projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' into 6859-fix-invalid-manifests
[arvados.git] / services / api / lib / has_uuid.rb
diff --git a/services/api/lib/has_uuid.rb b/services/api/lib/has_uuid.rb
index 481d27a037ed4036561bf499e2ae94af6c71011d..e0a56134fc2fbbaffe0674c9d425c1bd25bb31c9 100644 (file)
--- a/services/api/lib/has_uuid.rb
+++ b/services/api/lib/has_uuid.rb
@@ -1,7 +1,10 @@
 module HasUuid
 
+  UUID_REGEX = /^[0-9a-z]{5}-([0-9a-z]{5})-[0-9a-z]{15}$/
+
   def self.included(base)
     base.extend(ClassMethods)
+    base.validate :validate_uuid
     base.before_create :assign_uuid
     base.before_destroy :destroy_permission_links
     base.has_many :links_via_head, class_name: 'Link', foreign_key: :head_uuid, primary_key: :uuid, conditions: "not (link_class = 'permission')", dependent: :restrict
@@ -26,13 +29,38 @@ module HasUuid
     self.respond_to? :uuid
   end
 
-  def assign_uuid
-    return true if !self.respond_to_uuid?
-    if (uuid.is_a?(String) and uuid.length>0 and
-        current_user and current_user.is_admin)
+  def validate_uuid
+    if self.respond_to_uuid? and self.uuid_changed?
+      if current_user.andand.is_admin and self.uuid.is_a?(String)
+        if (re = self.uuid.match HasUuid::UUID_REGEX)
+          if re[1] == self.class.uuid_prefix
+            return true
+          else
+            self.errors.add(:uuid, "type field is '#{re[1]}', expected '#{self.class.uuid_prefix}'")
+            return false
+          end
+        else
+          self.errors.add(:uuid, "not a valid Arvados uuid '#{self.uuid}'")
+          return false
+        end
+      else
+        if self.new_record?
+          self.errors.add(:uuid, "assignment not permitted")
+        else
+          self.errors.add(:uuid, "change not permitted")
+        end
+        return false
+      end
+    else
       return true
     end
-    self.uuid = self.class.generate_uuid
+  end
+
+  def assign_uuid
+    if self.respond_to_uuid? and self.uuid.nil? or self.uuid.empty?
+      self.uuid = self.class.generate_uuid
+    end
+    true
   end
 
   def destroy_permission_links