This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
The following commit(s) were added to refs/heads/master by this push:
new df0d479 AIRAVATA-3018 Clarifying why we can assume only one OWNER
df0d479 is described below
commit df0d479a1ee6ac7cb2feb49ae2838633ddbc3042
Author: Marcus Christie <[email protected]>
AuthorDate: Thu May 2 09:10:04 2019 -0400
AIRAVATA-3018 Clarifying why we can assume only one OWNER
The OWNER permission, like all others, can cascade but
getAllAccessibleUsers only returns DIRECT type sharings.
---
django_airavata/apps/api/views.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/django_airavata/apps/api/views.py
b/django_airavata/apps/api/views.py
index 1b2d3e5..40874fe 100644
--- a/django_airavata/apps/api/views.py
+++ b/django_airavata/apps/api/views.py
@@ -911,7 +911,10 @@ class SharedEntityViewSet(mixins.RetrieveModelMixin,
lookup_value, ResourcePermissionType.WRITE))
owner_ids = self._load_accessible_users(lookup_value,
ResourcePermissionType.OWNER)
- # Assume that there is one and only one owner
+ # Assume that there is one and only one DIRECT owner (there may be one
+ # or more INDIRECT cascading owners, which would the owners of the
+ # ancestor entities, but getAllAccessibleUsers does not return
+ # indirectly cascading owners)
owner_id = list(owner_ids.keys())[0]
# Remove owner from the users list
del users[owner_id]
