[
https://issues.apache.org/jira/browse/AIRAVATA-2223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15840443#comment-15840443
]
Marcus Christie edited comment on AIRAVATA-2223 at 1/26/17 9:00 PM:
--------------------------------------------------------------------
Reopening because [~smarru] found another sharing disabled bug.
As an admin, if you go to the Experiment Statistics page and click on an
experiment for which you aren't the owner, you get an error when the getProject
API method is called for that experiment.
One thing that changed for non-sharing API calls is that [the claims map is
checked to make sure that the authenticated user is the same as the project's
owner|https://github.com/apache/airavata/blob/0108cb28c5cf704eadcb6be124dfcb8d99963dbc/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java#L773-L772].
What we did for situations like this is add API methods that bypass this check,
but only for users with the admin or admin-read-only roles, see [issue comments
on AIRAVATA-2207 for more
details|https://issues.apache.org/jira/browse/AIRAVATA-2207?focusedCommentId=15652144&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15652144].
So we can do something like that projects as well. However, I'm not sure how
useful it would be. We currently only display the project name for the
experiment. Currently even when sharing is enabled PGA only loads the project
when the admin has READ access to it.
For now I can do a quick workaround that only loads the project if sharing is
disabled when the user owns the experiment (since that means the user also owns
the project).
was (Author: marcuschristie):
Reopening because [~smarru] found another sharing disabled bug.
As an admin, if you go to the Experiment Statistics page and click on an
experiment for which you aren't the owner, you get an error when the getProject
API method is called for that experiment.
One thing that changed for non-sharing API calls is that [the claims map is
checked to make sure that the authenticated user is the same as the project's
owner|https://github.com/apache/airavata/blob/0108cb28c5cf704eadcb6be124dfcb8d99963dbc/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java#L773-L772].
What we did for situations like this is add API methods that bypass this check,
but only for users with the admin or admin-read-only roles, see issue comments
on AIRAVATA-2207 for more
details|https://issues.apache.org/jira/browse/AIRAVATA-2207?focusedCommentId=15652144&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15652144].
So we can do something like that projects as well. However, I'm not sure how
useful it would be. We currently only display the project name for the
experiment.
For now I can do a quick workaround that only loads the project if sharing is
disabled when the user owns the experiment (since that means the user also owns
the project).
> Support for data sharing disabled
> ---------------------------------
>
> Key: AIRAVATA-2223
> URL: https://issues.apache.org/jira/browse/AIRAVATA-2223
> Project: Airavata
> Issue Type: Bug
> Components: PGA PHP Web Gateway
> Reporter: Marcus Christie
> Assignee: Marcus Christie
> Fix For: 0.17
>
>
> Test and fix issues related to data sharing being disabled.
> Known issues
> * (/) Project listing is empty when creating a new experiment even when user
> has several projects
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
