AIRAVATA-2196 Only owner can change experiment sharing
Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/25808c53 Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/25808c53 Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/25808c53 Branch: refs/heads/develop Commit: 25808c53c31bf1e9184b8751671ec096866d927f Parents: 50e9117 Author: Marcus Christie <[email protected]> Authored: Wed Nov 9 15:58:46 2016 -0500 Committer: Marcus Christie <[email protected]> Committed: Wed Nov 9 16:29:18 2016 -0500 ---------------------------------------------------------------------- app/controllers/ExperimentController.php | 23 +++++++++++++++------ app/libraries/ExperimentUtilities.php | 2 +- app/views/partials/experiment-info.blade.php | 15 ++++---------- app/views/partials/experiment-inputs.blade.php | 2 +- 4 files changed, 23 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/25808c53/app/controllers/ExperimentController.php ---------------------------------------------------------------------- diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index c36d3ed..83586e0 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -77,7 +77,9 @@ class ExperimentController extends BaseController $users = SharingUtilities::getProfilesForSharedUsers($_POST['project'], ResourceType::PROJECT); $owner = array(); - return View::make("experiment/create-complete", array("expInputs" => $experimentInputs, "users" => json_encode($users), "owner" => json_encode($owner))); + return View::make("experiment/create-complete", array("expInputs" => $experimentInputs, + "users" => json_encode($users), "owner" => json_encode($owner), + "canEditSharing" => true)); }else{ return View::make("experiment/no-sharing-create-complete", array("expInputs" => $experimentInputs)); } @@ -160,17 +162,18 @@ class ExperimentController extends BaseController $users = SharingUtilities::getProfilesForSharedUsers(Input::get("expId"), ResourceType::EXPERIMENT); $owner = array(); - $is_owner = false; if (strcmp(Session::get("username"), $experiment->userName) !== 0) { $owner[$experiment->userName] = $users[$experiment->userName]; $users = array_diff_key($users, $owner); - } else { - $is_owner = true; } + // Only allow editing sharing on the summary page if the owner + // and the experiment isn't editable. If the experiment is + // editable, the sharing can be edited on the edit page. + $canEditSharing = $this->isExperimentOwner($experiment, Session::get("username")) && !$expVal["editable"]; $data['can_write'] = SharingUtilities::userCanWrite(Session::get("username"), $experiment->experimentId, ResourceType::EXPERIMENT); $data["users"] = json_encode($users); $data["owner"] = json_encode($owner); - $data["is_owner"] = $is_owner; + $data["canEditSharing"] = $canEditSharing; } if( Input::has("dashboard")) @@ -278,8 +281,11 @@ class ExperimentController extends BaseController $owner[$experiment->userName] = $users[$experiment->userName]; $users = array_diff_key($users, $owner); } + $canEditSharing = $this->isExperimentOwner($experiment, Session::get('username')); - return View::make("experiment/edit", array("expInputs" => $experimentInputs, "users" => json_encode($users), "owner" => json_encode($owner))); + return View::make("experiment/edit", array("expInputs" => $experimentInputs, + "users" => json_encode($users), "owner" => json_encode($owner), + "canEditSharing" => $canEditSharing)); } else { Redirect::to("experiment/summary?expId=" . $experiment->experimentId)->with("error", "You do not have permission to edit this experiment"); @@ -432,6 +438,11 @@ class ExperimentController extends BaseController return Response::json(array("error" => "Error: No experiment specified")); } } + + private function isExperimentOwner($experiment, $username) + { + return strcmp($username, $experiment->userName) === 0; + } } ?> http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/25808c53/app/libraries/ExperimentUtilities.php ---------------------------------------------------------------------- diff --git a/app/libraries/ExperimentUtilities.php b/app/libraries/ExperimentUtilities.php index 0f7a935..f629399 100755 --- a/app/libraries/ExperimentUtilities.php +++ b/app/libraries/ExperimentUtilities.php @@ -571,7 +571,7 @@ class ExperimentUtilities '<p>AiravataSystemException: ' . $ase->getMessage() . '</p>'); } - if(Config::get('pga_config.airavata')["data-sharing-enabled"]){ + if(Config::get('pga_config.airavata')["data-sharing-enabled"] && isset($_POST['share-settings'])){ $share = $_POST['share-settings']; ExperimentUtilities::share_experiment($expId, json_decode($share)); } http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/25808c53/app/views/partials/experiment-info.blade.php ---------------------------------------------------------------------- diff --git a/app/views/partials/experiment-info.blade.php b/app/views/partials/experiment-info.blade.php index 062a7f8..6ba71df 100644 --- a/app/views/partials/experiment-info.blade.php +++ b/app/views/partials/experiment-info.blade.php @@ -229,13 +229,8 @@ <form id="experiment-form" action="{{URL::to('/') }}/experiment/summary" method="post" role="form"> <div class="form-group"> - @if(Config::get('pga_config.airavata')["data-sharing-enabled"]) - @if($is_owner) - <!-- Only allow editing sharing here if the experiment isn't editable --> - @include('partials/sharing-display-body', array("form" => !$expVal["editable"])) - @else - @include('partials/sharing-display-body', array("form" => false)) - @endif + @if(Config::get('pga_config.airavata')["data-sharing-enabled"] && isset($canEditSharing)) + @include('partials/sharing-display-body', array("form" => $canEditSharing)) @endif </div> <div class="btn-toolbar"> @@ -260,7 +255,7 @@ <span class="glyphicon glyphicon-pencil"></span> Edit </a> - @if(Config::get('pga_config.airavata')["data-sharing-enabled"] && $is_owner && !$expVal["editable"]) + @if(Config::get('pga_config.airavata')["data-sharing-enabled"] && isset($canEditSharing) && $canEditSharing) <button name="update-sharing" type="submit" class="btn btn-primary" @@ -393,10 +388,8 @@ </div> @endif -@if(Config::get('pga_config.airavata')["data-sharing-enabled"] and isset($is_owner)) - @if($is_owner) +@if(Config::get('pga_config.airavata')["data-sharing-enabled"] and isset($canEditSharing) && $canEditSharing) @include('partials/sharing-form-modal') - @endif @endif @section('scripts') @parent http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/25808c53/app/views/partials/experiment-inputs.blade.php ---------------------------------------------------------------------- diff --git a/app/views/partials/experiment-inputs.blade.php b/app/views/partials/experiment-inputs.blade.php index 69ae78c..b9ac2cf 100644 --- a/app/views/partials/experiment-inputs.blade.php +++ b/app/views/partials/experiment-inputs.blade.php @@ -26,7 +26,7 @@ </div> <div class="form-group"> - @include('partials/sharing-display-body', array("form" => true)) + @include('partials/sharing-display-body', array("form" => $canEditSharing)) </div> <div class="panel panel-default">
