self.response_body = file_enumerator opts
end
+ def sharing_scopes
+ ["GET /arvados/v1/collections/#{@object.uuid}", "GET /arvados/v1/keep_services"]
+ end
+
+ def search_scopes
+ ApiClientAuthorization.where(filters: [['scopes', '=', sharing_scopes]])
+ end
+
def show
return super if !@object
if current_user
.where(head_uuid: @object.uuid, tail_uuid: current_user.uuid,
link_class: 'resources', name: 'wants')
.results.any?
+ @search_sharing = search_scopes.select { |s| s.scopes != ['all'] }
end
@prov_svg = ProvenanceHelper::create_provenance_graph(@object.provenance, "provenance_svg",
{:request => request,
:pdata_only => true}) rescue nil
end
+ def sharing_popup
+ @search_sharing = search_scopes.select { |s| s.scopes != ['all'] }
+ respond_to do |format|
+ format.html
+ format.js
+ end
+ end
+
+ def share
+ a = ApiClientAuthorization.create(scopes: sharing_scopes)
+ @search_sharing = search_scopes.select { |s| s.scopes != ['all'] }
+ render 'sharing_popup'
+ end
+
+ def unshare
+ @search_sharing = search_scopes.select { |s| s.scopes != ['all'] }
+ @search_sharing.each do |s|
+ s.destroy
+ end
+ @search_sharing = search_scopes.select { |s| s.scopes != ['all'] }
+ render 'sharing_popup'
+ end
+
protected
def find_usable_token(token_list)
--- /dev/null
+<% if @search_sharing.any? %>
+ <% linktext = "Shared" %>
+ <% btnstyle = "btn-success" %>
+<% else %>
+ <% linktext = "Share" %>
+ <% btnstyle = "btn-info" %>
+<% end %>
+<%= link_to linktext, sharing_popup_collection_url(id: @object.uuid), {class: "btn #{btnstyle}", :remote => true, 'data-toggle' => "modal", 'data-target' => '#collection-sharing-modal-window'} %>
--- /dev/null
+
+<div class="modal-dialog">
+ <div class="modal-content">
+ <div class="modal-header">
+ <button type="button" class="close" onClick="reset_form()" data-dismiss="modal" aria-hidden="true">×</button>
+ <h4 class="modal-title">Sharing</h4>
+ </div>
+ <div class="modal-body">
+ <div id="sharing-text" style="text-align: center; word-wrap: break-word">
+ <% if @search_sharing.any? %>
+ Use this link to share this collection:<br>
+ <big>
+ <% link = collections_url + "/download/#{@object.uuid}/#{@search_sharing.first.api_token}" %>
+ <%= link_to link, link %>
+ </big>
+ <% else %>
+ Not shared.
+ <% end %>
+ </div>
+ <div style="text-align: center; padding-top: 1em">
+ <% if @search_sharing and @search_sharing.any? %>
+ <%= link_to "Unshare", unshare_collection_url, {
+ class: 'btn btn-success',
+ remote: true,
+ method: 'post'
+ } %>
+ <% else %>
+ <%= link_to "Share", share_collection_url, {
+ class: 'btn btn-info',
+ remote: true,
+ method: 'post'
+ } %>
+ <% end %>
+ </div>
+ </div>
+ </div>
+</div>
<div class="col-md-6"></div>
<div class="col-md-6">
<div class="pull-right">
- Collection storage status:
+ <span style="padding-left: 1em">Collection storage status:</span>
<%= render partial: 'toggle_persist', locals: { uuid: @object.uuid, current_state: (@is_persistent ? 'persistent' : 'cache') } %>
+
</div>
</div>
</div>
<% end # file_tree.each %>
<%= raw(dirstack.map { |_| "</ul>" }.join("</li>")) %>
<% end # if file_tree %>
+
+<% content_for :footer_html do %>
+<div id="collection-sharing-modal-window" class="modal fade" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true"></div>
+<% end %>
--- /dev/null
+$("#collection-sharing-modal-window").html("<%= escape_javascript(render partial: 'sharing_popup') %>");
+$("#sharing-button").html("<%= escape_javascript(render partial: 'sharing_button') %>");
<!--
<input type="text" class="form-control" placeholder="Search"/>
-->
+
+ <div id="sharing-button" style="text-align: center">
+ <%= render partial: 'sharing_button' %>
+ </div>
+
<div style="height:0.5em;"></div>
<% if @folders.andand.any? %>
<p>Included in folders:<br />
<% end %>
</p>
<% end %>
+
</div>
</div>
</div>
get '/collections/graph' => 'collections#graph'
resources :collections do
post 'set_persistent', on: :member
+ get 'sharing_popup', :on => :member
+ post 'share', :on => :member
+ post 'unshare', :on => :member
end
get('/collections/download/:uuid/:reader_token/*file' => 'collections#show_file',
format: false)
# translate UUID to numeric ID here.
resource_attrs[:user_id] =
User.where(uuid: resource_attrs.delete(:owner_uuid)).first.andand.id
+ elsif not resource_attrs[:user_id]
+ resource_attrs[:user_id] = current_user.id
end
resource_attrs[:api_client_id] = Thread.current[:api_client].id
super
self.owner_uuid ||= current_user.uuid
end
if self.owner_uuid_changed?
- if current_user.uuid == self.owner_uuid or
+ if new_record?
+ return true
+ elsif current_user.uuid == self.owner_uuid or
current_user.can? write: self.owner_uuid
# current_user is, or has :write permission on, the new owner
else
- logger.warn "User #{current_user.uuid} tried to change owner_uuid of #{self.class.to_s} #{self.uuid} to #{self.owner_uuid} but does not have permission to write to #{self.owner_uuid}"
+ logger.warn "User #{current_user.uuid} tried to modify #{self.class.to_s} #{self.uuid} but does not have permission to write #{self.owner_uuid_was}"
raise PermissionDeniedError
end
end
- if new_record?
- return true
- elsif current_user.uuid == self.owner_uuid_was or
- current_user.uuid == self.uuid or
- current_user.can? write: self.owner_uuid_was
- # current user is, or has :write permission on, the previous owner
- return true
- else
- logger.warn "User #{current_user.uuid} tried to modify #{self.class.to_s} #{self.uuid} but does not have permission to write #{self.owner_uuid_was}"
- raise PermissionDeniedError
- end
end
def ensure_permission_to_save