X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/a42a2a77fe6e8dfd9068506748f6c65609f57c71..120a2268606d73317ab2353d79c3046017300f81:/services/api/app/models/collection.rb?ds=sidebyside

diff --git a/services/api/app/models/collection.rb b/services/api/app/models/collection.rb
index ca97161360..8579509de7 100644
--- a/services/api/app/models/collection.rb
+++ b/services/api/app/models/collection.rb
@@ -8,14 +8,17 @@ class Collection < ArvadosModel
 
   serialize :properties, Hash
 
+  before_validation :default_empty_manifest
   before_validation :check_encoding
+  before_validation :check_manifest_validity
   before_validation :check_signatures
   before_validation :strip_signatures_and_update_replication_confirmed
   validate :ensure_pdh_matches_manifest_text
   before_save :set_file_names
+  before_save :expires_at_not_in_past
 
   # Query only undeleted collections by default.
-  default_scope where("expires_at IS NULL or expires_at > CURRENT_TIMESTAMP")
+  default_scope where("expires_at IS NULL or expires_at > statement_timestamp()")
 
   api_accessible :user, extend: :common do |t|
     t.add :name
@@ -26,6 +29,7 @@ class Collection < ArvadosModel
     t.add :replication_desired
     t.add :replication_confirmed
     t.add :replication_confirmed_at
+    t.add :expires_at
   end
 
   def self.attributes_required_columns
@@ -35,10 +39,17 @@ class Collection < ArvadosModel
                 # expose signed_manifest_text as manifest_text in the
                 # API response, and never let clients select the
                 # manifest_text column.
-                'manifest_text' => ['manifest_text'],
+                #
+                # We need expires_at to determine the correct
+                # timestamp in signed_manifest_text.
+                'manifest_text' => ['manifest_text', 'expires_at'],
                 )
   end
 
+  def self.ignored_select_attributes
+    super + ["updated_at", "file_names"]
+  end
+
   FILE_TOKEN = /^[[:digit:]]+:[[:digit:]]+:/
   def check_signatures
     return false if self.manifest_text.nil?
@@ -61,9 +72,11 @@ class Collection < ArvadosModel
         api_token: api_token,
         now: db_current_time.to_i,
       }
-      self.manifest_text.lines.each do |entry|
-        entry.split[1..-1].each do |tok|
-          if tok =~ FILE_TOKEN
+      self.manifest_text.each_line do |entry|
+        entry.split.each do |tok|
+          if tok == '.' or tok.starts_with? './'
+            # Stream name token.
+          elsif tok =~ FILE_TOKEN
             # This is a filename token, not a blob locator. Note that we
             # keep checking tokens after this, even though manifest
             # format dictates that all subsequent tokens will also be
@@ -128,8 +141,8 @@ class Collection < ArvadosModel
       true
     elsif portable_data_hash.nil? or not portable_data_hash_changed?
       self.portable_data_hash = computed_pdh
-    elsif portable_data_hash !~ /^[0-9a-f]{32}(\+\d+)?$/
-      errors.add(:portable_data_hash, "is not a valid hash or hash+size")
+    elsif portable_data_hash !~ Keep::Locator::LOCATOR_REGEXP
+      errors.add(:portable_data_hash, "is not a valid locator")
       false
     elsif portable_data_hash[0..31] != computed_pdh[0..31]
       errors.add(:portable_data_hash,
@@ -168,6 +181,10 @@ class Collection < ArvadosModel
     names[0,2**12]
   end
 
+  def default_empty_manifest
+    self.manifest_text ||= ''
+  end
+
   def check_encoding
     if manifest_text.encoding.name == 'UTF-8' and manifest_text.valid_encoding?
       true
@@ -190,17 +207,32 @@ class Collection < ArvadosModel
     end
   end
 
+  def check_manifest_validity
+    begin
+      Keep::Manifest.validate! manifest_text
+      true
+    rescue ArgumentError => e
+      errors.add :manifest_text, e.message
+      false
+    end
+  end
+
   def signed_manifest_text
     if has_attribute? :manifest_text
       token = current_api_client_authorization.andand.api_token
-      @signed_manifest_text = self.class.sign_manifest manifest_text, token
+      exp = [db_current_time.to_i + Rails.configuration.blob_signature_ttl,
+             expires_at].compact.map(&:to_i).min
+      @signed_manifest_text = self.class.sign_manifest manifest_text, token, exp
     end
   end
 
-  def self.sign_manifest manifest, token
+  def self.sign_manifest manifest, token, exp=nil
+    if exp.nil?
+      exp = db_current_time.to_i + Rails.configuration.blob_signature_ttl
+    end
     signing_opts = {
       api_token: token,
-      expire: db_current_time.to_i + Rails.configuration.blob_signature_ttl,
+      expire: exp,
     }
     m = munge_manifest_locators(manifest) do |match|
       Blob.sign_locator(match[0], signing_opts)
@@ -213,16 +245,16 @@ class Collection < ArvadosModel
     # for each locator. Return a new manifest in which each locator
     # has been replaced by the block's return value.
     return nil if !manifest
-    return '' if !manifest.present?
+    return '' if manifest == ''
 
     new_lines = []
-    lines = manifest.split("\n")
     manifest.each_line do |line|
       line.rstrip!
-      words = line.split(' ')
       new_words = []
-      words.each do |word|
-        if match = Keep::Locator::LOCATOR_REGEXP.match(word)
+      line.split(' ').each do |word|
+        if new_words.empty?
+          new_words << word
+        elsif match = Keep::Locator::LOCATOR_REGEXP.match(word)
           new_words << yield(match)
         else
           new_words << word
@@ -230,17 +262,16 @@ class Collection < ArvadosModel
       end
       new_lines << new_words.join(' ')
     end
-
-    manifest = new_lines.join("\n") + "\n"
+    new_lines.join("\n") + "\n"
   end
 
   def self.each_manifest_locator manifest
     # Given a manifest text and a block, yield the regexp match object
     # for each locator.
     manifest.each_line do |line|
-      line.rstrip!
-      words = line.split(' ')
-      words.each do |word|
+      # line will have a trailing newline, but the last token is never
+      # a locator, so it's harmless here.
+      line.split(' ').each do |word|
         if match = Keep::Locator::LOCATOR_REGEXP.match(word)
           yield(match)
         end
@@ -283,7 +314,7 @@ class Collection < ArvadosModel
         # looks like a saved Docker image.
         manifest = Keep::Manifest.new(coll_match.manifest_text)
         if manifest.exact_file_count?(1) and
-            (manifest.files[0][1] =~ /^[0-9A-Fa-f]{64}\.tar$/)
+            (manifest.files[0][1] =~ /^(sha256:)?[0-9A-Fa-f]{64}\.tar$/)
           return [coll_match]
         end
       end
@@ -331,14 +362,13 @@ class Collection < ArvadosModel
 
   protected
   def portable_manifest_text
-    portable_manifest = self.class.munge_manifest_locators(manifest_text) do |match|
+    self.class.munge_manifest_locators(manifest_text) do |match|
       if match[2] # size
         match[1] + match[2]
       else
         match[1]
       end
     end
-    portable_manifest
   end
 
   def compute_pdh
@@ -365,4 +395,14 @@ class Collection < ArvadosModel
     end
     super
   end
+
+  # If expires_at is being changed to a time in the past, change it to
+  # now. This allows clients to say "expires {client-current-time}"
+  # without failing due to clock skew, while avoiding odd log entries
+  # like "expiry date changed to {1 year ago}".
+  def expires_at_not_in_past
+    if expires_at_changed? and expires_at
+      self.expires_at = [db_current_time, expires_at].max
+    end
+  end
 end