[
https://issues.apache.org/jira/browse/AIRAVATA-2594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16336423#comment-16336423
]
Eroma edited comment on AIRAVATA-2594 at 1/30/18 9:56 PM:
----------------------------------------------------------
Tested in dev.seagrid.org
Test Cases
# New user using campus credentials logged in from CILogon after been given
gateway-user role. No authorization exception thrown. User logs in to Dashboard
- PASS
# New user using campus credentials logged in from CILogon after been given
admin-read-only role. No authorization exception thrown. User logs in to Admin
Dashboard - PASS
# New user using campus credentials logged in from CILogon after been given
admin role. No authorization exception thrown. User logs in to Admin Dashboard
-
# New user using google logged in from CILogon after been given gateway-user
role. No authorization exception thrown. User logs in to Dashboard -
# New user using google logged in from CILogon after been given
admin-read-only role. No authorization exception thrown. User logs in to Admin
Dashboard -
# New user using google logged in from CILogon after been given admin role. No
authorization exception thrown. User logs in to Admin Dashboard -
# New user creates an account and logs in after been given gateway-user role.
No authorization exception thrown. User logs in to Dashboard -
# New user creates an account and logs in after been given admin-read-only
role. No authorization exception thrown. User logs in to Admin Dashboard -
# New user creates an account and logs in after been given admin-read-only
role. No authorization exception thrown. User logs in to Admin Dashboard -
# A New user using campus credentials through CILogon having gateway-user role
given user-pending role. When logs in again sees the screen intended for
pending user, no exceptions -
# A New user using google through CILogon having admin-read-only role given
user-pending role. When logs in again sees the screen intended for pending
user, no exceptions -
# A New user using created account having admin role given user-pending role.
When logs in again sees the screen intended for pending user, no exceptions -
was (Author: eroma_a):
Tested in dev.seagrid.org
Test Cases
# New user using campus credentials logged in from CILogon after been given
gateway-user role. No authorization exception thrown. User logs in to Dashboard
- PASS
# New user using campus credentials logged in from CILogon after been given
admin-read-only role. No authorization exception thrown. User logs in to Admin
Dashboard -
# New user using campus credentials logged in from CILogon after been given
admin role. No authorization exception thrown. User logs in to Admin Dashboard
-
# New user using google logged in from CILogon after been given gateway-user
role. No authorization exception thrown. User logs in to Dashboard -
# New user using google logged in from CILogon after been given
admin-read-only role. No authorization exception thrown. User logs in to Admin
Dashboard -
# New user using google logged in from CILogon after been given admin role. No
authorization exception thrown. User logs in to Admin Dashboard -
# New user creates an account and logs in after been given gateway-user role.
No authorization exception thrown. User logs in to Dashboard -
# New user creates an account and logs in after been given admin-read-only
role. No authorization exception thrown. User logs in to Admin Dashboard -
# New user creates an account and logs in after been given admin-read-only
role. No authorization exception thrown. User logs in to Admin Dashboard -
# A New user using campus credentials through CILogon having gateway-user role
given user-pending role. When logs in again sees the screen intended for
pending user, no exceptions -
# A New user using google through CILogon having admin-read-only role given
user-pending role. When logs in again sees the screen intended for pending
user, no exceptions -
# A New user using created account having admin role given user-pending role.
When logs in again sees the screen intended for pending user, no exceptions -
> ssh account auto-provisioning fails for "gateway-user"?
> -------------------------------------------------------
>
> Key: AIRAVATA-2594
> URL: https://issues.apache.org/jira/browse/AIRAVATA-2594
> Project: Airavata
> Issue Type: Bug
> Reporter: Marcus Christie
> Assignee: Marcus Christie
> Priority: Major
>
> Seeing this error in the logs when Stephen logged in to dev.seagrid.org
> shortly after getting the gateway-user role:
> {noformat}
> [2017-11-16 01:54:20] production.ERROR: exception
> 'Airavata\API\Error\AuthorizationException' with message 'User is not
> authenticated or authorized.' in
> /var/www/portals/dev-seagrid/app/libraries/Airavata/API/Airavata.php:51978
> Stack trace:
> #0
> /var/www/portals/dev-seagrid/app/libraries/Airavata/API/Airavata.php(11933):
> Airavata\API\Airavata_getGatewayResourc
> eProfile_result->read(Object(Thrift\Protocol\TBinaryProtocol))
> #1
> /var/www/portals/dev-seagrid/app/libraries/Airavata/API/Airavata.php(11893):
> Airavata\API\AiravataClient->recv_getGa
> tewayResourceProfile()
> #2 /var/www/portals/dev-seagrid/bootstrap/compiled.php(1452):
> Airavata\API\AiravataClient->getGatewayResourceProfile(Ob
> ject(Airavata\Model\Security\AuthzToken), 'seagrid')
> #3 /var/www/portals/dev-seagrid/app/libraries/CRUtilities.php(549):
> Illuminate\Support\Facades\Facade::__callStatic('ge
> tGatewayResou...', Array)
> #4 /var/www/portals/dev-seagrid/app/libraries/CRUtilities.php(549):
> Airavata\Facades\Airavata::getGatewayResourceProfil
> e(Object(Airavata\Model\Security\AuthzToken), 'seagrid')
> #5 /var/www/portals/dev-seagrid/app/libraries/URPUtilities.php(187):
> CRUtilities::getGatewayResourceProfile()
> #6 /var/www/portals/dev-seagrid/app/controllers/AccountController.php(310):
> URPUtilities::setup_auto_provisioned_accoun
> ts()
> #7 /var/www/portals/dev-seagrid/app/controllers/AccountController.php(178):
> AccountController->initializeWithAiravata('
> stephenpaul2727', 'stephenpaul2727...', 'Stephen', 'Adithela',
> 'eyJhbGciOiJSUzI...', 'eyJhbGciOiJSUzI...', 1510798758)
> #8 [internal function]: AccountController->loginSubmit()
> #9
> /var/www/portals/dev-seagrid/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(231):
> call_user_func_arr
> ay(Array, Array)
> #10 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3819):
> Illuminate\Routing\Controller->callAction('loginSubmit',
> Array)
> #11 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3807):
> Illuminate\Routing\ControllerDispatcher->call(Object(Acc
> ountController), Object(Illuminate\Routing\Route), 'loginSubmit')
> #12 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3012):
> Illuminate\Routing\ControllerDispatcher->dispatch(Object
> (Illuminate\Routing\Route), Object(Illuminate\Http\Request),
> 'AccountControll...', 'loginSubmit')
> #13 [internal function]:
> Illuminate\Routing\Router->Illuminate\Routing\{closure}()
> #14 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3370):
> call_user_func_array(Object(Closure), Array)
> #15 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3037):
> Illuminate\Routing\Route->run(Object(Illuminate\Http\Req
> uest))
> #16 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3025):
> Illuminate\Routing\Router->dispatchToRoute(Object(Illumi
> nate\Http\Request))
> #17 /var/www/portals/dev-seagrid/bootstrap/compiled.php(702):
> Illuminate\Routing\Router->dispatch(Object(Illuminate\Htt
> p\Request))
> #18 /var/www/portals/dev-seagrid/bootstrap/compiled.php(678):
> Illuminate\Foundation\Application->dispatch(Object(Illumi
> nate\Http\Request))
> #19 /var/www/portals/dev-seagrid/bootstrap/compiled.php(5797):
> Illuminate\Foundation\Application->handle(Object(Illumin
> ate\Http\Request), 1, true)
> #20 /var/www/portals/dev-seagrid/bootstrap/compiled.php(6404):
> Illuminate\Session\Middleware->handle(Object(Illuminate\
> Http\Request), 1, true)
> #21 /var/www/portals/dev-seagrid/bootstrap/compiled.php(6351):
> Illuminate\Cookie\Queue->handle(Object(Illuminate\Http\R
> equest), 1, true)
> #22 /var/www/portals/dev-seagrid/bootstrap/compiled.php(8367):
> Illuminate\Cookie\Guard->handle(Object(Illuminate\Http\R
> equest), 1, true)
> #23 /var/www/portals/dev-seagrid/bootstrap/compiled.php(639):
> Stack\StackedHttpKernel->handle(Object(Illuminate\Http\Re
> quest))
> {noformat}
> Possibly gateway-user isn't authorized to make the getGatewayResourceProfile
> method call.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
