projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add trait resource
[arvados.git] / services / api / app / models / arvados_model.rb
diff --git a/services/api/app/models/arvados_model.rb b/services/api/app/models/arvados_model.rb
index 2a19a60c585a9404a08c451ac2d17200a3519cde..c5c3dd2579111ba0d17a7f776996d43a30d88422 100644 (file)
--- a/services/api/app/models/arvados_model.rb
+++ b/services/api/app/models/arvados_model.rb
@@ -13,6 +13,8 @@ class ArvadosModel < ActiveRecord::Base
   before_update :maybe_update_modified_by_fields
   validate :ensure_serialized_attribute_type
 
+  has_many :permissions, :foreign_key => :head_uuid, :class_name => 'Link', :primary_key => :uuid, :conditions => "link_class = 'permission'"
+
   class PermissionDeniedError < StandardError
   end
 
@@ -40,7 +42,7 @@ class ArvadosModel < ActiveRecord::Base
   end
 
   def permission_to_create
-    current_user
+    current_user.andand.is_active
   end
 
   def ensure_permission_to_update
@@ -52,6 +54,10 @@ class ArvadosModel < ActiveRecord::Base
       logger.warn "Anonymous user tried to update #{self.class.to_s} #{self.uuid_was}"
       return false
     end
+    if !current_user.is_active
+      logger.warn "Inactive user #{current_user.uuid} tried to update #{self.class.to_s} #{self.uuid_was}"
+      return false
+    end
     if self.uuid_changed?
       logger.warn "User #{current_user.uuid} tried to change uuid of #{self.class.to_s} #{self.uuid_was} to #{self.uuid}"
       return false