[ARVADOS] updated: 1.3.0-2628-g53f015422
Git user
git at public.arvados.org
Thu Jun 11 17:12:24 UTC 2020
Summary of changes:
services/api/app/models/group.rb | 4 ++--
services/api/app/models/link.rb | 2 +-
services/api/app/models/user.rb | 14 +++++++-------
services/api/lib/update_permissions.rb | 3 +++
4 files changed, 13 insertions(+), 10 deletions(-)
via 53f015422ac101cb4613b416569c3a59e3c977d7 (commit)
from 1f1cec38f109a93513fab7f2a2d0c774290ac8fa (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 53f015422ac101cb4613b416569c3a59e3c977d7
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Thu Jun 11 13:12:04 2020 -0400
16007: Add REVOKE_PERM and CAN_MANAGE_PERM constants
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/services/api/app/models/group.rb b/services/api/app/models/group.rb
index 05daec1d2..21e57e143 100644
--- a/services/api/app/models/group.rb
+++ b/services/api/app/models/group.rb
@@ -92,13 +92,13 @@ on conflict (group_uuid) do update set trash_at=EXCLUDED.trash_at;
def before_ownership_change
if owner_uuid_changed? and !self.owner_uuid_was.nil?
MaterializedPermission.where(user_uuid: owner_uuid_was, target_uuid: uuid).delete_all
- update_permissions self.owner_uuid_was, self.uuid, 0
+ update_permissions self.owner_uuid_was, self.uuid, REVOKE_PERM
end
end
def after_ownership_change
if owner_uuid_changed?
- update_permissions self.owner_uuid, self.uuid, 3
+ update_permissions self.owner_uuid, self.uuid, CAN_MANAGE_PERM
end
end
diff --git a/services/api/app/models/link.rb b/services/api/app/models/link.rb
index b63e04f74..fc1cd07f0 100644
--- a/services/api/app/models/link.rb
+++ b/services/api/app/models/link.rb
@@ -114,7 +114,7 @@ class Link < ArvadosModel
def clear_permissions
if self.link_class == 'permission'
- update_permissions tail_uuid, head_uuid, 0
+ update_permissions tail_uuid, head_uuid, REVOKE_PERM
end
end
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index a2922cb7b..d65cfb9c4 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -146,18 +146,18 @@ SELECT 1 FROM #{PERMISSION_VIEW}
def before_ownership_change
if owner_uuid_changed? and !self.owner_uuid_was.nil?
MaterializedPermission.where(user_uuid: owner_uuid_was, target_uuid: uuid).delete_all
- update_permissions self.owner_uuid_was, self.uuid, 0
+ update_permissions self.owner_uuid_was, self.uuid, REVOKE_PERM
end
end
def after_ownership_change
if owner_uuid_changed?
- update_permissions self.owner_uuid, self.uuid, 3
+ update_permissions self.owner_uuid, self.uuid, CAN_MANAGE_PERM
end
end
def clear_permissions
- update_permissions self.owner_uuid, self.uuid, 0
+ update_permissions self.owner_uuid, self.uuid, REVOKE_PERM
MaterializedPermission.where("user_uuid = ? or target_uuid = ?", uuid, uuid).delete_all
end
@@ -447,11 +447,11 @@ update #{PERMISSION_VIEW} set target_uuid=$1 where target_uuid = $2
update_attributes!(redirect_to_user_uuid: new_user.uuid, username: nil)
end
skip_check_permissions_against_full_refresh do
- update_permissions self.owner_uuid, self.uuid, 3
- update_permissions self.uuid, self.uuid, 3
- update_permissions new_user.owner_uuid, new_user.uuid, 3
+ update_permissions self.owner_uuid, self.uuid, CAN_MANAGE_PERM
+ update_permissions self.uuid, self.uuid, CAN_MANAGE_PERM
+ update_permissions new_user.owner_uuid, new_user.uuid, CAN_MANAGE_PERM
end
- update_permissions new_user.uuid, new_user.uuid, 3
+ update_permissions new_user.uuid, new_user.uuid, CAN_MANAGE_PERM
end
end
diff --git a/services/api/lib/update_permissions.rb b/services/api/lib/update_permissions.rb
index 8e03dd56c..ca7e55839 100644
--- a/services/api/lib/update_permissions.rb
+++ b/services/api/lib/update_permissions.rb
@@ -4,6 +4,9 @@
require '20200501150153_permission_table_constants'
+REVOKE_PERM = 0
+CAN_MANAGE_PERM = 3
+
def update_permissions perm_origin_uuid, starting_uuid, perm_level
return if Thread.current[:suppress_update_permissions]
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list