[ARVADOS] updated: 656769b7b36b38c564f7da64b275d8831d7a442e
git at public.curoverse.com
git at public.curoverse.com
Mon Jun 2 20:49:36 EDT 2014
Summary of changes:
.../app/controllers/application_controller.rb | 26 ++++++++++++++++++++++
apps/workbench/app/helpers/application_helper.rb | 11 +++++++--
.../app/models/api_client_authorization.rb | 2 +-
apps/workbench/app/models/arvados_base.rb | 4 +++-
apps/workbench/app/models/authorized_key.rb | 4 ++--
apps/workbench/app/models/collection.rb | 2 +-
apps/workbench/app/models/job.rb | 2 +-
apps/workbench/app/models/pipeline_instance.rb | 7 +++---
apps/workbench/app/models/user.rb | 4 ++--
apps/workbench/app/models/virtual_machine.rb | 2 +-
10 files changed, 50 insertions(+), 14 deletions(-)
via 656769b7b36b38c564f7da64b275d8831d7a442e (commit)
from abc22e2b430a57787adaf9b665cff1214b0d87fc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 656769b7b36b38c564f7da64b275d8831d7a442e
Author: Tom Clegg <tom at curoverse.com>
Date: Mon Jun 2 20:35:49 2014 -0400
2872: Fix attribute_editable? to play nicer with group ownership. refs #2872
diff --git a/apps/workbench/app/controllers/application_controller.rb b/apps/workbench/app/controllers/application_controller.rb
index 59ca350..e1b6a7f 100644
--- a/apps/workbench/app/controllers/application_controller.rb
+++ b/apps/workbench/app/controllers/application_controller.rb
@@ -422,4 +422,30 @@ class ApplicationController < ActionController::Base
@notification_count = ''
end
end
+
+ helper_method :my_folders
+ def my_folders
+ return @my_folders if @my_folders
+ @my_folders = []
+ root_of = {}
+ Group.filter([['group_class','=','folder']]).each do |g|
+ root_of[g.uuid] = g.owner_uuid
+ @my_folders << g
+ end
+ done = false
+ while not done
+ done = true
+ root_of = root_of.each_with_object({}) do |(child, parent), h|
+ if root_of[parent]
+ h[child] = root_of[parent]
+ done = false
+ else
+ h[child] = parent
+ end
+ end
+ end
+ @my_folders = @my_folders.select do |g|
+ root_of[g.uuid] == current_user.uuid
+ end
+ end
end
diff --git a/apps/workbench/app/helpers/application_helper.rb b/apps/workbench/app/helpers/application_helper.rb
index d844350..7a955e5 100644
--- a/apps/workbench/app/helpers/application_helper.rb
+++ b/apps/workbench/app/helpers/application_helper.rb
@@ -128,7 +128,11 @@ module ApplicationHelper
def render_editable_attribute(object, attr, attrvalue=nil, htmloptions={})
attrvalue = object.send(attr) if attrvalue.nil?
- return attrvalue if !object.attribute_editable? attr
+ if !object.attribute_editable?(attr, :ever) or
+ (!object.editable? and
+ !object.owner_uuid.in?(my_folders.collect(&:uuid)))
+ return attrvalue
+ end
input_type = 'text'
case object.class.attribute_info[attr.to_sym].andand[:type]
@@ -197,7 +201,10 @@ module ApplicationHelper
end
end
- unless object.andand.attribute_editable? attr
+ if !object or
+ !object.attribute_editable?(attr, :ever) or
+ (!object.editable? and
+ !object.owner_uuid.in?(my_folders.collect(&:uuid)))
return link_to_if_arvados_object attrvalue
end
diff --git a/apps/workbench/app/models/api_client_authorization.rb b/apps/workbench/app/models/api_client_authorization.rb
index 620ebc7..ac3a9bf 100644
--- a/apps/workbench/app/models/api_client_authorization.rb
+++ b/apps/workbench/app/models/api_client_authorization.rb
@@ -1,5 +1,5 @@
class ApiClientAuthorization < ArvadosBase
- def attribute_editable?(attr)
+ def attribute_editable? attr, *args
['expires_at', 'default_owner_uuid'].index attr
end
def self.creatable?
diff --git a/apps/workbench/app/models/arvados_base.rb b/apps/workbench/app/models/arvados_base.rb
index 2c2963c..2eb0b62 100644
--- a/apps/workbench/app/models/arvados_base.rb
+++ b/apps/workbench/app/models/arvados_base.rb
@@ -301,13 +301,15 @@ class ArvadosBase < ActiveRecord::Base
(writable_by.include? current_user.uuid rescue false)))
end
- def attribute_editable?(attr)
+ def attribute_editable?(attr, ever=nil)
if "created_at modified_at modified_by_user_uuid modified_by_client_uuid updated_at".index(attr.to_s)
false
elsif not (current_user.andand.is_active)
false
elsif attr == 'uuid'
current_user.is_admin
+ elsif ever
+ true
else
editable?
end
diff --git a/apps/workbench/app/models/authorized_key.rb b/apps/workbench/app/models/authorized_key.rb
index c018cc5..724c996 100644
--- a/apps/workbench/app/models/authorized_key.rb
+++ b/apps/workbench/app/models/authorized_key.rb
@@ -1,9 +1,9 @@
class AuthorizedKey < ArvadosBase
- def attribute_editable?(attr)
+ def attribute_editable? attr, *args
if attr.to_s == 'authorized_user_uuid'
current_user and current_user.is_admin
else
- super(attr)
+ super
end
end
end
diff --git a/apps/workbench/app/models/collection.rb b/apps/workbench/app/models/collection.rb
index 2fe4e2b..a64f7e1 100644
--- a/apps/workbench/app/models/collection.rb
+++ b/apps/workbench/app/models/collection.rb
@@ -47,7 +47,7 @@ class Collection < ArvadosBase
dir_to_tree.call('.')
end
- def attribute_editable?(attr)
+ def attribute_editable? attr, *args
false
end
diff --git a/apps/workbench/app/models/job.rb b/apps/workbench/app/models/job.rb
index 56428ab..92f3910 100644
--- a/apps/workbench/app/models/job.rb
+++ b/apps/workbench/app/models/job.rb
@@ -3,7 +3,7 @@ class Job < ArvadosBase
true
end
- def attribute_editable?(attr)
+ def attribute_editable? attr, *args
false
end
diff --git a/apps/workbench/app/models/pipeline_instance.rb b/apps/workbench/app/models/pipeline_instance.rb
index aad7cfc..5a88003 100644
--- a/apps/workbench/app/models/pipeline_instance.rb
+++ b/apps/workbench/app/models/pipeline_instance.rb
@@ -21,9 +21,10 @@ class PipelineInstance < ArvadosBase
end
end
- def attribute_editable?(attr)
- attr && (attr.to_sym == :name ||
- (attr.to_sym == :components and (self.state == 'New' || self.state == 'Ready')))
+ def attribute_editable? attr, *args
+ super && (attr.to_sym == :name ||
+ (attr.to_sym == :components and
+ (self.state == 'New' || self.state == 'Ready')))
end
def attributes_for_display
diff --git a/apps/workbench/app/models/user.rb b/apps/workbench/app/models/user.rb
index c1656bd..9c91477 100644
--- a/apps/workbench/app/models/user.rb
+++ b/apps/workbench/app/models/user.rb
@@ -31,8 +31,8 @@ class User < ArvadosBase
super.reject { |k,v| %w(owner_uuid default_owner_uuid identity_url prefs).index k }
end
- def attribute_editable?(attr)
- (not (self.uuid.andand.match(/000000000000000$/) and self.is_admin)) and super(attr)
+ def attribute_editable? attr, *args
+ (not (self.uuid.andand.match(/000000000000000$/) and self.is_admin)) and super
end
def friendly_link_name
diff --git a/apps/workbench/app/models/virtual_machine.rb b/apps/workbench/app/models/virtual_machine.rb
index 5ff7798..9789641 100644
--- a/apps/workbench/app/models/virtual_machine.rb
+++ b/apps/workbench/app/models/virtual_machine.rb
@@ -6,7 +6,7 @@ class VirtualMachine < ArvadosBase
def attributes_for_display
super.append ['current_user_logins', @current_user_logins]
end
- def attribute_editable?(attr)
+ def attribute_editable? attr, *args
attr != 'current_user_logins' and super
end
def self.attribute_info
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list