projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add PipelineInvocation#active, and try to set success=false when needed
[arvados.git] / app / models / orvos_model.rb
diff --git a/app/models/orvos_model.rb b/app/models/orvos_model.rb
index fb799dc718986428486920b77de92af290d22fc5..c26ac7e0baa2e82bc277a153e504d653ce148d9f 100644 (file)
--- a/app/models/orvos_model.rb
+++ b/app/models/orvos_model.rb
@@ -3,14 +3,12 @@ class OrvosModel < ActiveRecord::Base
 
   include CurrentApiClient      # current_user, current_api_client, etc.
 
-  attr_protected :created_by_user
-  attr_protected :created_by_client
   attr_protected :created_at
   attr_protected :modified_by_user
   attr_protected :modified_by_client
   attr_protected :modified_at
-  before_create :initialize_created_by_fields
   before_update :permission_to_update
+  before_create :update_modified_by_fields
   before_update :update_modified_by_fields
 
   def self.kind_class(kind)
@@ -22,10 +20,10 @@ class OrvosModel < ActiveRecord::Base
       re = col.name.match /^(.*)_kind$/
       if (re and
           self.respond_to? re[1].to_sym and
-          (auuid = self.send(re[1].to_sym)) and
+          (auuid = self.send((re[1] + '_uuid').to_sym)) and
           (aclass = self.class.kind_class(self.send(col.name.to_sym))) and
           (aobject = aclass.where('uuid=?', auuid).first))
-        self.send((re[1]+'=').to_sym, aobject)
+        self.instance_variable_set('@'+re[1], aobject)
       end
     end
   end
@@ -34,29 +32,32 @@ class OrvosModel < ActiveRecord::Base
 
   def permission_to_update
     return false unless current_user
-    self.created_by_user == current_user.uuid or
+    return true if current_user.is_admin
+    if self.owner_changed? and
+        self.owner_was != current_user.uuid and
+        0 == Link.where(link_class: 'permission',
+                        name: 'can_pillage',
+                        tail_uuid: self.owner,
+                        head_uuid: current_user.uuid).count
+      logger.warn "User #{current_user.uuid} tried to change owner of #{self.class.to_s} #{self.uuid} to #{self.owner}"
+      return false
+    end
+    self.owner == current_user.uuid or
       current_user.is_admin or
       current_user.uuid == self.uuid or
-      Metadatum.where(metadata_class: 'permission',
-                      name: 'can_write',
-                      tail: self.uuid,
-                      head: current_user.uuid).count > 0
+      Link.where(link_class: 'permission',
+                 name: 'can_write',
+                 tail_uuid: self.owner,
+                 head_uuid: current_user.uuid).count > 0
   end
 
   def update_modified_by_fields
     if self.changed?
+      self.created_at ||= Time.now
+      self.owner ||= current_user.uuid
       self.modified_at = Time.now
       self.modified_by_user = current_user.uuid
-      self.modified_by_client = current_api_client.uuid
+      self.modified_by_client = current_api_client ? current_api_client.uuid : nil
     end
   end
-
-  def initialize_created_by_fields
-    self.created_at = Time.now
-    self.created_by_user = current_user.uuid
-    self.created_by_client = current_api_client.uuid
-    self.modified_at = Time.now
-    self.modified_by_user = current_user.uuid
-    self.modified_by_client = current_api_client.uuid
-  end
 end