projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch '1977-provenance-report' of git.clinicalfuture.com:arvados into 1977...
[arvados.git]
/
services
/
api
/
app
/
controllers
/
arvados
/
v1
/
collections_controller.rb
diff --git
a/services/api/app/controllers/arvados/v1/collections_controller.rb
b/services/api/app/controllers/arvados/v1/collections_controller.rb
index 9198f583d3f11db63d2359440b6a981c0bf7d746..294e092f6cf7e253994c624e3ff476c265b09db3 100644
(file)
--- a/
services/api/app/controllers/arvados/v1/collections_controller.rb
+++ b/
services/api/app/controllers/arvados/v1/collections_controller.rb
@@
-12,6
+12,7
@@
class Arvados::V1::CollectionsController < ApplicationController
'arvados#group'
end
unless current_user.can? write: owner_uuid
'arvados#group'
end
unless current_user.can? write: owner_uuid
+ logger.warn "User #{current_user.andand.uuid} tried to set collection owner_uuid to #{owner_uuid}"
raise ArvadosModel::PermissionDeniedError
end
act_as_system_user do
raise ArvadosModel::PermissionDeniedError
end
act_as_system_user do
@@
-87,11
+88,11
@@
class Arvados::V1::CollectionsController < ApplicationController
return ""
end
return ""
end
-
#puts
"visiting #{uuid}"
+
logger.debug
"visiting #{uuid}"
if m
# uuid is a collection
if m
# uuid is a collection
- Collection.where(uuid: uuid).each do |c|
+ Collection.
readable_by(current_user).
where(uuid: uuid).each do |c|
visited[uuid] = c.as_api_response
visited[uuid][:files] = []
c.files.each do |f|
visited[uuid] = c.as_api_response
visited[uuid][:files] = []
c.files.each do |f|
@@
-99,11
+100,11
@@
class Arvados::V1::CollectionsController < ApplicationController
end
end
end
end
- Job.where(output: uuid).each do |job|
+ Job.
readable_by(current_user).
where(output: uuid).each do |job|
generate_provenance_edges(visited, job.uuid)
end
generate_provenance_edges(visited, job.uuid)
end
- Job.where(log: uuid).each do |job|
+ Job.
readable_by(current_user).
where(log: uuid).each do |job|
generate_provenance_edges(visited, job.uuid)
end
generate_provenance_edges(visited, job.uuid)
end
@@
-111,7
+112,7
@@
class Arvados::V1::CollectionsController < ApplicationController
# uuid is something else
rsc = ArvadosModel::resource_class_for_uuid uuid
if rsc == Job
# uuid is something else
rsc = ArvadosModel::resource_class_for_uuid uuid
if rsc == Job
- Job.where(uuid: uuid).each do |job|
+ Job.
readable_by(current_user).
where(uuid: uuid).each do |job|
visited[uuid] = job.as_api_response
script_param_edges(visited, job.script_parameters)
end
visited[uuid] = job.as_api_response
script_param_edges(visited, job.script_parameters)
end
@@
-122,7
+123,9
@@
class Arvados::V1::CollectionsController < ApplicationController
end
end
end
end
- Link.where(head_uuid: uuid, link_class: "provenance").each do |link|
+ Link.readable_by(current_user).
+ where(head_uuid: uuid, link_class: "provenance").
+ each do |link|
visited[link.uuid] = link.as_api_response
generate_provenance_edges(visited, link.tail_uuid)
end
visited[link.uuid] = link.as_api_response
generate_provenance_edges(visited, link.tail_uuid)
end