closes #9709

[arvados.git] / services / api / app / models / collection.rb

diff --git a/services/api/app/models/collection.rb b/services/api/app/models/collection.rb
index 99a09bd8e5d885324c1b073975a1c92ebc88ff5b..248c8b98245bd5628096fa60ba0f3ed2b7ea66e9 100644 (file)
--- a/services/api/app/models/collection.rb
+++ b/services/api/app/models/collection.rb
@@ -8,15 +8,17 @@ class Collection < ArvadosModel
 
   serialize :properties, Hash
 
+  before_validation :default_empty_manifest
   before_validation :check_encoding
   before_validation :check_manifest_validity
   before_validation :check_signatures
   before_validation :strip_signatures_and_update_replication_confirmed
   validate :ensure_pdh_matches_manifest_text
   before_save :set_file_names
+  before_save :expires_at_not_in_past
 
   # Query only undeleted collections by default.
-  default_scope where("expires_at IS NULL or expires_at > CURRENT_TIMESTAMP")
+  default_scope where("expires_at IS NULL or expires_at > statement_timestamp()")
 
   api_accessible :user, extend: :common do |t|
     t.add :name
@@ -27,6 +29,7 @@ class Collection < ArvadosModel
     t.add :replication_desired
     t.add :replication_confirmed
     t.add :replication_confirmed_at
+    t.add :expires_at
   end
 
   def self.attributes_required_columns
@@ -36,7 +39,10 @@ class Collection < ArvadosModel
                 # expose signed_manifest_text as manifest_text in the
                 # API response, and never let clients select the
                 # manifest_text column.
-                'manifest_text' => ['manifest_text'],
+                #
+                # We need expires_at to determine the correct
+                # timestamp in signed_manifest_text.
+                'manifest_text' => ['manifest_text', 'expires_at'],
                 )
   end
 
@@ -171,6 +177,10 @@ class Collection < ArvadosModel
     names[0,2**12]
   end
 
+  def default_empty_manifest
+    self.manifest_text ||= ''
+  end
+
   def check_encoding
     if manifest_text.encoding.name == 'UTF-8' and manifest_text.valid_encoding?
       true
@@ -197,8 +207,8 @@ class Collection < ArvadosModel
     begin
       Keep::Manifest.validate! manifest_text
       true
-    rescue => e
-      logger.warn e
+    rescue ArgumentError => e
+      errors.add :manifest_text, e.message
       false
     end
   end
@@ -206,14 +216,19 @@ class Collection < ArvadosModel
   def signed_manifest_text
     if has_attribute? :manifest_text
       token = current_api_client_authorization.andand.api_token
-      @signed_manifest_text = self.class.sign_manifest manifest_text, token
+      exp = [db_current_time.to_i + Rails.configuration.blob_signature_ttl,
+             expires_at].compact.map(&:to_i).min
+      @signed_manifest_text = self.class.sign_manifest manifest_text, token, exp
     end
   end
 
-  def self.sign_manifest manifest, token
+  def self.sign_manifest manifest, token, exp=nil
+    if exp.nil?
+      exp = db_current_time.to_i + Rails.configuration.blob_signature_ttl
+    end
     signing_opts = {
       api_token: token,
-      expire: db_current_time.to_i + Rails.configuration.blob_signature_ttl,
+      expire: exp,
     }
     m = munge_manifest_locators(manifest) do |match|
       Blob.sign_locator(match[0], signing_opts)
@@ -341,6 +356,12 @@ class Collection < ArvadosModel
     super - ["manifest_text"]
   end
 
+  def logged_attributes
+    attrs = attributes.dup
+    attrs.delete('manifest_text')
+    attrs
+  end
+
   protected
   def portable_manifest_text
     self.class.munge_manifest_locators(manifest_text) do |match|
@@ -376,4 +397,14 @@ class Collection < ArvadosModel
     end
     super
   end
+
+  # If expires_at is being changed to a time in the past, change it to
+  # now. This allows clients to say "expires {client-current-time}"
+  # without failing due to clock skew, while avoiding odd log entries
+  # like "expiry date changed to {1 year ago}".
+  def expires_at_not_in_past
+    if expires_at_changed? and expires_at
+      self.expires_at = [db_current_time, expires_at].max
+    end
+  end
 end