[ARVADOS] updated: 61cd57499905e8e8cca07c774d1bf8c6bfa069a7
git at public.curoverse.com
git at public.curoverse.com
Tue Aug 26 10:45:21 EDT 2014
Summary of changes:
.../test/functional/collections_controller_test.rb | 4 +-
.../workbench/test/integration/collections_test.rb | 7 +-
apps/workbench/test/integration/projects_test.rb | 6 +-
.../test/unit/arvados_resource_list_test.rb | 17 +-
apps/workbench/test/unit/group_test.rb | 11 +-
sdk/python/arvados/commands/keepdocker.py | 1 -
sdk/python/arvados/events.py | 1 -
sdk/python/tests/test_arv_put.py | 30 +-
.../api/app/controllers/application_controller.rb | 3 +-
.../arvados/v1/collections_controller.rb | 301 +++++++--------------
.../controllers/arvados/v1/groups_controller.rb | 10 +-
.../app/controllers/arvados/v1/jobs_controller.rb | 4 +-
services/api/app/models/arvados_model.rb | 50 ++--
services/api/app/models/collection.rb | 169 ++++++++----
services/api/app/models/group.rb | 9 +
services/api/app/models/job.rb | 4 +-
services/api/app/models/link.rb | 17 +-
services/api/app/models/locator.rb | 15 +-
services/api/app/models/pipeline_instance.rb | 1 +
.../views/api_client_authorizations/index.html.erb | 36 ---
services/api/app/views/collections/index.html.erb | 47 ----
services/api/app/views/nodes/index.html.erb | 66 -----
.../app/views/pipeline_instances/index.html.erb | 63 -----
.../20140811184643_collection_use_regular_uuids.rb | 180 ++++++++++++
.../20140817035914_add_unique_name_constraints.rb | 30 ++
...125735_add_not_null_constraint_to_group_name.rb | 6 +
services/api/db/structure.sql | 61 ++++-
services/api/lib/current_api_client.rb | 8 +-
services/api/lib/has_uuid.rb | 38 ++-
services/api/test/fixtures/collections.yml | 87 +++++-
services/api/test/fixtures/groups.yml | 13 +-
services/api/test/fixtures/links.yml | 145 ++--------
services/api/test/fixtures/logs.yml | 4 +-
services/api/test/fixtures/specimens.yml | 12 -
services/api/test/fixtures/traits.yml | 5 +
.../arvados/v1/collections_controller_test.rb | 95 ++++---
.../arvados/v1/groups_controller_test.rb | 182 +++++--------
.../functional/arvados/v1/links_controller_test.rb | 16 +-
.../api/test/integration/collections_api_test.rb | 53 +++-
services/api/test/unit/arvados_model_test.rb | 19 +-
services/api/test/unit/group_test.rb | 13 +-
services/api/test/unit/job_test.rb | 18 +-
services/api/test/unit/link_test.rb | 42 ---
services/api/test/unit/owner_test.rb | 16 +-
services/fuse/arvados_fuse/__init__.py | 2 +-
services/fuse/tests/test_mount.py | 268 +++++++++---------
46 files changed, 1071 insertions(+), 1114 deletions(-)
delete mode 100644 services/api/app/views/api_client_authorizations/index.html.erb
delete mode 100644 services/api/app/views/collections/index.html.erb
delete mode 100644 services/api/app/views/nodes/index.html.erb
delete mode 100644 services/api/app/views/pipeline_instances/index.html.erb
create mode 100644 services/api/db/migrate/20140811184643_collection_use_regular_uuids.rb
create mode 100644 services/api/db/migrate/20140817035914_add_unique_name_constraints.rb
create mode 100644 services/api/db/migrate/20140818125735_add_not_null_constraint_to_group_name.rb
create mode 100644 services/api/test/fixtures/traits.yml
via 61cd57499905e8e8cca07c774d1bf8c6bfa069a7 (commit)
via 41a6554ca2281983645cf606ba6291cc2332dced (commit)
via f1886a6d0c1dadd06ec751f25c5c1e9469825e1a (commit)
via ff2e2d7b53edfec33a77ad1ff2b5a83f02a5be80 (commit)
via ed9499404901d5e788054a770cc5cb6e8566554e (commit)
via 8f46cb4ad6974b0fc54acc9c9f16fbea7573d75d (commit)
via 68c3fbc94ecfa4115af4d6ccb95171b46432eb72 (commit)
via 0bbd1138943bb0c7395798eb234f5b2460c43d22 (commit)
via 4dd469c1bd4c1f4a2edac6c2d63bc571e874aa3f (commit)
via 128506128f407047b3dc40e219cc9734afa7090a (commit)
via 86c4b60b5f9e8ab1f20eeee1da0afce3db57ab3b (commit)
via cb07b2362dadab18abc43e2385cf7b54ed33a7e5 (commit)
via fe76288c35ce28b82bb050e18f0a0af24b05da0b (commit)
via a9c59725cc4df5d505bcef220ef4fccb2e61228d (commit)
via 5d651aff459f70c777054217203a239cbfd95706 (commit)
via 48956dadd90d0a71a51afdcd9fd3d9a988866272 (commit)
via 5b7762f1e6931c3e4e6ccd36d2a75ce53e38e36c (commit)
via 6403b8728d3120d6cb22583b3963d2a030e88aa3 (commit)
via b9eb04049c7740e8021a9810ed3adccb338d556b (commit)
via d08c3a56c462a0277aba6f67e0551214f1510102 (commit)
via 57d7ce9de300d1340ed12d61248e7cea6bd1be15 (commit)
via cbe594f580c26381d786d7b43d5227eb1d12620d (commit)
via b1942917bca8caf9e1b693c933d88d4f1aa9a264 (commit)
via 1a0a58c4f22af82e0a37440af3b0948771bca5e1 (commit)
via 67c0a6e006f6e181204559dc28af16a8656878b8 (commit)
via b7ab0180bbe96dd1b61b9713d5a3f033f48386c5 (commit)
via b48b26080b88f5ebf1caedb5e29bbd509d8427af (commit)
via 49ca83c5f0d6f17ca6fac5f6082fdcb4f0cec036 (commit)
via 20378927432d882bed657806b6c7e026d3e2b986 (commit)
via 3f4a785775ac28430cc1d1f5968a0ca63d502d92 (commit)
via 92ef95274c98a8ec0f4c76c9b30046f658f9ce35 (commit)
via 7d81fa519e768fd3bbafebef1530b1dfc5d845bc (commit)
via d10a66b66edc088d33bad52aebd7cac0a6e9ce49 (commit)
via 1fc1bc4348ea3a1168f6d7bd3391f2449e30d181 (commit)
via 317952f20cb0d979d35b66bc735d02c2ea69050e (commit)
via a2ef5d0f32746fe06e89737ea5744622fc43e012 (commit)
via 7dae5c418a130f07301282cb67f2f991671931db (commit)
via cc6f3141d4e55c8adab282762bad9a8643336346 (commit)
via 22457e13e9c758f2c4a38326fa181607997bf023 (commit)
via b1863eca14e92621dbea60367527ce30288ea853 (commit)
via 51e6edf73c9dff7faa6fa4bcadc850b8cdcfea11 (commit)
via 6d2599783e2c1bdd94cba48857b51df031396527 (commit)
via 61b31deac802a32e39953780fb5d2daeaf9c7fde (commit)
via 26a7558c41a528f977932cf6738c62cfc4edfa6a (commit)
via 3251b50fed55eeb1c30fd7bf996f715490ee2104 (commit)
via 696822adee174ad70cfaa4315f035c54e09c0912 (commit)
via 53b8734add5e99bb2d6f3cf1b3e2a5b1f3664ef0 (commit)
via c3b48996e1177336d97b44d30a3aaf41d8276142 (commit)
from 79577fec16a8f43c0d00ce693e06fcd3770bf2bf (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 61cd57499905e8e8cca07c774d1bf8c6bfa069a7
Merge: 79577fe 41a6554
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date: Tue Aug 26 10:45:17 2014 -0400
Merge branch '3036-collection-uuids' closes #3036
commit 41a6554ca2281983645cf606ba6291cc2332dced
Merge: f1886a6 79577fe
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date: Tue Aug 26 10:43:41 2014 -0400
Merge branch 'master' into 3036-collection-uuids
Conflicts:
services/api/test/fixtures/groups.yml
diff --cc services/api/test/fixtures/groups.yml
index f0e2d05,c0fc79e..3100a2c
--- a/services/api/test/fixtures/groups.yml
+++ b/services/api/test/fixtures/groups.yml
@@@ -26,13 -29,20 +29,14 @@@ activeandfriends
name: Active User and friends
description:
updated_at: 2014-08-22 14:02:18.481166435 Z
- group_class:
+ group_class: role
-system_owned_group:
- uuid: zzzzz-j7d0g-8ulrifv67tve5sx
- owner_uuid: zzzzz-tpzed-000000000000000
- name: System Private
- description: System-owned Group
- group_class: role
-
system_group:
uuid: zzzzz-j7d0g-000000000000000
owner_uuid: zzzzz-tpzed-000000000000000
name: System Private
description: System-owned Group
++ group_class: role
empty_lonely_group:
uuid: zzzzz-j7d0g-jtp06ulmvsezgyu
commit f1886a6d0c1dadd06ec751f25c5c1e9469825e1a
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date: Tue Aug 26 08:48:08 2014 -0400
3036: Fix merge conflicts. One python sdk test still fails.
diff --git a/sdk/python/tests/test_arv_put.py b/sdk/python/tests/test_arv_put.py
index 7fd0730..66af47a 100644
--- a/sdk/python/tests/test_arv_put.py
+++ b/sdk/python/tests/test_arv_put.py
@@ -579,7 +579,7 @@ class ArvPutIntegrationTest(run_test_server.TestCaseWithServers,
stderr=subprocess.PIPE, env=self.ENVIRON)
stdout, stderr = pipe.communicate(text)
collection_list = arvados.api('v1', cache=False).collections().list(
- filters=[['uuid', '=', stdout.strip()]]).execute().get('items', [])
+ filters=[['portable_data_hash', '=', stdout.strip()]]).execute().get('items', [])
self.assertEqual(1, len(collection_list))
return collection_list[0]
diff --git a/services/api/db/migrate/20140815171049_add_name_description_columns.rb b/services/api/db/migrate/20140815171049_add_name_description_columns.rb
deleted file mode 100644
index c0c8f6a..0000000
--- a/services/api/db/migrate/20140815171049_add_name_description_columns.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-class AddNameDescriptionColumns < ActiveRecord::Migration
- def up
- add_column :jobs, :name, :string
- add_column :jobs, :description, :text
- add_column :pipeline_instances, :description, :text
- end
-
- def down
- remove_column :jobs, :name
- remove_column :jobs, :description
- remove_column :pipeline_instances, :description
- end
-end
diff --git a/services/api/db/migrate/20140817035914_add_unique_name_constraints.rb b/services/api/db/migrate/20140817035914_add_unique_name_constraints.rb
index f84c635..3b7eecc 100644
--- a/services/api/db/migrate/20140817035914_add_unique_name_constraints.rb
+++ b/services/api/db/migrate/20140817035914_add_unique_name_constraints.rb
@@ -24,10 +24,6 @@ update #{table} set name='#{r["name"]} #{n}' where uuid='#{r["uuid"]}'
name: 'collection_owner_uuid_name_unique')
add_index(:pipeline_templates, [:owner_uuid, :name], unique: true,
name: 'pipeline_template_owner_uuid_name_unique')
- add_index(:pipeline_instances, [:owner_uuid, :name], unique: true,
- name: 'pipeline_instance_owner_uuid_name_unique')
- add_index(:jobs, [:owner_uuid, :name], unique: true,
- name: 'jobs_owner_uuid_name_unique')
add_index(:groups, [:owner_uuid, :name], unique: true,
name: 'groups_owner_uuid_name_unique')
end
diff --git a/services/api/db/structure.sql b/services/api/db/structure.sql
index 06e327f..af4bf6a 100644
--- a/services/api/db/structure.sql
+++ b/services/api/db/structure.sql
@@ -2024,4 +2024,4 @@ INSERT INTO schema_migrations (version) VALUES ('20140815171049');
INSERT INTO schema_migrations (version) VALUES ('20140817035914');
-INSERT INTO schema_migrations (version) VALUES ('20140818125735');
+INSERT INTO schema_migrations (version) VALUES ('20140818125735');
\ No newline at end of file
diff --git a/services/api/test/fixtures/groups.yml b/services/api/test/fixtures/groups.yml
index a3f75cd..f0e2d05 100644
--- a/services/api/test/fixtures/groups.yml
+++ b/services/api/test/fixtures/groups.yml
@@ -28,12 +28,6 @@ activeandfriends:
updated_at: 2014-08-22 14:02:18.481166435 Z
group_class:
-system_owned_group:
- uuid: zzzzz-j7d0g-8ulrifv67tve5sx
- owner_uuid: zzzzz-tpzed-000000000000000
- name: System Private
- description: System-owned Group
-
system_group:
uuid: zzzzz-j7d0g-000000000000000
owner_uuid: zzzzz-tpzed-000000000000000
commit ff2e2d7b53edfec33a77ad1ff2b5a83f02a5be80
Merge: ed94994 da34478
Author: Peter Amstutz <peter.amstutz at curoverse.com>
Date: Mon Aug 25 16:29:32 2014 -0400
Merge branch 'master' into 3036-collection-uuids
Conflicts:
sdk/python/arvados/commands/put.py
services/api/app/controllers/application_controller.rb
services/api/app/controllers/arvados/v1/collections_controller.rb
services/api/app/models/arvados_model.rb
services/api/test/fixtures/groups.yml
services/api/test/fixtures/links.yml
diff --cc services/api/app/models/arvados_model.rb
index 205f54a,16bafca..be427bf
--- a/services/api/app/models/arvados_model.rb
+++ b/services/api/app/models/arvados_model.rb
@@@ -124,61 -124,71 +124,65 @@@ class ArvadosModel < ActiveRecord::Bas
end
# Check if any of the users are admin. If so, we're done.
- if users_list.select { |u| u.is_admin }.empty?
+ if users_list.select { |u| u.is_admin }.any?
+ return self
+ end
+
+ # Collect the uuids for each user and any groups readable by each user.
+ user_uuids = users_list.map { |u| u.uuid }
+ uuid_list = user_uuids + users_list.flat_map { |u| u.groups_i_can(:read) }
+ sql_conds = []
+ sql_params = []
+ sql_table = kwargs.fetch(:table_name, table_name)
+ or_object_uuid = ''
+
+ # This row is owned by a member of users_list, or owned by a group
+ # readable by a member of users_list
+ # or
+ # This row uuid is the uuid of a member of users_list
+ # or
+ # A permission link exists ('write' and 'manage' implicitly include
+ # 'read') from a member of users_list, or a group readable by users_list,
+ # to this row, or to the owner of this row (see join() below).
+ sql_conds += ["#{sql_table}.uuid in (?)"]
+ sql_params += [user_uuids]
+
+ if uuid_list.any?
+ sql_conds += ["#{sql_table}.owner_uuid in (?)"]
+ sql_params += [uuid_list]
- # Collect the uuids for each user and any groups readable by each user.
- user_uuids = users_list.map { |u| u.uuid }
- uuid_list = user_uuids + users_list.flat_map { |u| u.groups_i_can(:read) }
sanitized_uuid_list = uuid_list.
collect { |uuid| sanitize(uuid) }.join(', ')
- sql_conds = []
- sql_params = []
- sql_table = kwargs.fetch(:table_name, table_name)
- or_object_uuid = ''
-
- # This row is owned by a member of users_list, or owned by a group
- # readable by a member of users_list
- # or
- # This row uuid is the uuid of a member of users_list
- # or
- # A permission link exists ('write' and 'manage' implicitly include
- # 'read') from a member of users_list, or a group readable by users_list,
- # to this row, or to the owner of this row (see join() below).
permitted_uuids = "(SELECT head_uuid FROM links WHERE link_class='permission' AND tail_uuid IN (#{sanitized_uuid_list}))"
+ sql_conds += ["#{sql_table}.uuid IN #{permitted_uuids}"]
+ end
- sql_conds += ["#{sql_table}.owner_uuid in (?)",
- "#{sql_table}.uuid in (?)",
- "#{sql_table}.uuid IN #{permitted_uuids}"]
- sql_params += [uuid_list, user_uuids]
-
- if sql_table == "links" and users_list.any?
- # This row is a 'permission' or 'resources' link class
- # The uuid for a member of users_list is referenced in either the head
- # or tail of the link
- sql_conds += ["(#{sql_table}.link_class in (#{sanitize 'permission'}, #{sanitize 'resources'}) AND (#{sql_table}.head_uuid IN (?) OR #{sql_table}.tail_uuid IN (?)))"]
- sql_params += [user_uuids, user_uuids]
- end
-
- if sql_table == "logs" and users_list.any?
- # Link head points to the object described by this row
- sql_conds += ["#{sql_table}.object_uuid IN #{permitted_uuids}"]
+ if sql_table == "links" and users_list.any?
+ # This row is a 'permission' or 'resources' link class
+ # The uuid for a member of users_list is referenced in either the head
+ # or tail of the link
+ sql_conds += ["(#{sql_table}.link_class in (#{sanitize 'permission'}, #{sanitize 'resources'}) AND (#{sql_table}.head_uuid IN (?) OR #{sql_table}.tail_uuid IN (?)))"]
+ sql_params += [user_uuids, user_uuids]
+ end
- # This object described by this row is owned by this user, or owned by a group readable by this user
- sql_conds += ["#{sql_table}.object_owner_uuid in (?)"]
- sql_params += [uuid_list]
- end
+ if sql_table == "logs" and users_list.any?
+ # Link head points to the object described by this row
+ sql_conds += ["#{sql_table}.object_uuid IN #{permitted_uuids}"]
- # Link head points to this row, or to the owner of this row (the thing to be read)
- #
- # Link tail originates from this user, or a group that is readable by this
- # user (the identity with authorization to read)
- #
- # Link class is 'permission' ('write' and 'manage' implicitly include 'read')
- where(sql_conds.join(' OR '), *sql_params)
- else
- # At least one user is admin, so don't bother to apply any restrictions.
- self
+ # This object described by this row is owned by this user, or owned by a group readable by this user
+ sql_conds += ["#{sql_table}.object_owner_uuid in (?)"]
+ sql_params += [uuid_list]
end
+
- if sql_table == "collections" and users_list.any?
- # There is a 'name' link going from a readable group to the collection.
- name_links = "(SELECT head_uuid FROM links WHERE link_class='name' AND tail_uuid IN (#{sanitized_uuid_list}))"
- sql_conds += ["#{sql_table}.uuid IN #{name_links}"]
- end
-
+ # Link head points to this row, or to the owner of this row (the
+ # thing to be read)
+ #
+ # Link tail originates from this user, or a group that is readable
+ # by this user (the identity with authorization to read)
+ #
+ # Link class is 'permission' ('write' and 'manage' implicitly
+ # include 'read')
+ where(sql_conds.join(' OR '), *sql_params)
end
def logged_attributes
diff --cc services/api/app/models/link.rb
index 808489e,f4a7de2..d9b8f6f
--- a/services/api/app/models/link.rb
+++ b/services/api/app/models/link.rb
@@@ -79,9 -81,17 +79,10 @@@ class Link < ArvadosMode
end
end
- def name_link_owner_is_tail
- if link_class == 'name'
- self.owner_uuid = tail_uuid
- ensure_owner_uuid_is_permitted
- end
- end
-
# A user is permitted to create, update or modify a permission link
- # if and only if they have "manage" permission on the destination
- # object.
+ # if and only if they have "manage" permission on the object
+ # indicated by the permission link's head_uuid.
+ #
# All other links are treated as regular ArvadosModel objects.
#
def ensure_owner_uuid_is_permitted
diff --cc services/api/db/structure.sql
index af4bf6a,2d0c76f..06e327f
--- a/services/api/db/structure.sql
+++ b/services/api/db/structure.sql
@@@ -2016,12 -1975,4 +2016,12 @@@ INSERT INTO schema_migrations (version
INSERT INTO schema_migrations (version) VALUES ('20140709172343');
-INSERT INTO schema_migrations (version) VALUES ('20140714184006');
+INSERT INTO schema_migrations (version) VALUES ('20140714184006');
+
+INSERT INTO schema_migrations (version) VALUES ('20140811184643');
+
+INSERT INTO schema_migrations (version) VALUES ('20140815171049');
+
+INSERT INTO schema_migrations (version) VALUES ('20140817035914');
+
- INSERT INTO schema_migrations (version) VALUES ('20140818125735');
++INSERT INTO schema_migrations (version) VALUES ('20140818125735');
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list