+
+ def name_link_has_valid_name
+ if link_class == 'name'
+ unless name.is_a? String and !name.empty?
+ errors.add('name', 'must be a non-empty string')
+ end
+ else
+ true
+ end
+ end
+
+ def name_link_owner_is_tail
+ if link_class == 'name'
+ self.owner_uuid = tail_uuid
+ ensure_owner_uuid_is_permitted
+ end
+ end
+
+ # A user is permitted to create, update or modify a permission link
+ # if and only if they have "manage" permission on the destination
+ # object.
+ # All other links are treated as regular ArvadosModel objects.
+ #
+ def ensure_owner_uuid_is_permitted
+ if link_class == 'permission'
+ ob = ArvadosModel.find_by_uuid(head_uuid)
+ raise PermissionDeniedError unless current_user.can?(manage: ob)
+ # All permission links should be owned by the system user.
+ self.owner_uuid = system_user_uuid
+ return true
+ else
+ super
+ end
+ end