[45/50] [abbrv] airavata-php-gateway git commit: Fixing permission denied if experiment id belongs to other gateway

[scnakandala]

Fixing permission denied if experiment id belongs to other gateway


Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/7f73aebd
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/7f73aebd
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/7f73aebd

Branch: refs/heads/master
Commit: 7f73aebdd546a4001402f52491f59f79431b532b
Parents: be7e471
Author: Nipurn Doshi <nipunh...@gmail.com>
Authored: Wed Feb 3 12:49:01 2016 -0500
Committer: Nipurn Doshi <nipunh...@gmail.com>
Committed: Wed Feb 3 12:49:01 2016 -0500

----------------------------------------------------------------------
 app/controllers/ExperimentController.php     | 15 ++++-
 app/views/partials/experiment-info.blade.php | 80 +++--------------------
 2 files changed, 21 insertions(+), 74 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/7f73aebd/app/controllers/ExperimentController.php
----------------------------------------------------------------------
diff --git a/app/controllers/ExperimentController.php 
b/app/controllers/ExperimentController.php
index 704aefb..6dead87 100755
--- a/app/controllers/ExperimentController.php
+++ b/app/controllers/ExperimentController.php
@@ -86,10 +86,21 @@ class ExperimentController extends BaseController
             $autoRefresh = false;
         }
         if ($experiment != null) {
-
+             $data = array(
+                "autoRefresh"=> $autoRefresh,
+            );
             //viewing experiments of other gateways is not allowed if user is 
not super admin
-            if( $experiment->gatewayId != Session::get("gateway_id") && 
!Session::has("super-admin"))
+            if( $experiment->gatewayId != Session::get("gateway_id") && 
!Session::has("super-admin")){
+                Session::put("permissionDenied", true);
                 CommonUtilities::print_error_message('It seems that you do not 
have permissions to view this experiment or it belongs to another gateway.');
+                if (Input::has("dashboard"))
+                    return View::make("partials/experiment-info", 
array("invalidExperimentId" => 1));
+                else
+                    return View::make("experiment/summary", 
array("invalidExperimentId" => 1));
+            }
+            else
+                Session::forget("permissionDenied");
+
         
             $project = ProjectUtilities::get_project($experiment->projectId);
             $expVal = ExperimentUtilities::get_experiment_values($experiment, 
$project);

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/7f73aebd/app/views/partials/experiment-info.blade.php
----------------------------------------------------------------------
diff --git a/app/views/partials/experiment-info.blade.php 
b/app/views/partials/experiment-info.blade.php
index d1b0c12..c2d26d2 100644
--- a/app/views/partials/experiment-info.blade.php
+++ b/app/views/partials/experiment-info.blade.php
@@ -6,6 +6,11 @@
     </div>
     @else
     -->
+    @if( Session::has("permissionDenied" ) )
+    <div class="alert alert-danger">
+        {{Session::forget("permissionDenied") }}
+    </div>
+    @else
     <h1>
         Experiment Summary
         @if( !isset($dashboard))
@@ -214,6 +219,8 @@
 
     <!-- check of correct experiment Id ends here -->
     @endif
+
+    @endif
 </div>
 
 @if( isset($dashboard))
@@ -285,78 +292,7 @@
                 </li>
             </ul>
         </li>
-                <!--
-                <li>
-                    <span class="badge badge-success"><i 
class="icon-minus-sign"></i>Input Staging</span>
-                    <ul>
-                        <li>
-                            <span class="alert alert-success"><i
-                                    class="icon-time"></i>2015-04-17 
15:21:21</span> &ndash; <a href="">PGA to
-
-                                Airavata File Transfer Successful</a>
-                        </li>
-                        <li>
-                            <span class="alert alert-success" abhi><i
-                                    class="icon-time"></i>2015-04-17 
15:21:21</span> &ndash; <a href="">Airavata to
-
-                                Resource File Transfer Successful</a>
-                        </li>
-                    </ul>
-                </li>
-                <li>
-                    <span class="badge badge-warning"><i 
class="icon-minus-sign"></i>Job Description</span>
-                    <ul>
-                        <li>
-                            <a href=""><span>
-                                               Long Script of Job Description 
/ PBS Script <br/>
-                                               <br/>
-                                                <p>
-                                                    Lorem ipsum dolor sit 
amet, consectetuer adipiscing elit. Aenean
-                                                    commodo ligula eget dolor. 
Aenean massa. Cum sociis natoque
-                                                    penatibus et magnis dis 
parturient montes, nascetur ridiculus
-                                                    mus. Donec quam felis, 
ultricies nec, pellentesque eu, pretium
-                                                    quis, sem. Nulla consequat 
massa quis enim. Donec pede justo,
-                                                    fringilla vel, aliquet 
nec, vulputate eget, arcu. In enim justo,
-                                                    rhoncus ut, imperdiet a, 
venenatis vitae, justo. Nullam dictum
-                                                    felis eu pede mollis 
pretium. Integer tincidunt. Cras dapibus.
-                                                    Vivamus elementum semper 
nisi. Aenean vulputate eleifend tellus.
-                                                    Aenean leo ligula, 
porttitor eu, consequat vitae, eleifend ac,
-                                                    enim. Aliquam lorem ante, 
dapibus in, viverra quis, feugiat a,
-                                                    tellus. Phasellus viverra 
nulla ut metus varius laoreet. Quisque
-                                                    rutrum. Aenean
-                                                </p>
-                                             </span></a>
-                        </li>
-                    </ul>
-                </li>
-                <li>
-                    <span class="badge badge-important"><i 
class="icon-minus-sign"></i>Execution</span>
-                    <ul>
-                        <li>
-                            <a href=""><span class="alert alert-success"><i 
class="icon-time"></i>2015-04-17 15:21:21</span> &ndash;
-                                Execution of Job Description - No errors</a>
-                        </li>
-                    </ul>
-                </li>
-
-                <li>
-                    <span class="badge badge-important"><i 
class="icon-minus-sign"></i>Experiment Complete</span>
-                    <ul>
-                        <li>
-                            <a href=""><span class="alert alert-danger"><i 
class="icon-time"></i>2015-04-17 15:21:21</span> &ndash;
-                                Output Transfer from Resource to Airavata 
UnSuccessful</a>
-                            <br/>
-                            <span> Some text about failure</span>
-                        </li>
-                        <li>
-                            <a href=""><span class="alert alert-danger"><i 
class="icon-time"></i>2015-04-17 15:21:21</span> &ndash;
-                                Output Transfer from Airavata to PGA 
UnSuccessful</a>
-                            <br/>
-                            <span> Some text about failure</span>
-                        </li>
-                    </ul>
-                </li>
-                -->
+                
 
     </ul>
 </div>