X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/cf736bbc9cfa288cca1dbced48dd144770a37ce4..29ad3b7333681e4e7b712da3a2c0244b23afa095:/services/api/app/models/arvados_model.rb diff --git a/services/api/app/models/arvados_model.rb b/services/api/app/models/arvados_model.rb index 327bf63b5f..d910320ec0 100644 --- a/services/api/app/models/arvados_model.rb +++ b/services/api/app/models/arvados_model.rb @@ -156,7 +156,7 @@ class ArvadosModel < ApplicationRecord end def self.searchable_columns operator - textonly_operator = !operator.match(/[<=>]/) + textonly_operator = !operator.match(/[<=>]/) && !operator.in?(['in', 'not in']) self.columns.select do |col| case col.type when :string, :text @@ -220,7 +220,7 @@ class ArvadosModel < ApplicationRecord end def self.default_orders - ["#{table_name}.modified_at desc", "#{table_name}.uuid"] + ["#{table_name}.modified_at desc", "#{table_name}.uuid desc"] end def self.unique_columns @@ -273,6 +273,26 @@ class ArvadosModel < ApplicationRecord end.compact.uniq end + def can_write + if respond_to?(:frozen_by_uuid) && frozen_by_uuid + # This special case is needed to return the correct value from a + # "freeze project" API, during which writable status changes + # from true to false. + # + # current_user.can?(write: self) returns true (which is correct + # in the context of permission-checking hooks) but the can_write + # value we're returning to the caller here represents the state + # _after_ the update, i.e., false. + return false + else + return current_user.can?(write: self) + end + end + + def can_manage + return current_user.can?(manage: self) + end + # Return a query with read permissions restricted to the union of the # permissions of the members of users_list, i.e. if something is readable by # any user in users_list, it will be readable in the query returned by this @@ -458,12 +478,11 @@ class ArvadosModel < ApplicationRecord conn.exec_query 'SAVEPOINT save_with_unique_name' begin save! + conn.exec_query 'RELEASE SAVEPOINT save_with_unique_name' rescue ActiveRecord::RecordNotUnique => rn raise if max_retries == 0 max_retries -= 1 - conn.exec_query 'ROLLBACK TO SAVEPOINT save_with_unique_name' - # Dig into the error to determine if it is specifically calling out a # (owner_uuid, name) uniqueness violation. In this specific case, and # the client requested a unique name with ensure_unique_name==true, @@ -481,6 +500,8 @@ class ArvadosModel < ApplicationRecord detail = err.result.error_field(PG::Result::PG_DIAG_MESSAGE_DETAIL) raise unless /^Key \(owner_uuid, name\)=\([a-z0-9]{5}-[a-z0-9]{5}-[a-z0-9]{15}, .*?\) already exists\./.match detail + conn.exec_query 'ROLLBACK TO SAVEPOINT save_with_unique_name' + new_name = "#{name_was} (#{db_current_time.utc.iso8601(3)})" if new_name == name # If the database is fast enough to do two attempts in the @@ -498,10 +519,8 @@ class ArvadosModel < ApplicationRecord self[:current_version_uuid] = nil end end - conn.exec_query 'SAVEPOINT save_with_unique_name' + retry - ensure - conn.exec_query 'RELEASE SAVEPOINT save_with_unique_name' end end end @@ -931,6 +950,10 @@ class ArvadosModel < ApplicationRecord # value in the database to an implicit zero/false value in an update # request. def fill_container_defaults + # Make sure this is correctly sorted by key, because we merge in + # whatever is in the database on top of it, this will be the order + # that gets used downstream rather than the order the keys appear + # in the database. self.runtime_constraints = { 'API' => false, 'cuda' => { @@ -938,6 +961,7 @@ class ArvadosModel < ApplicationRecord 'driver_version' => '', 'hardware_capability' => '', }, + 'keep_cache_disk' => 0, 'keep_cache_ram' => 0, 'ram' => 0, 'vcpus' => 0, @@ -946,6 +970,7 @@ class ArvadosModel < ApplicationRecord 'max_run_time' => 0, 'partitions' => [], 'preemptible' => false, + 'supervisor' => false, }.merge(attributes['scheduling_parameters'] || {}) end