X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/792e67dae1446c7ef583d2c974ed857f2992405f..53b609a8946c1cd2b38162e530ae323f3264838c:/app/models/orvos_model.rb

diff --git a/app/models/orvos_model.rb b/app/models/orvos_model.rb
index e288ebf0d8..fb799dc718 100644
--- a/app/models/orvos_model.rb
+++ b/app/models/orvos_model.rb
@@ -10,6 +10,7 @@ class OrvosModel < ActiveRecord::Base
   attr_protected :modified_by_client
   attr_protected :modified_at
   before_create :initialize_created_by_fields
+  before_update :permission_to_update
   before_update :update_modified_by_fields
 
   def self.kind_class(kind)
@@ -31,6 +32,17 @@ class OrvosModel < ActiveRecord::Base
 
   protected
 
+  def permission_to_update
+    return false unless current_user
+    self.created_by_user == current_user.uuid or
+      current_user.is_admin or
+      current_user.uuid == self.uuid or
+      Metadatum.where(metadata_class: 'permission',
+                      name: 'can_write',
+                      tail: self.uuid,
+                      head: current_user.uuid).count > 0
+  end
+
   def update_modified_by_fields
     if self.changed?
       self.modified_at = Time.now