[ARVADOS] updated: 87275ec769831e04982a714049ee9d67b6342d68
Git user
git at public.curoverse.com
Wed Jan 11 15:41:06 EST 2017
Summary of changes:
build/run-build-packages.sh | 8 +-
services/api/app/models/user.rb | 37 ++---
services/api/config/application.rb | 11 +-
services/keepstore/volume_unix.go | 157 ++++++++++++++++-----
services/keepstore/volume_unix_test.go | 61 ++++++++
tools/arvbox/lib/arvbox/docker/api-setup.sh | 1 +
.../lib/arvbox/docker/service/sso/run-service | 1 +
7 files changed, 214 insertions(+), 62 deletions(-)
via 87275ec769831e04982a714049ee9d67b6342d68 (commit)
via 07a94c1d7f2fc3b0c18504c46de03abeec5da8fc (commit)
via 3aee47f04fddb82b1887044de86f8824e9e2f5f2 (commit)
via b7ff345255551a5187ae7b2846b704a3c800256d (commit)
via 4a5f17bc047eea3cc65ccee62315f2215ad5e936 (commit)
via 837949653b69e357cfa90fb0b8855a37e9c406d7 (commit)
via 12cf6dc14d6ee5b19ee5ede7dd53a16a75894544 (commit)
via 16a1220278fdb7fd98d0332a0bc688e38a485daa (commit)
via 3bfea9bfaeb0b5fcae276d5fd2f255e3ebeab64c (commit)
from f301a70fdcfda9872965835b26d1400a53d584a1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 87275ec769831e04982a714049ee9d67b6342d68
Merge: 07a94c1 3aee47f
Author: Tom Clegg <tom at curoverse.com>
Date: Wed Jan 11 15:27:10 2017 -0500
10816: Merge branch 'master' into 10816-postgres-permissions
commit 07a94c1d7f2fc3b0c18504c46de03abeec5da8fc
Author: Tom Clegg <tom at curoverse.com>
Date: Wed Jan 11 15:26:41 2017 -0500
10816: Release savepoint after rollback. Use exec_query instead of execute. Move perms_for_val to a class constant.
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 1c26f5c..eb181c3 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -57,6 +57,14 @@ class User < ArvadosModel
ALL_PERMISSIONS = {read: true, write: true, manage: true}
+ # Map numeric permission levels (see lib/create_permission_view.sql)
+ # back to read/write/manage flags.
+ PERMS_FOR_VAL =
+ [{},
+ {read: true},
+ {read: true, write: true},
+ {read: true, write: true, manage: true}]
+
def full_name
"#{first_name} #{last_name}".strip
end
@@ -140,32 +148,27 @@ class User < ArvadosModel
self.class.transaction do
# Check whether the temporary view has already been created
# during this connection. If not, create it.
- conn.execute 'SAVEPOINT check_permission_view'
+ conn.exec_query 'SAVEPOINT check_permission_view'
begin
- conn.execute('SELECT 1 FROM permission_view LIMIT 0')
+ conn.exec_query('SELECT 1 FROM permission_view LIMIT 0')
rescue
- conn.execute 'ROLLBACK TO SAVEPOINT check_permission_view'
+ conn.exec_query 'ROLLBACK TO SAVEPOINT check_permission_view'
sql = File.read(Rails.root.join('lib', 'create_permission_view.sql'))
conn.exec_query(sql)
- else
- conn.execute 'RELEASE SAVEPOINT check_permission_view'
+ ensure
+ conn.exec_query 'RELEASE SAVEPOINT check_permission_view'
end
end
group_perms = {}
- perms_for_val =
- [{},
- {read: true},
- {read: true, write: true},
- {read: true, write: true, manage: true}]
conn.exec_query('SELECT target_owner_uuid, max(perm_level)
- FROM permission_view
- WHERE user_uuid = $1
- AND target_owner_uuid IS NOT NULL
- GROUP BY target_owner_uuid',
- "group_permissions for #{uuid}",
- [[nil, uuid]]).rows.each do |group_uuid, max_p_val|
- group_perms[group_uuid] = perms_for_val[max_p_val.to_i]
+ FROM permission_view
+ WHERE user_uuid = $1
+ AND target_owner_uuid IS NOT NULL
+ GROUP BY target_owner_uuid',
+ "group_permissions for #{uuid}",
+ [[nil, uuid]]).rows.each do |group_uuid, max_p_val|
+ group_perms[group_uuid] = PERMS_FOR_VAL[max_p_val.to_i]
end
Rails.cache.write "groups_for_user_#{self.uuid}", group_perms
group_perms
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list