[arvados] updated: 2.1.0-2590-g9551b59d3

git repository hosting git at public.arvados.org
Tue Jun 7 15:11:01 UTC 2022


Summary of changes:
 lib/controller/federation/conn.go                  |  2 ++
 lib/controller/localdb/group_test.go               | 37 ++++++++++++++++++++++
 .../app/controllers/arvados/v1/users_controller.rb |  2 +-
 services/api/app/models/group.rb                   |  9 ++++++
 services/api/app/models/user.rb                    |  7 ++++
 .../functional/arvados/v1/users_controller_test.rb |  8 ++++-
 6 files changed, 63 insertions(+), 2 deletions(-)

       via  9551b59d3aab67f77240b90bbb550faec6b2a7d9 (commit)
       via  18d976b4701d76bdeb05e0fe3c1757060d3b8a2a (commit)
      from  74323ae3de455071de4fce0c2e2ee79a5650a040 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit 9551b59d3aab67f77240b90bbb550faec6b2a7d9
Author: Tom Clegg <tom at curii.com>
Date:   Tue Jun 7 11:09:57 2022 -0400

    19146: Add can_write/can_manage to users#list, fix select=can_*.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>

diff --git a/lib/controller/localdb/group_test.go b/lib/controller/localdb/group_test.go
index 1fde64d11..78150c955 100644
--- a/lib/controller/localdb/group_test.go
+++ b/lib/controller/localdb/group_test.go
@@ -157,6 +157,17 @@ func (s *GroupSuite) TestCanWriteCanManageResponses(c *check.C) {
 	c.Check(subproject.CanWrite, check.Equals, true)
 	c.Check(subproject.CanManage, check.Equals, true)
 
+	projlist, err := s.localdb.GroupList(ctxUser1, arvados.ListOptions{
+		Limit:   -1,
+		Filters: []arvados.Filter{{"uuid", "in", []string{project.UUID, subproject.UUID}}},
+	})
+	c.Assert(err, check.IsNil)
+	c.Assert(projlist.Items, check.HasLen, 2)
+	for _, p := range projlist.Items {
+		c.Check(p.CanWrite, check.Equals, true)
+		c.Check(p.CanManage, check.Equals, true)
+	}
+
 	// Give 2nd user permission to read
 	permlink, err := s.localdb.LinkCreate(ctxAdmin, arvados.CreateOptions{
 		Attrs: map[string]interface{}{
@@ -228,4 +239,30 @@ func (s *GroupSuite) TestCanWriteCanManageResponses(c *check.C) {
 	c.Assert(err, check.IsNil)
 	c.Check(subproject2.CanWrite, check.Equals, false)
 	c.Check(subproject2.CanManage, check.Equals, true)
+
+	u, err := s.localdb.UserGet(ctxUser1, arvados.GetOptions{
+		UUID: arvadostest.ActiveUserUUID,
+	})
+	c.Assert(err, check.IsNil)
+	c.Check(u.CanWrite, check.Equals, true)
+	c.Check(u.CanManage, check.Equals, true)
+
+	for _, selectParam := range [][]string{
+		nil,
+		{"can_write", "can_manage"},
+	} {
+		c.Logf("selectParam: %+v", selectParam)
+		ulist, err := s.localdb.UserList(ctxUser1, arvados.ListOptions{
+			Limit:   -1,
+			Filters: []arvados.Filter{{"uuid", "=", arvadostest.ActiveUserUUID}},
+			Select:  selectParam,
+		})
+		c.Assert(err, check.IsNil)
+		c.Assert(ulist.Items, check.HasLen, 1)
+		c.Logf("%+v", ulist.Items)
+		for _, u := range ulist.Items {
+			c.Check(u.CanWrite, check.Equals, true)
+			c.Check(u.CanManage, check.Equals, true)
+		}
+	}
 }
diff --git a/services/api/app/controllers/arvados/v1/users_controller.rb b/services/api/app/controllers/arvados/v1/users_controller.rb
index 54db52176..507cb4ac3 100644
--- a/services/api/app/controllers/arvados/v1/users_controller.rb
+++ b/services/api/app/controllers/arvados/v1/users_controller.rb
@@ -274,7 +274,7 @@ class Arvados::V1::UsersController < ApplicationController
     return super if @read_users.any?(&:is_admin)
     if params[:uuid] != current_user.andand.uuid
       # Non-admin index/show returns very basic information about readable users.
-      safe_attrs = ["uuid", "is_active", "email", "first_name", "last_name", "username"]
+      safe_attrs = ["uuid", "is_active", "email", "first_name", "last_name", "username", "can_write", "can_manage"]
       if @select
         @select = @select & safe_attrs
       else
diff --git a/services/api/app/models/group.rb b/services/api/app/models/group.rb
index e18ee5ef3..0c36a048d 100644
--- a/services/api/app/models/group.rb
+++ b/services/api/app/models/group.rb
@@ -48,6 +48,15 @@ class Group < ArvadosModel
     t.add :can_manage
   end
 
+  protected
+
+  def self.attributes_required_columns
+    super.merge(
+                'can_write' => ['owner_uuid', 'uuid'],
+                'can_manage' => ['owner_uuid', 'uuid'],
+                )
+  end
+
   def ensure_filesystem_compatible_name
     # project and filter groups need filesystem-compatible names, but others
     # don't.
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index 52b96f9c5..444946613 100644
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -584,6 +584,13 @@ SELECT target_uuid, perm_level
 
   protected
 
+  def self.attributes_required_columns
+    super.merge(
+                'can_write' => ['owner_uuid', 'uuid'],
+                'can_manage' => ['owner_uuid', 'uuid'],
+                )
+  end
+
   def change_all_uuid_refs(old_uuid:, new_uuid:)
     ActiveRecord::Base.descendants.reject(&:abstract_class?).each do |klass|
       klass.columns.each do |col|
diff --git a/services/api/test/functional/arvados/v1/users_controller_test.rb b/services/api/test/functional/arvados/v1/users_controller_test.rb
index ae7b21dec..6a7b00a00 100644
--- a/services/api/test/functional/arvados/v1/users_controller_test.rb
+++ b/services/api/test/functional/arvados/v1/users_controller_test.rb
@@ -674,6 +674,12 @@ The Arvados team.
     get(:index)
     check_non_admin_index
     check_readable_users_index [:spectator], [:inactive, :active]
+    json_response["items"].each do |u|
+      if u["uuid"] == users(:spectator).uuid
+        assert_equal true, u["can_write"]
+        assert_equal true, u["can_manage"]
+      end
+    end
   end
 
   test "non-admin user gets only safe attributes from users#show" do
@@ -1079,7 +1085,7 @@ The Arvados team.
   end
 
   NON_ADMIN_USER_DATA = ["uuid", "kind", "is_active", "email", "first_name",
-                         "last_name", "username"].sort
+                         "last_name", "username", "can_write", "can_manage"].sort
 
   def check_non_admin_index
     assert_response :success

commit 18d976b4701d76bdeb05e0fe3c1757060d3b8a2a
Author: Tom Clegg <tom at curii.com>
Date:   Tue Jun 7 10:12:26 2022 -0400

    19146: Update userAttrsCachedFromLoginCluster.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>

diff --git a/lib/controller/federation/conn.go b/lib/controller/federation/conn.go
index 1b8ec9e64..d9f587852 100644
--- a/lib/controller/federation/conn.go
+++ b/lib/controller/federation/conn.go
@@ -553,6 +553,8 @@ var userAttrsCachedFromLoginCluster = map[string]bool{
 	"owner_uuid":              false,
 	"uuid":                    false,
 	"writable_by":             false,
+	"can_write":               false,
+	"can_manage":              false,
 }
 
 func (conn *Conn) batchUpdateUsers(ctx context.Context,

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list