changes to ensure project owner cannot have permissions changed by other users
Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/9f0ee4e6 Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/9f0ee4e6 Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/9f0ee4e6 Branch: refs/heads/develop Commit: 9f0ee4e621a244d6cb5731e0fe617c7e01222e15 Parents: cb57e29 Author: Jeff Kinnison <[email protected]> Authored: Tue Aug 16 12:25:48 2016 -0400 Committer: Jeff Kinnison <[email protected]> Committed: Tue Aug 16 12:25:48 2016 -0400 ---------------------------------------------------------------------- app/controllers/ProjectController.php | 17 ++++++++++---- app/libraries/ProjectUtilities.php | 14 +++-------- app/views/project/edit.blade.php | 2 ++ app/views/project/summary.blade.php | 7 +++--- public/js/sharing/share.js | 37 ++++++++++++++---------------- public/js/sharing/sharing_utils.js | 8 ++++--- 6 files changed, 44 insertions(+), 41 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/controllers/ProjectController.php ---------------------------------------------------------------------- diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php index 97a41f8..966f36a 100755 --- a/app/controllers/ProjectController.php +++ b/app/controllers/ProjectController.php @@ -26,7 +26,7 @@ class ProjectController extends BaseController public function createView() { $users = SharingUtilities::getAllUserProfiles(); - return View::make("project/create", array("users" => json_encode($users))); + return View::make("project/create", array("users" => json_encode($users), "owner" => json_encode(array()))); } public function createSubmit() @@ -44,8 +44,16 @@ class ProjectController extends BaseController if (Input::has("projId")) { Session::put("projId", Input::get("projId")); + $project = ProjectUtilities::get_project(Input::get('projId')); + $users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT); + $owner = array(); + if (strcmp(Session::get("username"), $project->owner) !== 0) { + $owner[$project->owner] = $users[$project->owner]; + $users = array_diff_key($users, $owner); + } + $experiments = ProjectUtilities::get_experiments_in_project(Input::get("projId")); $experiment_can_write = array(); @@ -62,6 +70,7 @@ class ProjectController extends BaseController array("projectId" => Input::get("projId"), "experiments" => $experiments, "users" => json_encode($users), + "owner" => json_encode($owner), "project_can_write" => SharingUtilities::userCanWrite(Session::get("username"), Input::get("projId"), ResourceType::PROJECT), "experiment_can_write" => $experiment_can_write )); @@ -78,8 +87,8 @@ class ProjectController extends BaseController $owner = array(); if (strcmp(Session::get("username"), $project->owner) !== 0) { - $owner = array($project->owner => $users[$project->owner]); - $users = array_key_diff($users, $owner); + $owner[$project->owner] = $users[$project->owner]; + $users = array_diff_key($users, $owner); } return View::make("project/edit", @@ -98,7 +107,7 @@ class ProjectController extends BaseController public function editSubmit() { - if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"))) { + if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"), Input::get("projectId"), ResourceType::PROJECT)) { $projectDetails = array(); $projectDetails["owner"] = Session::get("username"); $projectDetails["name"] = Input::get("project-name"); http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/libraries/ProjectUtilities.php ---------------------------------------------------------------------- diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php index a5efdb4..ca8081e 100755 --- a/app/libraries/ProjectUtilities.php +++ b/app/libraries/ProjectUtilities.php @@ -127,11 +127,7 @@ class ProjectUtilities CommonUtilities::print_error_message('AiravataSystemException!<br><br>' . $ase->getMessage()); } - $share = json_decode($share); - $share->{Session::get('username')} = new stdClass(); - $share->{Session::get('username')}->read = true; - $share->{Session::get('username')}->write = true; - ProjectUtilities::share_project($projectId, $share); + ProjectUtilities::share_project($projectId, json_decode($share)); return $projectId; } @@ -223,12 +219,7 @@ class ProjectUtilities CommonUtilities::print_error_message('AiravataSystemException!<br><br>' . $ase->getMessage()); } - $share = json_decode($share); - $share->{Session::get('username')} = new stdClass(); - $share->{Session::get('username')}->read = true; - $share->{Session::get('username')}->write = true; - - ProjectUtilities::share_project($projectId, $share); + ProjectUtilities::share_project($projectId, json_decode($share)); } @@ -306,6 +297,7 @@ class ProjectUtilities */ private static function share_project($projectId, $users) { $project = Airavata::getProject(Session::get("authz-token"), $projectId); + $users->{$project->owner} = new stdClass(); $users->{$project->owner}->read = true; $users->{$project->owner}->write = true; http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/views/project/edit.blade.php ---------------------------------------------------------------------- diff --git a/app/views/project/edit.blade.php b/app/views/project/edit.blade.php index 388138e..edd8ac9 100755 --- a/app/views/project/edit.blade.php +++ b/app/views/project/edit.blade.php @@ -62,8 +62,10 @@ @parent <script> var users = {{ $users }}; + var owner = {{ $owner }}; $('#project-share').data({url: "{{ URL::to('/') }}/project/unshared-users", resourceId: "{{ Input::get('projId') }}"}) </script> {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} + @stop http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/app/views/project/summary.blade.php ---------------------------------------------------------------------- diff --git a/app/views/project/summary.blade.php b/app/views/project/summary.blade.php index fc6fe69..a307a63 100755 --- a/app/views/project/summary.blade.php +++ b/app/views/project/summary.blade.php @@ -108,11 +108,12 @@ @stop @section('scripts') @parent -{{ HTML::script('js/time-conversion.js')}} <script> - var users = {{ $users }}; - //console.log(users); +var users = {{ $users }}; +var owner = {{ $owner }}; </script> +{{ HTML::script('js/time-conversion.js')}} {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} + @stop http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/public/js/sharing/share.js ---------------------------------------------------------------------- diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js index 5171b02..956cec3 100755 --- a/public/js/sharing/share.js +++ b/public/js/sharing/share.js @@ -4,6 +4,8 @@ * @author Jeff Kinnison <[email protected]> */ +var createThumbnails; + $(function() { var comparator_map, comparator, $original_shared_list, $revoke_list; comparator_map = { @@ -16,7 +18,7 @@ $(function() { /* Share box functions */ - var createTestData = function () { + createThumbnails = function () { var $users, $share, $user, share_settings; $users = $('#share-box-users'); @@ -55,23 +57,16 @@ $(function() { } } - // for (var group in dummy_group_data) { - // if (dummy_group_data.hasOwnProperty(group)) { - // data = dummy_group_data[group]; - // $group = createThumbnail(data.username, data.firstname, data.lastname, data.email, data.access); - // $group.addClass('group-thumbnail'); - // if (data.access === access_enum.NONE) { - // $group.addClass('share-box-users-item'); - // $users.append($group); - // } - // else { - // $group.addClass('share-box-share-item'); - // $group.find('.sharing-thumbnail-access').prop("disabled", false).show(); - // $group.find('.sharing-thumbnail-unshare').show(); - // $share.append($group); - // } - // } - // } + for (var o in owner) { + if (owner.hasOwnProperty(o)) { + var odata = owner[o]; + $owner = createThumbnail(o, odata.firstname, odata.lastname, odata.email, access_enum.OWNER, false); + $owner.find(".sharing-thumbnail-unshare").detach(); + $owner.addClass("share-box-share-item owner"); + $share.prepend($owner); + } + } + if ($share.children().length === 0) { $share.append($('<p>This has not been shared</p>')).addClass('text-align-center'); } @@ -132,7 +127,9 @@ $(function() { $share_list.each(function(index, element) { var $e; $e = $(element); - $e.find('.sharing-thumbnail-access-text').hide(); + if (!$e.hasClass('owner')) { + $e.find('.sharing-thumbnail-access-text').hide(); + } $e.find('.sharing-thumbnail-access').prop('disabled', false).show(); $e.find('.sharing-thumbnail-unshare').show(); $e.detach().appendTo($('#share-box-share')); @@ -339,5 +336,5 @@ $(function() { /* Set up the sharing interface */ - createTestData(); + createThumbnails(); }); http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/9f0ee4e6/public/js/sharing/sharing_utils.js ---------------------------------------------------------------------- diff --git a/public/js/sharing/sharing_utils.js b/public/js/sharing/sharing_utils.js index 5191de9..550576a 100644 --- a/public/js/sharing/sharing_utils.js +++ b/public/js/sharing/sharing_utils.js @@ -1,13 +1,15 @@ var access_enum = { NONE: 0, READ: 1, - WRITE: 2 + WRITE: 2, + OWNER: 3 }; var access_text = [ 'Cannot access', 'Can read', - 'Can write' + 'Can write', + 'Owner' ]; var createThumbnail = function(username, firstname, lastname, email, access, share) { @@ -30,7 +32,7 @@ var createThumbnail = function(username, firstname, lastname, email, access, sha access_text_current = access_text[access]; - if (access !== access_enum.NONE) { + if (access !== access_enum.NONE && access !== access_enum.OWNER) { data.access.read = true; data.currentaccess.read = true; }
