete repo_perms for this user
     repo_perms = Link.where(tail_uuid: self.uuid,
                             link_class: 'permission',
-                            name: 'can_write')
+                            name: 'can_manage')
     repo_perms.each do |perm|
       Link.delete perm
     end
@@ -214,7 +218,7 @@ class User < ArvadosModel
 
   def check_auto_admin
     if User.where("uuid not like '%-000000000000000'").where(:is_admin => true).count == 0 and Rails.configuration.auto_admin_user
-      if current_user.email == Rails.configuration.auto_admin_user
+      if self.email == Rails.configuration.auto_admin_user
         self.is_admin = true
         self.is_active = true
       end
@@ -308,7 +312,7 @@ class User < ArvadosModel
       repo_perms = Link.where(tail_uuid: self.uuid,
                               head_uuid: repo[:uuid],
                               link_class: 'permission',
-                              name: 'can_write')
+                              name: 'can_manage')
       if repo_perms.any?
         logger.warn "User already has repository access " +
             repo_perms.collect { |p| p[:uuid] }.inspect
@@ -323,7 +327,7 @@ class User < ArvadosModel
     repo_perm = Link.create(tail_uuid: self.uuid,
                             head_uuid: repo[:uuid],
                             link_class: 'permission',
-                            name: 'can_write')
+                            name: 'can_manage')
     logger.info { "repo permission: " + repo_perm[:uuid] }
     return repo_perm
   end