re = col.name.match /^(.*)_kind$/
if (re and
self.respond_to? re[1].to_sym and
- (auuid = self.send(re[1].to_sym)) and
+ (auuid = self.send((re[1] + '_uuid').to_sym)) and
(aclass = self.class.kind_class(self.send(col.name.to_sym))) and
(aobject = aclass.where('uuid=?', auuid).first))
- self.send((re[1]+'=').to_sym, aobject)
+ self.instance_variable_set('@'+re[1], aobject)
end
end
end
def permission_to_update
return false unless current_user
- if self.owner_changed? and self.owner_was != current_user.uuid
- return Metadatum.where(metadata_class: 'permission',
- name: 'can_pillage',
- tail: self.owner,
- head: current_user.uuid).count > 0
+ return true if current_user.is_admin
+ if self.owner_changed? and
+ self.owner_was != current_user.uuid and
+ 0 == Link.where(link_class: 'permission',
+ name: 'can_pillage',
+ tail_uuid: self.owner,
+ head_uuid: current_user.uuid).count
+ logger.warn "User #{current_user.uuid} tried to change owner of #{self.class.to_s} #{self.uuid} to #{self.owner}"
+ return false
end
self.owner == current_user.uuid or
current_user.is_admin or
current_user.uuid == self.uuid or
- Metadatum.where(metadata_class: 'permission',
- name: 'can_write',
- tail: self.owner,
- head: current_user.uuid).count > 0
+ Link.where(link_class: 'permission',
+ name: 'can_write',
+ tail_uuid: self.owner,
+ head_uuid: current_user.uuid).count > 0
end
def update_modified_by_fields
projects / arvados.git / blobdiff