helper_method :my_starred_projects
def my_starred_projects user
return if defined?(@starred_projects) && @starred_projects
- links = Link.filter([['owner_uuid', 'in', ["#{Rails.configuration.ClusterID}-j7d0g-fffffffffffffff", user.uuid]],
+ links = Link.filter([['owner_uuid', 'in', ["#{Rails.configuration.ClusterID}-j7d0g-publicfavorites", user.uuid]],
['link_class', '=', 'star'],
['head_uuid', 'is_a', 'arvados#group']]).with_count("none").select(%w(head_uuid))
uuids = links.collect { |x| x.head_uuid }
A **star** link is a shortcut to a project that is displayed in the user interface (Workbench) as "favorites". Users can mark their own favorites (implemented by creating or deleting **star** links).
-An admin can also create **star** links owned by the "All Users" group, these will be displayed to all users that have permission to read the project that has been favorited.
+An admin can also create **star** links owned by the "Public favorites" project. These are favorites will be displayed to all users that have permission to read the project that has been favorited.
The schema for a star link is:
table(table table-bordered table-condensed).
|_. Field|_. Value|_. Description|
-|owner_uuid|user or group uuid|Either the user that owns the favorite, or the "All Users" group for public favorites.|
+|owner_uuid|user or group uuid|Either the user that owns the favorite, or the "Public favorites" group.|
+|tail_uuid|user or group uuid|Should be the same as owner_uuid|
|head_uuid|project uuid|The project being favorited|
|link_class|string of value "star"|Indicates this represents a link to a user favorite|
-h4. Creating a favorite
+h4. Creating a public favorite
-@owner_uuid@ is either an individual user, or the "All Users" group. The @head_uuid@ is the project being favorited.
+@owner_uuid@ is either an individual user, or the "Public favorites" group. The @head_uuid@ is the project being favorited.
<pre>
-$ arv link create --link '{
- "owner_uuid": "zzzzz-j7d0g-fffffffffffffff",
- "head_uuid": "zzzzz-j7d0g-theprojectuuid",
- "link_class": "star"}'
+$ linkuuid=$(arv --format=uuid link create --link '{
+ "link_class": "star",
+ "owner_uuid": "zzzzz-j7d0g-publicfavorites",
+ "tail_uuid": "zzzzz-j7d0g-publicfavorites",
+ "head_uuid": "zzzzz-j7d0g-theprojectuuid"}')
</pre>
-h4. Deleting a favorite
+h4. Removing a favorite
<pre>
$ arv link delete --uuid zzzzz-o0j2j-thestarlinkuuid
<pre>
$ arv link list --filters '[
["link_class", "=", "star"],
- ["owner_uuid", "in", ["zzzzz-j7d0g-fffffffffffffff", "zzzzz-tpzed-currentuseruuid"]]]'
+ ["tail_uuid", "in", ["zzzzz-j7d0g-publicfavorites", "zzzzz-tpzed-currentuseruuid"]]]'
</pre>
h3. tag
end
def permission_to_destroy
- permission_to_update
+ if [system_user_uuid, system_group_uuid, anonymous_group_uuid,
+ anonymous_user_uuid, public_project_uuid].include? uuid
+ false
+ else
+ permission_to_update
+ end
end
def maybe_update_modified_by_fields
anonymous_group_read_permission
anonymous_user
system_root_token_api_client
+ public_project_group
+ public_project_read_permission
empty_collection
refresh_permissions
refresh_trashed
--- /dev/null
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
+class PublicFavoritesProject < ActiveRecord::Migration[5.2]
+ include CurrentApiClient
+ def up
+ act_as_system_user do
+ public_project_group
+ public_project_read_permission
+ Link.where(link_class: "star",
+ owner_uuid: system_user_uuid,
+ tail_uuid: all_users_group_uuid).each do |ln|
+ ln.owner_uuid = public_project_uuid
+ ln.tail_uuid = public_project_uuid
+ ln.save!
+ end
+ end
+ end
+
+ def down
+ end
+end
('20190809135453'),
('20190905151603'),
('20200501150153'),
-('20200602141328');
+('20200602141328'),
+('20200914203202');
$anonymous_group = nil
$anonymous_group_read_permission = nil
$empty_collection = nil
+$public_project_group = nil
+$public_project_group_read_permission = nil
module CurrentApiClient
def current_user
'anonymouspublic'].join('-')
end
+ def public_project_uuid
+ [Rails.configuration.ClusterID,
+ Group.uuid_prefix,
+ 'publicfavorites'].join('-')
+ end
+
def system_user
$system_user = check_cache $system_user do
real_current_user = Thread.current[:user]
end
end
+ def public_project_group
+ $public_project_group = check_cache $public_project_group do
+ act_as_system_user do
+ ActiveRecord::Base.transaction do
+ Group.where(uuid: public_project_uuid).
+ first_or_create!(group_class: "project",
+ name: "Public favorites",
+ description: "Public favorites")
+ end
+ end
+ end
+ end
+
+ def public_project_read_permission
+ $public_project_group_read_permission =
+ check_cache $public_project_group_read_permission do
+ act_as_system_user do
+ Link.where(tail_uuid: anonymous_group.uuid,
+ head_uuid: public_project_group.uuid,
+ link_class: "permission",
+ name: "can_read").first_or_create!
+ end
+ end
+ end
+
def system_root_token_api_client
$system_root_token_api_client = check_cache $system_root_token_api_client do
act_as_system_user do
description: System-owned Group
group_class: role
+public_favorites_project:
+ uuid: zzzzz-j7d0g-publicfavorites
+ owner_uuid: zzzzz-tpzed-000000000000000
+ name: Public favorites
+ description: Public favorites
+ group_class: project
+
empty_lonely_group:
uuid: zzzzz-j7d0g-jtp06ulmvsezgyu
owner_uuid: zzzzz-tpzed-000000000000000
assert users(:active).can?(write: prj.uuid)
assert users(:active).can?(manage: prj.uuid)
end
+
+ [system_user_uuid, anonymous_user_uuid].each do |u|
+ test "cannot delete system user #{u}" do
+ act_as_system_user do
+ assert_raises ArvadosModel::PermissionDeniedError do
+ User.find_by_uuid(u).destroy
+ end
+ end
+ end
+ end
+
+ [system_group_uuid, anonymous_group_uuid, public_project_uuid].each do |g|
+ test "cannot delete system group #{g}" do
+ act_as_system_user do
+ assert_raises ArvadosModel::PermissionDeniedError do
+ Group.find_by_uuid(g).destroy
+ end
+ end
+ end
+ end
end
projects / arvados.git / commitdiff