before_validation :fill_field_defaults, :if => :new_record?
before_validation :set_container
validates :command, :container_image, :output_path, :cwd, :presence => true
+ validate :validate_state_change
validate :validate_change
after_save :update_priority
+ before_create :set_requesting_container_uuid
api_accessible :user, extend: :common do |t|
t.add :command
(Final = 'Final'),
]
+ State_transitions = {
+ nil => [Uncommitted, Committed],
+ Uncommitted => [Committed],
+ Committed => [Final]
+ }
+
+ def state_transitions
+ State_transitions
+ end
+
+ def skip_uuid_read_permission_check
+ # XXX temporary until permissions are sorted out.
+ %w(modified_by_client_uuid container_uuid requesting_container_uuid)
+ end
+
+ def container_completed!
+ # may implement retry logic here in the future.
+ self.state = ContainerRequest::Final
+ self.save!
+ end
+
protected
def fill_field_defaults
self.runtime_constraints ||= {}
self.mounts ||= {}
self.cwd ||= "."
- self.priority ||= 1
+ end
+
+ # Create a new container (or find an existing one) to satisfy this
+ # request.
+ def resolve
+ # TODO: resolve symbolic git and keep references to content
+ # addresses.
+ c = act_as_system_user do
+ Container.create!(command: self.command,
+ container_image: self.container_image,
+ cwd: self.cwd,
+ environment: self.environment,
+ mounts: self.mounts,
+ output_path: self.output_path,
+ runtime_constraints: self.runtime_constraints)
+ end
+ self.container_uuid = c.uuid
end
def set_container
- if self.state_changed?
- if self.state == Committed and (self.state_was == Uncommitted or self.state_was.nil?)
- act_as_system_user do
- self.container_uuid = Container.resolve(self).andand.uuid
- Link.create!(head_uuid: self.container_uuid,
- tail_uuid: self.owner_uuid,
- link_class: "permission",
- name: "can_read")
- end
- end
+ if (container_uuid_changed? and
+ not current_user.andand.is_admin and
+ not container_uuid.nil?)
+ errors.add :container_uuid, "can only be updated to nil."
+ return false
+ end
+ if state_changed? and state == Committed and container_uuid.nil?
+ resolve
end
end
when Committed
if container_uuid.nil?
- errors.add :container_uuid, "Has not been resolved to a container."
+ errors.add :container_uuid, "has not been resolved to a container."
end
- # Can update priority, container count.
- permitted.push :priority, :container_count_max
+ if priority.nil?
+ errors.add :priority, "cannot be nil"
+ end
+
+ # Can update priority, container count, name and description
+ permitted.push :priority, :container_count_max, :container_uuid, :name, :description
if self.state_changed?
- if self.state_was == Uncommitted or self.state_was.nil?
- # Allow create-and-commit in a single operation.
- permitted.push :command, :container_count_max,
- :container_image, :cwd, :description, :environment,
- :filters, :mounts, :name, :output_path, :priority,
- :properties, :requesting_container_uuid, :runtime_constraints,
- :state, :container_uuid
- else
- errors.add :state, "Can only go from Uncommitted to Committed"
- end
+ # Allow create-and-commit in a single operation.
+ permitted.push :command, :container_image, :cwd, :description, :environment,
+ :filters, :mounts, :name, :output_path, :properties,
+ :requesting_container_uuid, :runtime_constraints,
+ :state, :container_uuid
end
when Final
- if self.state_changed?
- if self.state_was == Committed
- permitted.push :state
- else
- errors.add :state, "Can only go from Committed to Final"
- end
+ if not current_user.andand.is_admin and not (self.name_changed? || self.description_changed?)
+ errors.add :state, "of container request can only be set to Final by system."
+ end
+
+ if self.state_changed? || self.name_changed? || self.description_changed?
+ permitted.push :state, :name, :description
else
- errors.add "Cannot update record in Final state"
+ errors.add :state, "does not allow updates"
end
else
- errors.add :state, "Invalid state #{self.state}"
+ errors.add :state, "invalid value"
end
check_update_whitelist permitted
end
def update_priority
- if self.state == Committed and self.priority_changed?
- c = Container.find_by_uuid self.container_uuid
- c.update_priority!
+ if self.state_changed? or
+ self.priority_changed? or
+ self.container_uuid_changed?
+ act_as_system_user do
+ Container.
+ where('uuid in (?)',
+ [self.container_uuid_was, self.container_uuid].compact).
+ map(&:update_priority!)
+ end
end
end
+ def set_requesting_container_uuid
+ return true if self.requesting_container_uuid # already set
+
+ token_uuid = current_api_client_authorization.andand.uuid
+ container = Container.where('auth_uuid=?', token_uuid).order('created_at desc').first
+ self.requesting_container_uuid = container.uuid if container
+ true
+ end
end