if !new_record? && !current_user.can?(manage: uuid)
raise PermissionDeniedError
end
- if trash_at || delete_at || !new_record? && TrashedGroup.where(group_uuid: uuid).any?
+ if trash_at || delete_at || (!new_record? && TrashedGroup.where(group_uuid: uuid).any?)
errors.add(:frozen_by_uuid, "cannot be set on a trashed project")
end
if frozen_by_uuid_was.nil?
"Group.update_frozen.select",
[[nil, self.uuid],
[nil, !self.frozen_by_uuid.nil?]])
+ if frozen_by_uuid
+ rows = ActiveRecord::Base.connection.exec_query(
+ "select cr.uuid, cr.state from container_requests cr, #{temptable} frozen " +
+ "where cr.owner_uuid = frozen.uuid and frozen.is_frozen " +
+ "and cr.state not in ($1, $2) limit 1",
+ "Group.update_frozen.check_container_requests",
+ [[nil, ContainerRequest::Uncommitted],
+ [nil, ContainerRequest::Final]])
+ if rows.any?
+ raise ArgumentError.new("cannot freeze project containing container request #{rows.first['uuid']} with state = #{rows.first['state']}")
+ end
+ end
ActiveRecord::Base.connection.exec_delete(
"delete from frozen_groups where uuid in (select uuid from #{temptable} where not is_frozen)",
"Group.update_frozen.delete")
def permission_to_update
if !super
return false
- elsif frozen_by_uuid && frozen_by_uuid_in_database
+ elsif frozen_by_uuid && frozen_by_uuid_was
errors.add :uuid, "#{uuid} is frozen and cannot be modified"
return false
else