X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/ee5443faad325b16047b9ad4cd588baf51e231fa..421e478d139906b48a2ff31a32a385639eae8e01:/services/api/app/controllers/arvados/v1/groups_controller.rb diff --git a/services/api/app/controllers/arvados/v1/groups_controller.rb b/services/api/app/controllers/arvados/v1/groups_controller.rb index e9bc006a36..36839a1da0 100644 --- a/services/api/app/controllers/arvados/v1/groups_controller.rb +++ b/services/api/app/controllers/arvados/v1/groups_controller.rb @@ -7,11 +7,10 @@ require "trashable" class Arvados::V1::GroupsController < ApplicationController include TrashableController + before_action :load_include_param, only: [:shared, :contents] skip_before_action :find_object_by_uuid, only: :shared skip_before_action :render_404_if_no_object, only: :shared - TRASHABLE_CLASSES = ['project'] - def self._index_requires_parameters (super rescue {}). merge({ @@ -40,13 +39,12 @@ class Arvados::V1::GroupsController < ApplicationController type: 'boolean', required: false, default: false, description: 'Include contents from child groups recursively.', }, include: { - type: 'string', required: false, description: 'Include objects referred to by listed field in "included" (only owner_uuid).', + type: 'array', required: false, description: 'Include objects referred to by listed fields in "included" response field. Subsets of ["owner_uuid", "container_uuid"] are supported.', }, include_old_versions: { type: 'boolean', required: false, default: false, description: 'Include past collection versions.', } }) - params.delete(:select) params end @@ -93,7 +91,7 @@ class Arvados::V1::GroupsController < ApplicationController attrs_to_update = resource_attrs.reject { |k, v| [:kind, :etag, :href].index k }.merge({async_permissions_update: true}) - @object.update_attributes!(attrs_to_update) + @object.update!(attrs_to_update) @object.save! render_accepted else @@ -101,15 +99,6 @@ class Arvados::V1::GroupsController < ApplicationController end end - def destroy - if !TRASHABLE_CLASSES.include?(@object.group_class) - @object.destroy - show - else - super # Calls destroy from TrashableController module - end - end - def render_404_if_no_object if params[:action] == 'contents' if !params[:uuid] @@ -131,6 +120,7 @@ class Arvados::V1::GroupsController < ApplicationController end def contents + @orig_select = @select load_searchable_objects list = { :kind => "arvados#objectList", @@ -144,7 +134,7 @@ class Arvados::V1::GroupsController < ApplicationController list[:items_available] = @items_available end if @extra_included - list[:included] = @extra_included.as_api_response(nil, {select: @select}) + list[:included] = @extra_included.as_api_response(nil, {select: @orig_select}) end send_json(list) end @@ -159,7 +149,6 @@ class Arvados::V1::GroupsController < ApplicationController # This also returns (in the "included" field) the objects that own # those projects (users or non-project groups). # - # # The intended use of this endpoint is to support clients which # wish to browse those projects which are visible to the user but # are not part of the "home" project. @@ -171,14 +160,22 @@ class Arvados::V1::GroupsController < ApplicationController apply_where_limit_order_params - if params["include"] == "owner_uuid" + if @include.include?("owner_uuid") owners = @objects.map(&:owner_uuid).to_set - @extra_included = [] + @extra_included ||= [] [Group, User].each do |klass| @extra_included += klass.readable_by(*@read_users).where(uuid: owners.to_a).to_a end end + if @include.include?("container_uuid") + @extra_included ||= [] + container_uuids = @objects.map { |o| + o.respond_to?(:container_uuid) ? o.container_uuid : nil + }.compact.to_set.to_a + @extra_included += Container.where(uuid: container_uuids).to_a + end + index end @@ -190,6 +187,19 @@ class Arvados::V1::GroupsController < ApplicationController protected + def load_include_param + @include = params[:include] + if @include.nil? || @include == "" + @include = Set[] + elsif @include.is_a?(String) && @include.start_with?('[') + @include = SafeJSON.load(@include).to_set + elsif @include.is_a?(String) + @include = Set[@include] + else + return send_error("'include' parameter must be a string or array", status: 422) + end + end + def load_searchable_objects all_objects = [] @items_available = 0 @@ -219,10 +229,7 @@ class Arvados::V1::GroupsController < ApplicationController request_filters = @filters - klasses = [Group, - Job, PipelineInstance, PipelineTemplate, ContainerRequest, Workflow, - Collection, - Human, Specimen, Trait] + klasses = [Group, ContainerRequest, Workflow, Collection] table_names = Hash[klasses.collect { |k| [k, k.table_name] }] @@ -260,6 +267,23 @@ class Arvados::V1::GroupsController < ApplicationController end end + # Check that any fields in @select are valid for at least one class + if @select + all_attributes = [] + klasses.each do |klass| + all_attributes.concat klass.selectable_attributes + end + if klasses.include?(ContainerRequest) && @include.include?("container_uuid") + all_attributes.concat Container.selectable_attributes + end + @select.each do |check| + if !all_attributes.include? check + raise ArgumentError.new "Invalid attribute '#{check}' in select" + end + end + end + any_selections = @select + included_by_uuid = {} seen_last_class = false @@ -291,14 +315,21 @@ class Arvados::V1::GroupsController < ApplicationController request_orders.andand.find { |r| r =~ /^#{klass.table_name}\./i || r !~ /\./ } || klass.default_orders.join(", ") - @select = nil + @select = select_for_klass any_selections, klass, false + where_conds = filter_by_owner - if klass == Collection + if klass == Collection && @select.nil? @select = klass.selectable_attributes - ["manifest_text", "unsigned_manifest_text"] elsif klass == Group where_conds = where_conds.merge(group_class: ["project","filter"]) end + # Make signed manifest_text not selectable because controller + # currently doesn't know to sign it. + if @select + @select = @select - ["manifest_text"] + end + @filters = request_filters.map do |col, op, val| if !col.index('.') [col, op, val] @@ -354,7 +385,7 @@ class Arvados::V1::GroupsController < ApplicationController limit_all = all_objects.count end - if params["include"] == "owner_uuid" + if @include.include?("owner_uuid") owners = klass_object_list[:items].map {|i| i[:owner_uuid]}.to_set [Group, User].each do |ownerklass| ownerklass.readable_by(*@read_users).where(uuid: owners.to_a).each do |ow| @@ -362,6 +393,13 @@ class Arvados::V1::GroupsController < ApplicationController end end end + + if @include.include?("container_uuid") && klass == ContainerRequest + containers = klass_object_list[:items].collect { |cr| cr[:container_uuid] }.to_set + Container.where(uuid: containers.to_a).each do |c| + included_by_uuid[c.uuid] = c + end + end end # Only error out when every searchable object type errored out @@ -372,7 +410,7 @@ class Arvados::V1::GroupsController < ApplicationController raise ArgumentError.new(error_msg) end - if params["include"] + if !@include.empty? @extra_included = included_by_uuid.values end @@ -403,5 +441,4 @@ class Arvados::V1::GroupsController < ApplicationController "EXISTS(SELECT 1 FROM groups as gp where gp.uuid=#{klass.table_name}.owner_uuid and gp.group_class != 'project')", user_uuid: current_user.uuid) end - end