before_create :update_modified_by_fields
before_update :maybe_update_modified_by_fields
validate :ensure_serialized_attribute_type
+ validate :normalize_collection_uuids
has_many :permissions, :foreign_key => :head_uuid, :class_name => 'Link', :primary_key => :uuid, :conditions => "link_class = 'permission'"
end
end
+ def self.readable_by user
+ uuid_list = [user.uuid, *user.groups_i_can(:read)]
+ sanitized_uuid_list = uuid_list.
+ collect { |uuid| sanitize(uuid) }.join(', ')
+ or_references_me = ''
+ if self == Link and user
+ or_references_me = "OR (#{table_name}.link_class in (#{sanitize 'permission'}, #{sanitize 'resources'}) AND #{sanitize user.uuid} IN (#{table_name}.head_uuid, #{table_name}.tail_uuid))"
+ end
+ joins("LEFT JOIN links permissions ON permissions.head_uuid in (#{table_name}.owner_uuid, #{table_name}.uuid) AND permissions.tail_uuid in (#{sanitized_uuid_list}) AND permissions.link_class='permission'").
+ where("?=? OR #{table_name}.owner_uuid in (?) OR #{table_name}.uuid=? OR permissions.head_uuid IS NOT NULL #{or_references_me}",
+ true, user.is_admin,
+ uuid_list,
+ user.uuid)
+ end
+
protected
def ensure_permission_to_create
end
end
+ def foreign_key_attributes
+ attributes.keys.select { |a| a.match /_uuid$/ }
+ end
+
+ def normalize_collection_uuids
+ foreign_key_attributes.each do |attr|
+ attr_value = send attr
+ if attr_value.is_a? String and
+ attr_value.match /^[0-9a-f]{32,}(\+[@\w]+)*$/
+ begin
+ send "#{attr}=", Collection.normalize_uuid(attr_value)
+ rescue
+ # TODO: abort instead of silently accepting unnormalizable value?
+ end
+ end
+ end
+ end
+
def self.resource_class_for_uuid(uuid)
if uuid.is_a? ArvadosModel
return uuid.class