projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch '8784-dir-listings'
[arvados.git] / services / api / app / models / log.rb
diff --git a/services/api/app/models/log.rb b/services/api/app/models/log.rb
index 34e6dfa354ca93a742ca4913b89d40d7accab147..73f143e8c3c2e98f5164db5f108ce9004930460e 100644 (file)
--- a/services/api/app/models/log.rb
+++ b/services/api/app/models/log.rb
@@ -1,10 +1,17 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+require 'audit_logs'
+
 class Log < ArvadosModel
   include HasUuid
   include KindAndEtag
   include CommonApiTemplate
   serialize :properties, Hash
   before_validation :set_default_event_at
-  attr_accessor :object, :object_kind
+  after_save :send_notify
+  after_commit { AuditLogs.tidy_in_background }
 
   api_accessible :user, extend: :common do |t|
     t.add :id
@@ -46,12 +53,30 @@ class Log < ArvadosModel
       self.event_at = thing.created_at
     when "update"
       self.event_at = thing.modified_at
-    when "destroy"
-      self.event_at = Time.now
+    when "delete"
+      self.event_at = db_current_time
     end
     self
   end
 
+  def self.readable_by(*users_list)
+    if users_list.select { |u| u.is_admin }.any?
+      return self
+    end
+    user_uuids = users_list.map { |u| u.uuid }
+    uuid_list = user_uuids + users_list.flat_map { |u| u.groups_i_can(:read) }
+    uuid_list.uniq!
+    permitted = "(SELECT head_uuid FROM links WHERE link_class='permission' AND tail_uuid IN (:uuids))"
+    joins("LEFT JOIN container_requests ON container_requests.container_uuid=logs.object_uuid").
+      where("logs.object_uuid IN #{permitted} OR "+
+            "container_requests.uuid IN (:uuids) OR "+
+            "container_requests.owner_uuid IN (:uuids) OR "+
+            "logs.object_uuid IN (:uuids) OR "+
+            "logs.owner_uuid IN (:uuids) OR "+
+            "logs.object_owner_uuid IN (:uuids)",
+            uuids: uuid_list)
+  end
+
   protected
 
   def permission_to_create
@@ -65,7 +90,7 @@ class Log < ArvadosModel
   alias_method :permission_to_delete, :permission_to_update
 
   def set_default_event_at
-    self.event_at ||= Time.now
+    self.event_at ||= db_current_time
   end
 
   def log_start_state
@@ -80,4 +105,7 @@ class Log < ArvadosModel
     # logs can have references to deleted objects
   end
 
+  def send_notify
+    ActiveRecord::Base.connection.execute "NOTIFY logs, '#{self.id}'"
+  end
 end