[ARVADOS] updated: 2.1.0-1257-gd67a11c2e

Git user git at public.arvados.org
Mon Aug 30 14:21:42 UTC 2021 

Summary of changes:
 lib/controller/localdb/collection.go      | 34 +++++++++++++++++++++++++++++++
 lib/controller/localdb/collection_test.go | 12 +++++++----
 sdk/go/arvados/api.go                     |  1 +
 3 files changed, 43 insertions(+), 4 deletions(-)

       via  d67a11c2ee42159dd0ecd8f6ef39af38b6380dfd (commit)
      from  9b46e402be4366b591ce9c73e2afb24bef0a3dd5 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit d67a11c2ee42159dd0ecd8f6ef39af38b6380dfd
Author: Tom Clegg <tom at curii.com>
Date:   Mon Aug 30 10:07:33 2021 -0400

    17217: Sign locators in CollectionCreate and Update.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>

diff --git a/lib/controller/localdb/collection.go b/lib/controller/localdb/collection.go
index 414c92679..d81dd812b 100644
--- a/lib/controller/localdb/collection.go
+++ b/lib/controller/localdb/collection.go
@@ -48,6 +48,40 @@ func (conn *Conn) CollectionList(ctx context.Context, opts arvados.ListOptions)
 	return resp, nil
 }
 
+// CollectionCreate defers to railsProxy for everything except blob
+// signatures.
+func (conn *Conn) CollectionCreate(ctx context.Context, opts arvados.CreateOptions) (arvados.Collection, error) {
+	if len(opts.Select) > 0 {
+		// We need to know IsTrashed and TrashAt to implement
+		// signing properly, even if the caller doesn't want
+		// them.
+		opts.Select = append([]string{"is_trashed", "trash_at"}, opts.Select...)
+	}
+	resp, err := conn.railsProxy.CollectionCreate(ctx, opts)
+	if err != nil {
+		return resp, err
+	}
+	conn.signCollection(ctx, &resp)
+	return resp, nil
+}
+
+// CollectionUpdate defers to railsProxy for everything except blob
+// signatures.
+func (conn *Conn) CollectionUpdate(ctx context.Context, opts arvados.UpdateOptions) (arvados.Collection, error) {
+	if len(opts.Select) > 0 {
+		// We need to know IsTrashed and TrashAt to implement
+		// signing properly, even if the caller doesn't want
+		// them.
+		opts.Select = append([]string{"is_trashed", "trash_at"}, opts.Select...)
+	}
+	resp, err := conn.railsProxy.CollectionUpdate(ctx, opts)
+	if err != nil {
+		return resp, err
+	}
+	conn.signCollection(ctx, &resp)
+	return resp, nil
+}
+
 func (conn *Conn) signCollection(ctx context.Context, coll *arvados.Collection) {
 	if coll.IsTrashed || coll.ManifestText == "" || !conn.cluster.Collections.BlobSigning {
 		return
diff --git a/lib/controller/localdb/collection_test.go b/lib/controller/localdb/collection_test.go
index 34c2fa23c..e0de7256a 100644
--- a/lib/controller/localdb/collection_test.go
+++ b/lib/controller/localdb/collection_test.go
@@ -82,24 +82,28 @@ func (s *CollectionSuite) TestSignatures(c *check.C) {
 		c.Check(lresp.Items[0].UnsignedManifestText, check.Matches, `(?ms).* acbd[^ ]*\+3 0:.*`)
 	}
 
-	// early trash date causes lower signature TTL
+	// early trash date causes lower signature TTL (even if
+	// trash_at and is_trashed fields are unselected)
 	trashed, err := s.localdb.CollectionCreate(ctx, arvados.CreateOptions{
+		Select: []string{"uuid", "manifest_text"},
 		Attrs: map[string]interface{}{
 			"manifest_text": ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n",
 			"trash_at":      time.Now().UTC().Add(time.Hour),
 		}})
 	c.Assert(err, check.IsNil)
+	s.checkSignatureExpiry(c, trashed.ManifestText, time.Hour)
 	resp, err = s.localdb.CollectionGet(ctx, arvados.GetOptions{UUID: trashed.UUID})
 	c.Assert(err, check.IsNil)
 	s.checkSignatureExpiry(c, resp.ManifestText, time.Hour)
 
 	// distant future trash date does not cause higher signature TTL
-	trashed, err = s.localdb.CollectionCreate(ctx, arvados.CreateOptions{
+	trashed, err = s.localdb.CollectionUpdate(ctx, arvados.UpdateOptions{
+		UUID: trashed.UUID,
 		Attrs: map[string]interface{}{
-			"manifest_text": ". d41d8cd98f00b204e9800998ecf8427e+0 0:0:foo\n",
-			"trash_at":      time.Now().UTC().Add(time.Hour * 24 * 365),
+			"trash_at": time.Now().UTC().Add(time.Hour * 24 * 365),
 		}})
 	c.Assert(err, check.IsNil)
+	s.checkSignatureExpiry(c, trashed.ManifestText, time.Hour*24*7*2)
 	resp, err = s.localdb.CollectionGet(ctx, arvados.GetOptions{UUID: trashed.UUID})
 	c.Assert(err, check.IsNil)
 	s.checkSignatureExpiry(c, resp.ManifestText, time.Hour*24*7*2)
diff --git a/sdk/go/arvados/api.go b/sdk/go/arvados/api.go
index a57f2a683..736ace75e 100644
--- a/sdk/go/arvados/api.go
+++ b/sdk/go/arvados/api.go
@@ -133,6 +133,7 @@ type CreateOptions struct {
 type UpdateOptions struct {
 	UUID             string                 `json:"uuid"`
 	Attrs            map[string]interface{} `json:"attrs"`
+	Select           []string               `json:"select"`
 	BypassFederation bool                   `json:"bypass_federation"`
 }
 

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list