X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/2bc21107e3fa6c4ecea7efb22e4dfc7e30b3233d..09a2e88c51e5432e607f2a38466e55b4ba15e887:/services/api/app/models/log.rb diff --git a/services/api/app/models/log.rb b/services/api/app/models/log.rb index 7a8b50a6c4..3207d1f288 100644 --- a/services/api/app/models/log.rb +++ b/services/api/app/models/log.rb @@ -4,7 +4,6 @@ class Log < ArvadosModel include CommonApiTemplate serialize :properties, Hash before_validation :set_default_event_at - attr_accessor :object, :object_kind after_save :send_notify api_accessible :user, extend: :common do |t| @@ -47,22 +46,28 @@ class Log < ArvadosModel self.event_at = thing.created_at when "update" self.event_at = thing.modified_at - when "destroy" + when "delete" self.event_at = db_current_time end self end - def self.readable_by *users_list + def self.readable_by(*users_list) if users_list.select { |u| u.is_admin }.any? return self end user_uuids = users_list.map { |u| u.uuid } uuid_list = user_uuids + users_list.flat_map { |u| u.groups_i_can(:read) } - permitted_uuids = "(SELECT head_uuid FROM links WHERE link_class='permission' AND tail_uuid IN (?))" + uuid_list.uniq! + permitted = "(SELECT head_uuid FROM links WHERE link_class='permission' AND tail_uuid IN (:uuids))" joins("LEFT JOIN container_requests ON container_requests.container_uuid=logs.object_uuid"). - where("logs.object_uuid IN #{permitted_uuids} OR container_requests.uuid IN (?) OR container_requests.owner_uuid IN (?) OR logs.object_uuid IN (?) OR logs.object_owner_uuid IN (?)", - uuid_list, uuid_list, uuid_list, uuid_list, uuid_list) + where("logs.object_uuid IN #{permitted} OR "+ + "container_requests.uuid IN (:uuids) OR "+ + "container_requests.owner_uuid IN (:uuids) OR "+ + "logs.object_uuid IN (:uuids) OR "+ + "logs.owner_uuid IN (:uuids) OR "+ + "logs.object_owner_uuid IN (:uuids)", + uuids: uuid_list) end protected