You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by sc...@apache.org on 2016/08/17 15:33:01 UTC
[14/20] airavata-php-gateway git commit: changes to ensure project
owner cannot have permissions changed by other users
changes to ensure project owner cannot have permissions changed by other users
Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/9f0ee4e6
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/9f0ee4e6
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/9f0ee4e6
Branch: refs/heads/develop
Commit: 9f0ee4e621a244d6cb5731e0fe617c7e01222e15
Parents: cb57e29
Author: Jeff Kinnison <je...@gmail.com>
Authored: Tue Aug 16 12:25:48 2016 -0400
Committer: Jeff Kinnison <je...@gmail.com>
Committed: Tue Aug 16 12:25:48 2016 -0400
----------------------------------------------------------------------
app/controllers/ProjectController.php | 17 ++++++++++----
app/libraries/ProjectUtilities.php | 14 +++--------
app/views/project/edit.blade.php | 2 ++
app/views/project/summary.blade.php | 7 +++---
public/js/sharing/share.js | 37 ++++++++++++++----------------
public/js/sharing/sharing_utils.js | 8 ++++---
6 files changed, 44 insertions(+), 41 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/controllers/ProjectController.php
----------------------------------------------------------------------
diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php
index 97a41f8..966f36a 100755
--- a/app/controllers/ProjectController.php
+++ b/app/controllers/ProjectController.php
@@ -26,7 +26,7 @@ class ProjectController extends BaseController
public function createView()
{
$users = SharingUtilities::getAllUserProfiles();
- return View::make("project/create", array("users" => json_encode($users)));
+ return View::make("project/create", array("users" => json_encode($users), "owner" => json_encode(array())));
}
public function createSubmit()
@@ -44,8 +44,16 @@ class ProjectController extends BaseController
if (Input::has("projId")) {
Session::put("projId", Input::get("projId"));
+ $project = ProjectUtilities::get_project(Input::get('projId'));
+
$users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT);
+ $owner = array();
+ if (strcmp(Session::get("username"), $project->owner) !== 0) {
+ $owner[$project->owner] = $users[$project->owner];
+ $users = array_diff_key($users, $owner);
+ }
+
$experiments = ProjectUtilities::get_experiments_in_project(Input::get("projId"));
$experiment_can_write = array();
@@ -62,6 +70,7 @@ class ProjectController extends BaseController
array("projectId" => Input::get("projId"),
"experiments" => $experiments,
"users" => json_encode($users),
+ "owner" => json_encode($owner),
"project_can_write" => SharingUtilities::userCanWrite(Session::get("username"), Input::get("projId"), ResourceType::PROJECT),
"experiment_can_write" => $experiment_can_write
));
@@ -78,8 +87,8 @@ class ProjectController extends BaseController
$owner = array();
if (strcmp(Session::get("username"), $project->owner) !== 0) {
- $owner = array($project->owner => $users[$project->owner]);
- $users = array_key_diff($users, $owner);
+ $owner[$project->owner] = $users[$project->owner];
+ $users = array_diff_key($users, $owner);
}
return View::make("project/edit",
@@ -98,7 +107,7 @@ class ProjectController extends BaseController
public function editSubmit()
{
- if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"))) {
+ if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"), Input::get("projectId"), ResourceType::PROJECT)) {
$projectDetails = array();
$projectDetails["owner"] = Session::get("username");
$projectDetails["name"] = Input::get("project-name");
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/libraries/ProjectUtilities.php
----------------------------------------------------------------------
diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php
index a5efdb4..ca8081e 100755
--- a/app/libraries/ProjectUtilities.php
+++ b/app/libraries/ProjectUtilities.php
@@ -127,11 +127,7 @@ class ProjectUtilities
CommonUtilities::print_error_message('AiravataSystemException!<br><br>' . $ase->getMessage());
}
- $share = json_decode($share);
- $share->{Session::get('username')} = new stdClass();
- $share->{Session::get('username')}->read = true;
- $share->{Session::get('username')}->write = true;
- ProjectUtilities::share_project($projectId, $share);
+ ProjectUtilities::share_project($projectId, json_decode($share));
return $projectId;
}
@@ -223,12 +219,7 @@ class ProjectUtilities
CommonUtilities::print_error_message('AiravataSystemException!<br><br>' . $ase->getMessage());
}
- $share = json_decode($share);
- $share->{Session::get('username')} = new stdClass();
- $share->{Session::get('username')}->read = true;
- $share->{Session::get('username')}->write = true;
-
- ProjectUtilities::share_project($projectId, $share);
+ ProjectUtilities::share_project($projectId, json_decode($share));
}
@@ -306,6 +297,7 @@ class ProjectUtilities
*/
private static function share_project($projectId, $users) {
$project = Airavata::getProject(Session::get("authz-token"), $projectId);
+ $users->{$project->owner} = new stdClass();
$users->{$project->owner}->read = true;
$users->{$project->owner}->write = true;
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/views/project/edit.blade.php
----------------------------------------------------------------------
diff --git a/app/views/project/edit.blade.php b/app/views/project/edit.blade.php
index 388138e..edd8ac9 100755
--- a/app/views/project/edit.blade.php
+++ b/app/views/project/edit.blade.php
@@ -62,8 +62,10 @@
@parent
<script>
var users = {{ $users }};
+ var owner = {{ $owner }};
$('#project-share').data({url: "{{ URL::to('/') }}/project/unshared-users", resourceId: "{{ Input::get('projId') }}"})
</script>
{{ HTML::script('js/sharing/sharing_utils.js') }}
{{ HTML::script('js/sharing/share.js') }}
+
@stop
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/views/project/summary.blade.php
----------------------------------------------------------------------
diff --git a/app/views/project/summary.blade.php b/app/views/project/summary.blade.php
index fc6fe69..a307a63 100755
--- a/app/views/project/summary.blade.php
+++ b/app/views/project/summary.blade.php
@@ -108,11 +108,12 @@
@stop
@section('scripts')
@parent
-{{ HTML::script('js/time-conversion.js')}}
<script>
- var users = {{ $users }};
- //console.log(users);
+var users = {{ $users }};
+var owner = {{ $owner }};
</script>
+{{ HTML::script('js/time-conversion.js')}}
{{ HTML::script('js/sharing/sharing_utils.js') }}
{{ HTML::script('js/sharing/share.js') }}
+
@stop
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/public/js/sharing/share.js
----------------------------------------------------------------------
diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js
index 5171b02..956cec3 100755
--- a/public/js/sharing/share.js
+++ b/public/js/sharing/share.js
@@ -4,6 +4,8 @@
* @author Jeff Kinnison <jk...@nd.edu>
*/
+var createThumbnails;
+
$(function() {
var comparator_map, comparator, $original_shared_list, $revoke_list;
comparator_map = {
@@ -16,7 +18,7 @@ $(function() {
/* Share box functions */
- var createTestData = function () {
+ createThumbnails = function () {
var $users, $share, $user, share_settings;
$users = $('#share-box-users');
@@ -55,23 +57,16 @@ $(function() {
}
}
- // for (var group in dummy_group_data) {
- // if (dummy_group_data.hasOwnProperty(group)) {
- // data = dummy_group_data[group];
- // $group = createThumbnail(data.username, data.firstname, data.lastname, data.email, data.access);
- // $group.addClass('group-thumbnail');
- // if (data.access === access_enum.NONE) {
- // $group.addClass('share-box-users-item');
- // $users.append($group);
- // }
- // else {
- // $group.addClass('share-box-share-item');
- // $group.find('.sharing-thumbnail-access').prop("disabled", false).show();
- // $group.find('.sharing-thumbnail-unshare').show();
- // $share.append($group);
- // }
- // }
- // }
+ for (var o in owner) {
+ if (owner.hasOwnProperty(o)) {
+ var odata = owner[o];
+ $owner = createThumbnail(o, odata.firstname, odata.lastname, odata.email, access_enum.OWNER, false);
+ $owner.find(".sharing-thumbnail-unshare").detach();
+ $owner.addClass("share-box-share-item owner");
+ $share.prepend($owner);
+ }
+ }
+
if ($share.children().length === 0) {
$share.append($('<p>This has not been shared</p>')).addClass('text-align-center');
}
@@ -132,7 +127,9 @@ $(function() {
$share_list.each(function(index, element) {
var $e;
$e = $(element);
- $e.find('.sharing-thumbnail-access-text').hide();
+ if (!$e.hasClass('owner')) {
+ $e.find('.sharing-thumbnail-access-text').hide();
+ }
$e.find('.sharing-thumbnail-access').prop('disabled', false).show();
$e.find('.sharing-thumbnail-unshare').show();
$e.detach().appendTo($('#share-box-share'));
@@ -339,5 +336,5 @@ $(function() {
/* Set up the sharing interface */
- createTestData();
+ createThumbnails();
});
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/public/js/sharing/sharing_utils.js
----------------------------------------------------------------------
diff --git a/public/js/sharing/sharing_utils.js b/public/js/sharing/sharing_utils.js
index 5191de9..550576a 100644
--- a/public/js/sharing/sharing_utils.js
+++ b/public/js/sharing/sharing_utils.js
@@ -1,13 +1,15 @@
var access_enum = {
NONE: 0,
READ: 1,
- WRITE: 2
+ WRITE: 2,
+ OWNER: 3
};
var access_text = [
'Cannot access',
'Can read',
- 'Can write'
+ 'Can write',
+ 'Owner'
];
var createThumbnail = function(username, firstname, lastname, email, access, share) {
@@ -30,7 +32,7 @@ var createThumbnail = function(username, firstname, lastname, email, access, sha
access_text_current = access_text[access];
- if (access !== access_enum.NONE) {
+ if (access !== access_enum.NONE && access !== access_enum.OWNER) {
data.access.read = true;
data.currentaccess.read = true;
}