if @object.name and @object.name != ''
@object.name = "Copy of #{@object.name}"
else
- @object.name = "Copy of unnamed #{@object.class_for_display.downcase}"
+ @object.name = ""
end
end
@object.save!
<% end %>
</li>
<% end %>
- <li class="divider">
+ <li class="divider" />
<li role="presentation" class="dropdown-header">
Projects shared with me
</li>
link_to(project_path(pnode[:object].uuid), data: {object_uuid: pnode[:object].uuid, name: 'name'}, &block)
end,
:top_button => Proc.new do %>
- <% link_to projects_path('project[owner_uuid]' => current_project_uuid), method: 'post', class: 'btn btn-xs btn-default pull-right' do %>
+ <% link_to projects_path, method: 'post', class: 'btn btn-xs btn-default pull-right' do %>
<i class="fa fa-plus"></i> New project
<% end %>
<% end %>
assert_template 'user_agreements/index',
"Inactive user was not presented with a user agreement at the front page"
end
+
+ [[:active, true],
+ [:project_viewer, false]].each do |which_user, should_show|
+ test "create subproject button #{'not ' unless should_show} shown to #{which_user}" do
+ readonly_project_uuid = api_fixture('groups')['aproject']['uuid']
+ get :show, {
+ id: readonly_project_uuid
+ }, session_for(which_user)
+ buttons = css_select('[data-method=post]').select do |el|
+ el.attributes['href'].match /project.*owner_uuid.*#{readonly_project_uuid}/
+ end
+ if should_show
+ assert_not_empty(buttons, "did not offer to create a subproject")
+ else
+ assert_empty(buttons.collect(&:to_s),
+ "offered to create a subproject in a non-writable project")
+ end
+ end
+ end
end
/build/
/dist/
+/*.egg
/*.egg-info
/tmp
--- /dev/null
+include README.rst
--- /dev/null
+=====================
+Arvados Python Client
+=====================
+
+Overview
+--------
+
+This package provides the ``arvados`` module, an API client for
+Arvados_. It also includes higher-level functions to help you write
+Crunch scripts, and command-line tools to store and retrieve data in
+the Keep storage server.
+
+.. _Arvados: https://arvados.org/
+
+Installation
+------------
+
+Installing under your user account
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This method lets you install the package without root access.
+However, other users on the same system won't be able to use it.
+
+1. Run ``pip install --user arvados-python-client``.
+
+2. In your shell configuration, make sure you add ``$HOME/.local/bin``
+ to your PATH environment variable. For example, you could add the
+ command ``PATH=$PATH:$HOME/.local/bin`` to your ``.bashrc`` file.
+
+3. Reload your shell configuration. For example, bash users could run
+ ``source ~/.bashrc``.
+
+Installing on Debian systems
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+1. Add this Arvados repository to your sources list::
+
+ deb http://apt.arvados.org/ wheezy main
+
+2. Update your package list.
+
+3. Install the ``python-arvados-python-client`` package.
+
+Configuration
+-------------
+
+This client software needs two pieces of information to connect to
+Arvados: the DNS name of the API server, and an API authorization
+token. You can set these in environment variables, or the file
+``$HOME/.config/arvados/settings.conf``. `The Arvados user
+documentation
+<http://doc.arvados.org/user/reference/api-tokens.html>`_ describes
+how to find this information in the Arvados Workbench, and install it
+on your system.
+
+Testing and Development
+-----------------------
+
+This package is one part of the Arvados source package, and it has
+integration tests to check interoperability with other Arvados
+components. Our `hacking guide
+<https://arvados.org/projects/arvados/wiki/Hacking_Python_SDK>`_
+describes how to set up a development environment and run tests.
+++ /dev/null
-google-api-python-client>=1.2
-httplib2>=0.7
-python-gflags>=1.5
-urllib3>=1.3
-ws4py>=0.3
-PyYAML>=3.0
+#!/usr/bin/env python
+
+import os
+
from setuptools import setup, find_packages
+README = os.path.join(os.path.dirname(__file__), 'README.rst')
+
setup(name='arvados-python-client',
version='0.1',
description='Arvados client library',
+ long_description=open(README).read(),
author='Arvados',
author_email='info@arvados.org',
url="https://arvados.org",
'urllib3',
'ws4py'
],
+ test_suite='tests',
+ tests_require=['PyYAML'],
zip_safe=False)
arv_put.ResumeCache.CACHE_DIR = orig_cachedir
os.chmod(cachedir, 0o700)
- def test_short_put_from_stdin(self):
- # Have to run this separately since arv-put can't read from the
- # tests' stdin.
- # arv-put usually can't stat(os.path.realpath('/dev/stdin')) in this
- # case, because the /proc entry is already gone by the time it tries.
- pipe = subprocess.Popen(
- [sys.executable, arv_put.__file__, '--stream'],
- stdin=subprocess.PIPE, stdout=subprocess.PIPE,
- stderr=subprocess.STDOUT)
- pipe.stdin.write('stdin test\n')
- pipe.stdin.close()
- deadline = time.time() + 5
- while (pipe.poll() is None) and (time.time() < deadline):
- time.sleep(.1)
- returncode = pipe.poll()
- if returncode is None:
- pipe.terminate()
- self.fail("arv-put did not PUT from stdin within 5 seconds")
- elif returncode != 0:
- sys.stdout.write(pipe.stdout.read())
- self.fail("arv-put returned exit code {}".format(returncode))
- self.assertIn('4a9c8b735dce4b5fa3acf221a0b13628+11', pipe.stdout.read())
-
def test_link_without_project_uuid_aborts(self):
self.assertRaises(SystemExit, self.call_main_with_args,
['--name', 'test without project UUID', '/dev/null'])
class ArvPutIntegrationTest(unittest.TestCase):
PROJECT_UUID = run_test_server.fixture('groups')['aproject']['uuid']
+ ENVIRON = os.environ
+ ENVIRON['PYTHONPATH'] = ':'.join(sys.path)
@classmethod
def setUpClass(cls):
else:
self.assertFalse(result, "incorrectly found nonexistent project")
+ def test_short_put_from_stdin(self):
+ # Have to run this as an integration test since arv-put can't
+ # read from the tests' stdin.
+ # arv-put usually can't stat(os.path.realpath('/dev/stdin')) in this
+ # case, because the /proc entry is already gone by the time it tries.
+ pipe = subprocess.Popen(
+ [sys.executable, arv_put.__file__, '--stream'],
+ stdin=subprocess.PIPE, stdout=subprocess.PIPE,
+ stderr=subprocess.STDOUT, env=self.ENVIRON)
+ pipe.stdin.write('stdin test\n')
+ pipe.stdin.close()
+ deadline = time.time() + 5
+ while (pipe.poll() is None) and (time.time() < deadline):
+ time.sleep(.1)
+ returncode = pipe.poll()
+ if returncode is None:
+ pipe.terminate()
+ self.fail("arv-put did not PUT from stdin within 5 seconds")
+ elif returncode != 0:
+ sys.stdout.write(pipe.stdout.read())
+ self.fail("arv-put returned exit code {}".format(returncode))
+ self.assertIn('4a9c8b735dce4b5fa3acf221a0b13628+11', pipe.stdout.read())
+
def test_ArvPutSignedManifest(self):
# ArvPutSignedManifest runs "arv-put foo" and then attempts to get
# the newly created manifest from the API server, testing to confirm
with open(os.path.join(datadir, "foo"), "w") as f:
f.write("The quick brown fox jumped over the lazy dog")
p = subprocess.Popen([sys.executable, arv_put.__file__, datadir],
- stdout=subprocess.PIPE)
+ stdout=subprocess.PIPE, env=self.ENVIRON)
(arvout, arverr) = p.communicate()
self.assertEqual(p.returncode, 0)
self.assertEqual(arverr, None)
pipe = subprocess.Popen(
[sys.executable, arv_put.__file__,
'--project-uuid', self.PROJECT_UUID] + extra_args,
- stdin=subprocess.PIPE,
- stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ stdin=subprocess.PIPE, stdout=subprocess.PIPE,
+ stderr=subprocess.PIPE, env=self.ENVIRON)
stdout, stderr = pipe.communicate(text)
link_list = arvados.api('v1', cache=False).links().list(
filters=[['head_uuid', '=', stdout.strip()],
:first_name => omniauth['info']['first_name'],
:last_name => omniauth['info']['last_name'],
:identity_url => omniauth['info']['identity_url'],
- :is_active => Rails.configuration.new_users_are_active)
+ :is_active => Rails.configuration.new_users_are_active,
+ :owner_uuid => system_user_uuid)
+ act_as_system_user do
+ user.save or raise Exception.new(user.errors.messages)
+ end
else
user.email = omniauth['info']['email']
user.first_name = omniauth['info']['first_name']
self.user.andand.uuid
end
def owner_uuid_was
- self.user_id_changed? ? User.find(self.user_id_was).andand.uuid : self.user.andand.uuid
+ self.user_id_changed? ? User.where(id: self.user_id_was).first.andand.uuid : self.user.andand.uuid
end
def owner_uuid_changed?
self.user_id_changed?
def ensure_owner_uuid_is_permitted
raise PermissionDeniedError if !current_user
- if respond_to? :owner_uuid=
+ if new_record? and respond_to? :owner_uuid=
self.owner_uuid ||= current_user.uuid
end
- if self.owner_uuid_changed?
- if new_record?
- return true
- elsif current_user.uuid == self.owner_uuid or
- current_user.can? write: self.owner_uuid
- # current_user is, or has :write permission on, the new owner
- else
- logger.warn "User #{current_user.uuid} tried to change owner_uuid of #{self.class.to_s} #{self.uuid} to #{self.owner_uuid} but does not have permission to write to #{self.owner_uuid}"
- raise PermissionDeniedError
- end
- end
- if new_record?
- return true
- elsif current_user.uuid == self.owner_uuid_was or
+ # Verify permission to write to old owner (unless owner_uuid was
+ # nil -- or hasn't changed, in which case the following
+ # "permission to write to new owner" block will take care of us)
+ unless !owner_uuid_changed? or
+ owner_uuid_was.nil? or
+ current_user.uuid == self.owner_uuid_was or
current_user.uuid == self.uuid or
current_user.can? write: self.owner_uuid_was
- # current user is, or has :write permission on, the previous owner
- return true
- else
- logger.warn "User #{current_user.uuid} tried to modify #{self.class.to_s} #{self.uuid} but does not have permission to write #{self.owner_uuid_was}"
+ logger.warn "User #{current_user.uuid} tried to modify #{self.class.to_s} #{uuid} but does not have permission to write old owner_uuid #{owner_uuid_was}"
+ errors.add :owner_uuid, "cannot be changed without write permission on old owner"
+ raise PermissionDeniedError
+ end
+ # Verify permission to write to new owner
+ unless current_user == self or current_user.can? write: owner_uuid
+ logger.warn "User #{current_user.uuid} tried to modify #{self.class.to_s} #{uuid} but does not have permission to write new owner_uuid #{owner_uuid}"
+ errors.add :owner_uuid, "cannot be changed without write permission on new owner"
raise PermissionDeniedError
end
end
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
admin:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-d9tiejq69daie8f
email: admin@arvados.local
first_name: TestCase
prefs: {}
miniadmin:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-2bg9x0oeydcw5hm
email: miniadmin@arvados.local
first_name: TestCase
prefs: {}
rominiadmin:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-4hvxm4n25emegis
email: rominiadmin@arvados.local
first_name: TestCase
prefs: {}
active:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-xurymjxw79nv3jz
email: active-user@arvados.local
first_name: Active
prefs: {}
project_viewer:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-projectviewer1a
email: project-viewer@arvados.local
first_name: Project
prefs: {}
spectator:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-l1s2piq4t4mps8r
email: spectator@arvados.local
first_name: Spect
prefs: {}
inactive_uninvited:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-rf2ec3ryh4vb5ma
email: inactive-uninvited-user@arvados.local
first_name: Inactive and Uninvited
prefs: {}
inactive:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-x9kqpd79egh49c7
email: inactive-user@arvados.local
first_name: Inactive
prefs: {}
inactive_but_signed_user_agreement:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-7sg468ezxwnodxs
email: inactive-user-signed-ua@arvados.local
first_name: Inactive But Agreeable
prefs: {}
anonymous:
+ owner_uuid: zzzzz-tpzed-000000000000000
uuid: zzzzz-tpzed-anonymouspublic
email: anonymouspublic
first_name: anonymouspublic
perm_link.save
end
end
+
+ test "cannot create with owner = unwritable user" do
+ set_user_from_auth :rominiadmin
+ assert_raises ArvadosModel::PermissionDeniedError, "created with owner = unwritable user" do
+ Specimen.create!(owner_uuid: users(:active).uuid)
+ end
+ end
+
+ test "cannot change owner to unwritable user" do
+ set_user_from_auth :rominiadmin
+ ob = Specimen.create!
+ assert_raises ArvadosModel::PermissionDeniedError, "changed owner to unwritable user" do
+ ob.update_attributes!(owner_uuid: users(:active).uuid)
+ end
+ end
+
+ test "cannot create with owner = unwritable group" do
+ set_user_from_auth :rominiadmin
+ assert_raises ArvadosModel::PermissionDeniedError, "created with owner = unwritable group" do
+ Specimen.create!(owner_uuid: groups(:aproject).uuid)
+ end
+ end
+
+ test "cannot change owner to unwritable group" do
+ set_user_from_auth :rominiadmin
+ ob = Specimen.create!
+ assert_raises ArvadosModel::PermissionDeniedError, "changed owner to unwritable group" do
+ ob.update_attributes!(owner_uuid: groups(:aproject).uuid)
+ end
+ end
+
end
--- /dev/null
+include README.rst
--- /dev/null
+========================
+Arvados Keep FUSE Driver
+========================
+
+Overview
+--------
+
+This package provides a FUSE driver for Keep, the Arvados_ storage
+system. It allows you to read data from your collections as if they
+were on the local filesystem.
+
+.. _Arvados: https://arvados.org/
+
+Installation
+------------
+
+Installing under your user account
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This method lets you install the package without root access.
+However, other users on the same system won't be able to use it.
+
+1. Run ``pip install --user arvados_fuse``.
+
+2. In your shell configuration, make sure you add ``$HOME/.local/bin``
+ to your PATH environment variable. For example, you could add the
+ command ``PATH=$PATH:$HOME/.local/bin`` to your ``.bashrc`` file.
+
+3. Reload your shell configuration. For example, bash users could run
+ ``source ~/.bashrc``.
+
+Installing on Debian systems
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+1. Add this Arvados repository to your sources list::
+
+ deb http://apt.arvados.org/ wheezy main
+
+2. Update your package list.
+
+3. Install the ``python-arvados-fuse`` package.
+
+Configuration
+-------------
+
+This driver needs two pieces of information to connect to
+Arvados: the DNS name of the API server, and an API authorization
+token. You can set these in environment variables, or the file
+``$HOME/.config/arvados/settings.conf``. `The Arvados user
+documentation
+<http://doc.arvados.org/user/reference/api-tokens.html>`_ describes
+how to find this information in the Arvados Workbench, and install it
+on your system.
+
+Testing and Development
+-----------------------
+
+This package is one part of the Arvados source package, and it has
+integration tests to check interoperability with other Arvados
+components. Our `hacking guide
+<https://arvados.org/projects/arvados/wiki/Hacking_Python_SDK>`_
+describes how to set up a development environment and run tests.
+++ /dev/null
-apt-get install python-dev libattr1-dev libfuse-dev pkg-config
+++ /dev/null
-arvados-python-client>=0.1
-llfuse>=0.37
-python-daemon>=1.5
#!/usr/bin/env python
-from setuptools import setup
+import os
+
+from setuptools import setup, find_packages
+
+README = os.path.join(os.path.dirname(__file__), 'README.rst')
setup(name='arvados_fuse',
version='0.1',
description='Arvados FUSE driver',
+ long_description=open(README).read(),
author='Arvados',
author_email='info@arvados.org',
url="https://arvados.org",
'llfuse',
'python-daemon'
],
+ test_suite='tests',
+ tests_require=['PyYAML'],
zip_safe=False)