Merge branch 'master' into 10293-container-request-output-uuid

[arvados.git] / services / api / app / models / user.rb

diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 3cb595b499264bdff8d551d4b0855bb122137dc7..9363cc4f02aa04d08552b9e343bbda9f8dcda5c1 100644 (file)
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -123,14 +123,22 @@ class User < ArvadosModel
     true
   end
 
-  def self.invalidate_permissions_cache timestamp
+  def self.invalidate_permissions_cache(timestamp=nil)
     if Rails.configuration.async_permissions_update
+      timestamp = DbCurrentTime::db_current_time.to_i if timestamp.nil?
       connection.execute "NOTIFY invalidate_permissions_cache, '#{timestamp}'"
     else
       Rails.cache.delete_matched(/^groups_for_user_/)
     end
   end
 
+  # Return a hash of {group_uuid: perm_hash} where perm_hash[:read]
+  # and perm_hash[:write] are true if this user can read and write
+  # objects owned by group_uuid.
+  #
+  # The permission graph is built by repeatedly enumerating all
+  # permission links reachable from self.uuid, and then calling
+  # search_permissions
   def calculate_group_permissions
       permissions_from = {}
       todo = {self.uuid => true}
@@ -186,15 +194,17 @@ class User < ArvadosModel
   # Return a hash of {group_uuid: perm_hash} where perm_hash[:read]
   # and perm_hash[:write] are true if this user can read and write
   # objects owned by group_uuid.
-  #
-  # The permission graph is built by repeatedly enumerating all
-  # permission links reachable from self.uuid, and then calling
-  # search_permissions
   def group_permissions
     r = Rails.cache.read "groups_for_user_#{self.uuid}"
-    while r.nil?
-      sleep(0.1)
-      r = Rails.cache.read "groups_for_user_#{self.uuid}"
+    if r.nil?
+      if Rails.configuration.async_permissions_update
+        while r.nil?
+          sleep(0.1)
+          r = Rails.cache.read "groups_for_user_#{self.uuid}"
+        end
+      else
+        r = calculate_group_permissions
+      end
     end
     r
   end
@@ -251,6 +261,25 @@ class User < ArvadosModel
     self.save!
   end
 
+  def set_initial_username(requested: false)
+    if !requested.is_a?(String) || requested.empty?
+      email_parts = email.partition("@")
+      local_parts = email_parts.first.partition("+")
+      if email_parts.any?(&:empty?)
+        return
+      elsif not local_parts.first.empty?
+        requested = local_parts.first
+      else
+        requested = email_parts.first
+      end
+    end
+    requested.sub!(/^[^A-Za-z]+/, "")
+    requested.gsub!(/[^A-Za-z0-9]/, "")
+    unless requested.empty?
+      self.username = find_usable_username_from(requested)
+    end
+  end
+
   protected
 
   def ensure_ownership_path_leads_to_user
@@ -302,8 +331,8 @@ class User < ArvadosModel
       self.class.
           where("username like '#{pattern}'").
           select(:username).
-          order(username: :asc).
-          find_each do |other_user|
+          order('username asc').
+          each do |other_user|
         if other_user.username > next_username
           break
         elsif other_user.username == next_username
@@ -316,23 +345,6 @@ class User < ArvadosModel
     nil
   end
 
-  def set_initial_username
-    email_parts = email.partition("@")
-    local_parts = email_parts.first.partition("+")
-    if email_parts.any?(&:empty?)
-      return
-    elsif not local_parts.first.empty?
-      base_username = local_parts.first
-    else
-      base_username = email_parts.first
-    end
-    base_username.sub!(/^[^A-Za-z]+/, "")
-    base_username.gsub!(/[^A-Za-z0-9]/, "")
-    unless base_username.empty?
-      self.username = find_usable_username_from(base_username)
-    end
-  end
-
   def prevent_privilege_escalation
     if current_user.andand.is_admin
       return true