def index
@objects ||= model_class.
joins("LEFT JOIN metadata permissions ON permissions.tail=#{table_name}.uuid AND permissions.head=#{model_class.sanitize current_user.uuid} AND permissions.metadata_class='permission' AND permissions.name='visible_to'").
- where("#{table_name}.created_by_user=? OR #{table_name}.uuid=? OR permissions.head IS NOT NULL",
+ where("#{table_name}.owner=? OR #{table_name}.uuid=? OR permissions.head IS NOT NULL",
current_user.uuid, current_user.uuid)
if params[:where]
where = params[:where]
# Administrators can grant permissions
return true if current_user.is_admin
- # All users can grant permissions on objects they created themselves
+ # All users can grant permissions on objects they own
head_obj = self.class.
kind_class(self.head_kind).
where('uuid=?',head_uuid).
first
if head_obj
- return true if head_obj.created_by_user == current_user.uuid
+ return true if head_obj.owner == current_user.uuid
end
- # Users with "can_manage" permission on an object can grant
+ # Users with "can_grant" permission on an object can grant
# permissions on that object
- has_manage_permission = self.class.
+ has_grant_permission = self.class.
where('metadata_class=? AND name=? AND tail=? AND head=?',
- 'permission', 'can_manage', current_user.uuid, self.head).
+ 'permission', 'can_grant', current_user.uuid, self.head).
count > 0
- return true if has_manage_permission
+ return true if has_grant_permission
# Default = deny.
false
include CurrentApiClient # current_user, current_api_client, etc.
- attr_protected :created_by_user
- attr_protected :created_by_client
attr_protected :created_at
attr_protected :modified_by_user
attr_protected :modified_by_client
attr_protected :modified_at
- before_create :initialize_created_by_fields
before_update :permission_to_update
+ before_create :update_modified_by_fields
before_update :update_modified_by_fields
def self.kind_class(kind)
def permission_to_update
return false unless current_user
- self.created_by_user == current_user.uuid or
+ if self.owner_changed? and self.owner_was != self.uuid
+ return Metadatum.where(metadata_class: 'permission',
+ name: 'can_pillage',
+ tail: self.owner,
+ head: current_user.uuid).count > 0
+ end
+ self.owner == current_user.uuid or
current_user.is_admin or
current_user.uuid == self.uuid or
Metadatum.where(metadata_class: 'permission',
name: 'can_write',
- tail: self.uuid,
+ tail: self.owner,
head: current_user.uuid).count > 0
end
def update_modified_by_fields
if self.changed?
+ self.created_at ||= Time.now
+ self.owner ||= current_user.uuid
self.modified_at = Time.now
self.modified_by_user = current_user.uuid
self.modified_by_client = current_api_client.uuid
end
end
-
- def initialize_created_by_fields
- self.created_at = Time.now
- self.created_by_user = current_user.uuid
- self.created_by_client = current_api_client.uuid
- self.modified_at = Time.now
- self.modified_by_user = current_user.uuid
- self.modified_by_client = current_api_client.uuid
- end
end
+++ /dev/null
-<%= form_for(@collection) do |f| %>
- <% if @collection.errors.any? %>
- <div id="error_explanation">
- <h2><%= pluralize(@collection.errors.count, "error") %> prohibited this collection from being saved:</h2>
-
- <ul>
- <% @collection.errors.full_messages.each do |msg| %>
- <li><%= msg %></li>
- <% end %>
- </ul>
- </div>
- <% end %>
-
- <div class="field">
- <%= f.label :locator %><br />
- <%= f.text_field :locator %>
- </div>
- <div class="field">
- <%= f.label :create_by_client %><br />
- <%= f.text_field :create_by_client %>
- </div>
- <div class="field">
- <%= f.label :created_by_user %><br />
- <%= f.text_field :created_by_user %>
- </div>
- <div class="field">
- <%= f.label :created_at %><br />
- <%= f.datetime_select :created_at %>
- </div>
- <div class="field">
- <%= f.label :modified_by_client %><br />
- <%= f.text_field :modified_by_client %>
- </div>
- <div class="field">
- <%= f.label :modified_by_user %><br />
- <%= f.text_field :modified_by_user %>
- </div>
- <div class="field">
- <%= f.label :modified_at %><br />
- <%= f.datetime_select :modified_at %>
- </div>
- <div class="field">
- <%= f.label :portable_data_hash %><br />
- <%= f.text_field :portable_data_hash %>
- </div>
- <div class="field">
- <%= f.label :name %><br />
- <%= f.text_field :name %>
- </div>
- <div class="field">
- <%= f.label :redundancy %><br />
- <%= f.number_field :redundancy %>
- </div>
- <div class="field">
- <%= f.label :arbitrary_string %><br />
- <%= f.text_field :arbitrary_string %>
- </div>
- <div class="field">
- <%= f.label :redundancy_confirmed_by_client %><br />
- <%= f.text_field :redundancy_confirmed_by_client %>
- </div>
- <div class="field">
- <%= f.label :redundancy_confirmed_at %><br />
- <%= f.datetime_select :redundancy_confirmed_at %>
- </div>
- <div class="field">
- <%= f.label :redundancy_confirmed_as %><br />
- <%= f.number_field :redundancy_confirmed_as %>
- </div>
- <div class="actions">
- <%= f.submit %>
- </div>
-<% end %>
+++ /dev/null
-<h1>Editing collection</h1>
-
-<%= render 'form' %>
-
-<%= link_to 'Show', @collection %> |
-<%= link_to 'Back', collections_path %>
+++ /dev/null
-<h1>Listing collections</h1>
-
-<table>
- <tr>
- <th>Locator</th>
- <th>Create by client</th>
- <th>Created by user</th>
- <th>Created at</th>
- <th>Modified by client</th>
- <th>Modified by user</th>
- <th>Modified at</th>
- <th>Portable data hash</th>
- <th>Name</th>
- <th>Redundancy</th>
- <th>Arbitrary string</th>
- <th>Redundancy confirmed by client</th>
- <th>Redundancy confirmed at</th>
- <th>Redundancy confirmed as</th>
- <th></th>
- <th></th>
- <th></th>
- </tr>
-
-<% @collections.each do |collection| %>
- <tr>
- <td><%= collection.locator %></td>
- <td><%= collection.create_by_client %></td>
- <td><%= collection.created_by_user %></td>
- <td><%= collection.created_at %></td>
- <td><%= collection.modified_by_client %></td>
- <td><%= collection.modified_by_user %></td>
- <td><%= collection.modified_at %></td>
- <td><%= collection.portable_data_hash %></td>
- <td><%= collection.name %></td>
- <td><%= collection.redundancy %></td>
- <td><%= collection.arbitrary_string %></td>
- <td><%= collection.redundancy_confirmed_by_client %></td>
- <td><%= collection.redundancy_confirmed_at %></td>
- <td><%= collection.redundancy_confirmed_as %></td>
- <td><%= link_to 'Show', collection %></td>
- <td><%= link_to 'Edit', edit_collection_path(collection) %></td>
- <td><%= link_to 'Destroy', collection, confirm: 'Are you sure?', method: :delete %></td>
- </tr>
-<% end %>
-</table>
-
-<br />
-
-<%= link_to 'New Collection', new_collection_path %>
+++ /dev/null
-<h1>New collection</h1>
-
-<%= render 'form' %>
-
-<%= link_to 'Back', collections_path %>
+++ /dev/null
-<p id="notice"><%= notice %></p>
-
-<p>
- <b>Locator:</b>
- <%= @collection.locator %>
-</p>
-
-<p>
- <b>Create by client:</b>
- <%= @collection.create_by_client %>
-</p>
-
-<p>
- <b>Created by user:</b>
- <%= @collection.created_by_user %>
-</p>
-
-<p>
- <b>Created at:</b>
- <%= @collection.created_at %>
-</p>
-
-<p>
- <b>Modified by client:</b>
- <%= @collection.modified_by_client %>
-</p>
-
-<p>
- <b>Modified by user:</b>
- <%= @collection.modified_by_user %>
-</p>
-
-<p>
- <b>Modified at:</b>
- <%= @collection.modified_at %>
-</p>
-
-<p>
- <b>Portable data hash:</b>
- <%= @collection.portable_data_hash %>
-</p>
-
-<p>
- <b>Name:</b>
- <%= @collection.name %>
-</p>
-
-<p>
- <b>Redundancy:</b>
- <%= @collection.redundancy %>
-</p>
-
-<p>
- <b>Arbitrary string:</b>
- <%= @collection.arbitrary_string %>
-</p>
-
-<p>
- <b>Redundancy confirmed by client:</b>
- <%= @collection.redundancy_confirmed_by_client %>
-</p>
-
-<p>
- <b>Redundancy confirmed at:</b>
- <%= @collection.redundancy_confirmed_at %>
-</p>
-
-<p>
- <b>Redundancy confirmed as:</b>
- <%= @collection.redundancy_confirmed_as %>
-</p>
-
-
-<%= link_to 'Edit', edit_collection_path(@collection) %> |
-<%= link_to 'Back', collections_path %>
--- /dev/null
+class RenameCreatedByToOwner < ActiveRecord::Migration
+ def tables
+ %w{api_clients collections logs metadata nodes pipelines pipeline_invocations projects specimens users}
+ end
+
+ def up
+ tables.each do |t|
+ remove_column t.to_sym, :created_by_client
+ rename_column t.to_sym, :created_by_user, :owner
+ end
+ end
+
+ def down
+ tables.reverse.each do |t|
+ rename_column t.to_sym, :owner, :created_by_user
+ add_column t.to_sym, :created_by_client, :string
+ end
+ end
+end
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20130123180228) do
+ActiveRecord::Schema.define(:version => 20130125220425) do
create_table "api_client_authorizations", :force => true do |t|
t.string "api_token", :null => false
create_table "api_clients", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.string "modified_by_client"
t.string "modified_by_user"
t.datetime "modified_at"
create_table "collections", :force => true do |t|
t.string "locator"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "logs", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.string "modified_by_client"
t.string "modified_by_user"
t.string "object_kind"
create_table "metadata", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "nodes", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "pipeline_invocations", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "pipelines", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "projects", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "specimens", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
create_table "users", :force => true do |t|
t.string "uuid"
- t.string "created_by_client"
- t.string "created_by_user"
+ t.string "owner"
t.datetime "created_at"
t.string "modified_by_client"
t.string "modified_by_user"
t.add :kind
t.add :etag
t.add :uuid
- t.add :created_by_client
- t.add :created_by_user
+ t.add :owner
t.add :created_at
t.add :modified_by_client
t.add :modified_by_user
projects / arvados.git / commitdiff