You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by sc...@apache.org on 2016/02/09 16:56:04 UTC
[36/50] [abbrv] airavata-php-gateway git commit: Denying admin of one
gateway to view experiments of another gateway until and unless admin is a
super admins.
Denying admin of one gateway to view experiments of another gateway until and unless admin is a super admins.
Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/828533a1
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/828533a1
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/828533a1
Branch: refs/heads/master
Commit: 828533a111ff05603f9682317418bf135fb62002
Parents: b4c54fc
Author: Nipurn Doshi <ni...@gmail.com>
Authored: Tue Feb 2 16:02:01 2016 -0500
Committer: Nipurn Doshi <ni...@gmail.com>
Committed: Tue Feb 2 16:02:01 2016 -0500
----------------------------------------------------------------------
app/controllers/ExperimentController.php | 5 +++++
1 file changed, 5 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/828533a1/app/controllers/ExperimentController.php
----------------------------------------------------------------------
diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php
index 2428556..342db4a 100755
--- a/app/controllers/ExperimentController.php
+++ b/app/controllers/ExperimentController.php
@@ -80,6 +80,11 @@ class ExperimentController extends BaseController
public function summary()
{
$experiment = ExperimentUtilities::get_experiment($_GET['expId']);
+
+ //viewing experiments of other gateways is not allowed if user is not super admin
+ if( $experiment->gatewayId != Session::get("gateway_id") && !Session::has("super-admin"))
+ return CommonUtilities::print_error_message('It seems that you do not have permissions to view this experiment or it belongs to another gateway.');
+
if(isset($_GET['isAutoRefresh']) && $_GET['isAutoRefresh'] == 'true'){
$autoRefresh = true;
}else{