X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/792e67dae1446c7ef583d2c974ed857f2992405f..2dd9e300bfdf3cbce26a625b579b606425fae61c:/app/models/orvos_model.rb diff --git a/app/models/orvos_model.rb b/app/models/orvos_model.rb index e288ebf0d8..484fbc05c9 100644 --- a/app/models/orvos_model.rb +++ b/app/models/orvos_model.rb @@ -3,13 +3,12 @@ class OrvosModel < ActiveRecord::Base include CurrentApiClient # current_user, current_api_client, etc. - attr_protected :created_by_user - attr_protected :created_by_client attr_protected :created_at attr_protected :modified_by_user attr_protected :modified_by_client attr_protected :modified_at - before_create :initialize_created_by_fields + before_update :permission_to_update + before_create :update_modified_by_fields before_update :update_modified_by_fields def self.kind_class(kind) @@ -31,20 +30,30 @@ class OrvosModel < ActiveRecord::Base protected + def permission_to_update + return false unless current_user + if self.owner_changed? and self.owner_was != self.uuid + return Metadatum.where(metadata_class: 'permission', + name: 'can_pillage', + tail: self.owner, + head: current_user.uuid).count > 0 + end + self.owner == current_user.uuid or + current_user.is_admin or + current_user.uuid == self.uuid or + Metadatum.where(metadata_class: 'permission', + name: 'can_write', + tail: self.owner, + head: current_user.uuid).count > 0 + end + def update_modified_by_fields if self.changed? + self.created_at ||= Time.now + self.owner ||= current_user.uuid self.modified_at = Time.now self.modified_by_user = current_user.uuid - self.modified_by_client = current_api_client.uuid + self.modified_by_client = current_api_client ? current_api_client.uuid : nil end end - - def initialize_created_by_fields - self.created_at = Time.now - self.created_by_user = current_user.uuid - self.created_by_client = current_api_client.uuid - self.modified_at = Time.now - self.modified_by_user = current_user.uuid - self.modified_by_client = current_api_client.uuid - end end