From 3c071537eb5b0a7cf049088aaf653e94897724ed Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Thu, 4 Aug 2016 12:06:45 -0400 Subject: [PATCH 01/21] Switching to load users on an AJAX call --- public/js/sharing/share.js | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js index d8e19fc98..40420c635 100755 --- a/public/js/sharing/share.js +++ b/public/js/sharing/share.js @@ -89,10 +89,42 @@ $(function() { // Create, populate, and show the share box $('body').on('click', 'button#project-share, button#experiment-share', function(e) { - var $share_list; + var $share_list, ajax_data; e.stopPropagation(); e.preventDefault(); + if ($('#share-box-users').find('.user-thumbnail').length === 0) { + ajax_data = $(e.target).data(); + + $.ajax({ + url: url, + data: {}, + dataType: "json", + error: function(xhr, status, error) { + $('#shared-users').addClass('text-align-center').text("Unable to load users from Airavata server."); + }, + success: function(data, status, xhr) { + var user, $user, $users; + + $users = $('#share-box-users'); + $users.empty().removeClass('text-align-center'); + + for (user in data) { + if (data.hasOwnProperty(user)) { + $user = createThumbnail(user, data.firstname, data.lastname, data.email, access_enum.NONE, true); + $user.find('.sharing-thumbnail-access').hide(); + + $user.addClass('user-thumbnail'); + $user.addClass('share-box-users-item'); + $users.append($user); + } + } + } + }); + } + + $('#share-box-users').addClass('text-align-center').text('Loading user list'); + $share_list = $('#shared-users').children(); if ($share_list.filter('.sharing-thumbnail').length > 0) { From 4f5f026913eff3760054a943ef9ba781a2fbc557 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Thu, 4 Aug 2016 12:22:12 -0400 Subject: [PATCH 02/21] updated controllers to only load shared users, added functions to retrieve user lists as JSON --- app/controllers/ExperimentController.php | 33 +++++++++++++++++++++--- app/controllers/ProjectController.php | 9 +++---- 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index 499327d33..ada482450 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -73,7 +73,7 @@ public function createSubmit() "allowedFileSize" => $allowedFileSize ); - $users = SharingUtilities::getAllUserProfiles($_POST['project'], ResourceType::PROJECT); + $users = SharingUtilities::getProfilesForSharedUsers($_POST['project'], ResourceType::PROJECT); return View::make("experiment/create-complete", array("expInputs" => $experimentInputs, "users" => json_encode($users))); } else if (isset($_POST['save']) || isset($_POST['launch'])) { @@ -90,7 +90,7 @@ public function createSubmit() go directly to experiment summary page.

'); }*/ - $users = SharingUtilities::getAllUserProfiles($expId, ResourceType::EXPERIMENT); + $users = SharingUtilities::getProfilesForSharedUsers($expId, ResourceType::EXPERIMENT); return Redirect::to('experiment/summary?expId=' . $expId); } else return Redirect::to("home")->with("message", "Something went wrong here. Please file a bug report using the link in the Help menu."); @@ -237,7 +237,7 @@ public function editView() 'advancedOptions' => Config::get('pga_config.airavata')["advanced-experiment-options"] ); - $users = SharingUtilities::getAllUserProfiles($_GET['expId'], ResourceType::EXPERIMENT); + $users = SharingUtilities::getProfilesForSharedUsers($_GET['expId'], ResourceType::EXPERIMENT); return View::make("experiment/edit", array("expInputs" => $experimentInputs, "users" => json_encode($users))); } @@ -313,6 +313,33 @@ public function browseView() 'expContainer' => $expContainer )); } + + /** + * Generate JSON containing permissions information for this project. + * + * This function retrieves the user profile and permissions for every user + * other than the client that has access to the project. In the event that + * the project does not exist, return an error message. + */ + public function sharedUsers() + { + if (array_key_exists('projId', $_POST)) { + return Response::json(SharingUtilities::getProfilesForSharedUsers()); + } + else { + return Response::json(array("error" => "Error: No project specified")); + } + } + + public function unsharedUsers() + { + if (array_key_exists('projId', $_POST)) { + return Response::json(SharingUtilities::getProfilesForUnsharedUsers()); + } + else { + return Response::json(array("error" => "Error: No project specified")); + } + } } ?> diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php index 6b874f2f3..c98f35e62 100755 --- a/app/controllers/ProjectController.php +++ b/app/controllers/ProjectController.php @@ -25,7 +25,7 @@ public function __construct() public function createView() { - $users = SharingUtilities::getAllUserProfiles(); + $users = array(); //var_dump($users);exit; return View::make("project/create", array("users" => json_encode($users))); } @@ -120,8 +120,7 @@ public function browseView() */ public function sharedUsers() { - $response = array(); - if (Input::has('projId')) { + if (array_key_exists('expId', $_POST)) { return Response::json(SharingUtilities::getProfilesForSharedUsers()); } else { @@ -131,8 +130,8 @@ public function sharedUsers() public function unsharedUsers() { - if (Input::has('projId')) { - return Response::json(SharingUtilities::getProfilesForUnsharedUsers); + if (array_key_exists('expId', $_POST)) { + return Response::json(SharingUtilities::getProfilesForUnsharedUsers()); } else { return Response::json(array("error" => "Error: No project specified")); From 84f160ae22b9c65b590559fbf5f91e790a49e3f5 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Thu, 4 Aug 2016 12:30:46 -0400 Subject: [PATCH 03/21] changed AJAX call to POST and added resourceId field --- public/js/sharing/share.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js index 40420c635..7b21297fe 100755 --- a/public/js/sharing/share.js +++ b/public/js/sharing/share.js @@ -97,8 +97,9 @@ $(function() { ajax_data = $(e.target).data(); $.ajax({ - url: url, - data: {}, + url: ajax_data.url, + method: 'post', + data: {resourceId: ajax_data.resourceId}, dataType: "json", error: function(xhr, status, error) { $('#shared-users').addClass('text-align-center').text("Unable to load users from Airavata server."); From b742a2381e4b3e0fcb8b2e2a105781fcc943532d Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Thu, 4 Aug 2016 12:43:22 -0400 Subject: [PATCH 04/21] updated views to incorporate new user loading scheme --- app/controllers/ProjectController.php | 3 +-- app/views/experiment/create-complete.blade.php | 1 + app/views/experiment/edit.blade.php | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) mode change 100644 => 100755 app/views/experiment/create-complete.blade.php diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php index c98f35e62..bcd763e4b 100755 --- a/app/controllers/ProjectController.php +++ b/app/controllers/ProjectController.php @@ -25,8 +25,7 @@ public function __construct() public function createView() { - $users = array(); - //var_dump($users);exit; + $users = SharingUtilities::getAllUserProfiles(); return View::make("project/create", array("users" => json_encode($users))); } diff --git a/app/views/experiment/create-complete.blade.php b/app/views/experiment/create-complete.blade.php old mode 100644 new mode 100755 index c3976bbe7..a297694a0 --- a/app/views/experiment/create-complete.blade.php +++ b/app/views/experiment/create-complete.blade.php @@ -46,6 +46,7 @@ @parent {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} diff --git a/app/views/experiment/edit.blade.php b/app/views/experiment/edit.blade.php index a991bd1a2..ef630b0c5 100755 --- a/app/views/experiment/edit.blade.php +++ b/app/views/experiment/edit.blade.php @@ -54,6 +54,7 @@ @parent {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} From 878df0572361c53bbeb1c4da9a3981aee0bf1e80 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Thu, 4 Aug 2016 12:46:29 -0400 Subject: [PATCH 05/21] updated views to incorporate new user loading scheme --- app/views/project/edit.blade.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/views/project/edit.blade.php b/app/views/project/edit.blade.php index 6b3e49398..388138e49 100755 --- a/app/views/project/edit.blade.php +++ b/app/views/project/edit.blade.php @@ -62,6 +62,7 @@ class="form-control" @parent {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} From 720663111e8246444412d5648b49b92e455f628d Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Mon, 15 Aug 2016 09:48:34 -0400 Subject: [PATCH 06/21] added user list routes to project and experiments --- app/routes.php | 8 ++++++++ 1 file changed, 8 insertions(+) mode change 100644 => 100755 app/routes.php diff --git a/app/routes.php b/app/routes.php old mode 100644 new mode 100755 index f9b95a59d..6008c1555 --- a/app/routes.php +++ b/app/routes.php @@ -71,6 +71,10 @@ Route::post("project/browse", "ProjectController@browseView"); +Route::get("project/shared-users", "ProjectController@sharedUsers"); + +Route::get("project/unshared-users", "ProjectController@unsharedUsers"); + /* * Experiment Routes */ @@ -97,6 +101,10 @@ Route::post("experiment/browse", "ExperimentController@browseView"); +Route::get("experiment/shared-users", "ExperimentController@sharedUsers"); + +Route::get("experiment/unshared-users", "ExperimentController@unsharedUsers"); + Route::get("download", function(){ if(Input::has("path") && (0 == strpos(Input::get("path"), Session::get('username')) || 0 == strpos(Input::get("path"), "/" . Session::get('username')))){ From bb852b70bb77258eab39a6e229fc7aca1f823838 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Mon, 15 Aug 2016 10:45:56 -0400 Subject: [PATCH 07/21] user lists load asynchronously --- app/controllers/ExperimentController.php | 8 +++---- app/controllers/ProjectController.php | 10 ++++----- app/libraries/ExperimentUtilities.php | 21 ++++++++++--------- app/libraries/ProjectUtilities.php | 7 ++++++- .../experiment/create-complete.blade.php | 2 +- app/views/experiment/edit.blade.php | 2 +- app/views/project/summary.blade.php | 2 +- public/js/sharing/share.js | 13 ++++++------ 8 files changed, 35 insertions(+), 30 deletions(-) mode change 100644 => 100755 app/libraries/ExperimentUtilities.php mode change 100644 => 100755 app/libraries/ProjectUtilities.php diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index ada482450..0b4860543 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -323,8 +323,8 @@ public function browseView() */ public function sharedUsers() { - if (array_key_exists('projId', $_POST)) { - return Response::json(SharingUtilities::getProfilesForSharedUsers()); + if (array_key_exists('resourceId', $_GET)) { + return Response::json(SharingUtilities::getProfilesForSharedUsers($_GET['resourceId'], ResourceType::EXPERIMENT)); } else { return Response::json(array("error" => "Error: No project specified")); @@ -333,8 +333,8 @@ public function sharedUsers() public function unsharedUsers() { - if (array_key_exists('projId', $_POST)) { - return Response::json(SharingUtilities::getProfilesForUnsharedUsers()); + if (array_key_exists('resourceId', $_POST)) { + return Response::json(SharingUtilities::getProfilesForUnsharedUsers($_GET['resourceId'], ResourceType::EXPERIMENT)); } else { return Response::json(array("error" => "Error: No project specified")); diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php index bcd763e4b..3bf91d510 100755 --- a/app/controllers/ProjectController.php +++ b/app/controllers/ProjectController.php @@ -55,7 +55,7 @@ public function summary() public function editView() { if (Input::has("projId")) { - $users = SharingUtilities::getAllUserProfiles(Input::get('projId'), ResourceType::PROJECT); + $users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT); return View::make("project/edit", array("projectId" => Input::get("projId"), @@ -119,8 +119,8 @@ public function browseView() */ public function sharedUsers() { - if (array_key_exists('expId', $_POST)) { - return Response::json(SharingUtilities::getProfilesForSharedUsers()); + if (array_key_exists('resourceId', $_GET)) { + return Response::json(SharingUtilities::getProfilesForSharedUsers($_GET['resourceId'], ResourceType::PROJECT)); } else { return Response::json(array("error" => "Error: No project specified")); @@ -129,8 +129,8 @@ public function sharedUsers() public function unsharedUsers() { - if (array_key_exists('expId', $_POST)) { - return Response::json(SharingUtilities::getProfilesForUnsharedUsers()); + if (array_key_exists('resourceId', $_GET)) { + return Response::json(SharingUtilities::getProfilesForUnsharedUsers($_GET['resourceId'], ResourceType::PROJECT)); } else { return Response::json(array("error" => "Error: No project specified")); diff --git a/app/libraries/ExperimentUtilities.php b/app/libraries/ExperimentUtilities.php old mode 100644 new mode 100755 index e081e3b8e..e5da839a0 --- a/app/libraries/ExperimentUtilities.php +++ b/app/libraries/ExperimentUtilities.php @@ -634,10 +634,9 @@ public static function clone_experiment($expId) Airavata::updateExperiment(Session::get('authz-token'), $cloneId, $experiment); $share = SharingUtilities::getAllUserPermissions($expId, ResourceType::EXPERIMENT); - $share[Session::get("username")] = array("read" => true, "write" => true); - foreach ($share as $uid => $perms) { - $share[$uid] = (object) $perms; - } + $share->{Session::get('username')} = new stdClass(); + $share->{Session::get('username')}->read = true; + $share->{Session::get('username')}->write = true; ExperimentUtilities::share_experiment($cloneId, $share); return $cloneId; @@ -1132,12 +1131,14 @@ public static function get_expsearch_results_with_pagination($inputs, $limit, $o $expContainer = array(); $expNum = 0; foreach ($experiments as $experiment) { - $expValue = ExperimentUtilities::get_experiment_values($experiment, true); - $expContainer[$expNum]['experiment'] = $experiment; - if ($expValue["experimentStatusString"] == "FAILED") - $expValue["editable"] = false; - $expContainer[$expNum]['expValue'] = $expValue; - $expNum++; + if (SharingUtilities::userCanRead(Session::get('username'), $experiment, ResourceType::EXPERIMENT)) { + $expValue = ExperimentUtilities::get_experiment_values($experiment, true); + $expContainer[$expNum]['experiment'] = $experiment; + if ($expValue["experimentStatusString"] == "FAILED") + $expValue["editable"] = false; + $expContainer[$expNum]['expValue'] = $expValue; + $expNum++; + } } return $expContainer; diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php old mode 100644 new mode 100755 index c75867fdc..476f94d81 --- a/app/libraries/ProjectUtilities.php +++ b/app/libraries/ProjectUtilities.php @@ -211,7 +211,12 @@ public static function update_project($projectId, $projectDetails) CommonUtilities::print_error_message('AiravataSystemException!

' . $ase->getMessage()); } - ProjectUtilities::share_project($projectId, json_decode($share)); + $share = json_decode($share); + $share->{Session::get('username')} = new stdClass(); + $share->{Session::get('username')}->read = true; + $share->{Session::get('username')}->write = true; + + ProjectUtilities::share_project($projectId, $share); } diff --git a/app/views/experiment/create-complete.blade.php b/app/views/experiment/create-complete.blade.php index a297694a0..ef76bcd99 100755 --- a/app/views/experiment/create-complete.blade.php +++ b/app/views/experiment/create-complete.blade.php @@ -46,7 +46,7 @@ @parent {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} diff --git a/app/views/experiment/edit.blade.php b/app/views/experiment/edit.blade.php index ef630b0c5..75a6c5dc4 100755 --- a/app/views/experiment/edit.blade.php +++ b/app/views/experiment/edit.blade.php @@ -54,7 +54,7 @@ @parent {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} diff --git a/app/views/project/summary.blade.php b/app/views/project/summary.blade.php index 1b59d2897..9e7adceff 100755 --- a/app/views/project/summary.blade.php +++ b/app/views/project/summary.blade.php @@ -110,7 +110,7 @@ {{ HTML::script('js/time-conversion.js')}} {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js index 7b21297fe..ee4885ef7 100755 --- a/public/js/sharing/share.js +++ b/public/js/sharing/share.js @@ -29,7 +29,7 @@ $(function() { var data = users[user]; var access = access_enum.NONE; if (data.hasOwnProperty("access")) { - console.log("Found access parameter"); + //console.log("Found access parameter"); if (data.access.write) { access = access_enum.WRITE; } @@ -47,7 +47,7 @@ $(function() { $users.append($user); } else { - console.log("adding shared user"); + //console.log("adding shared user"); $user.addClass('share-box-share-item sharing-updated'); share_settings[user] = data.access; $share.append($user); @@ -96,9 +96,11 @@ $(function() { if ($('#share-box-users').find('.user-thumbnail').length === 0) { ajax_data = $(e.target).data(); + $('#share-box-users').addClass('text-align-center').text('Loading user list'); + $.ajax({ url: ajax_data.url, - method: 'post', + method: 'get', data: {resourceId: ajax_data.resourceId}, dataType: "json", error: function(xhr, status, error) { @@ -109,7 +111,7 @@ $(function() { $users = $('#share-box-users'); $users.empty().removeClass('text-align-center'); - + console.log(data); for (user in data) { if (data.hasOwnProperty(user)) { $user = createThumbnail(user, data.firstname, data.lastname, data.email, access_enum.NONE, true); @@ -124,10 +126,7 @@ $(function() { }); } - $('#share-box-users').addClass('text-align-center').text('Loading user list'); - $share_list = $('#shared-users').children(); - if ($share_list.filter('.sharing-thumbnail').length > 0) { $share_list.sort(comparator); $share_list.each(function(index, element) { From 98b6ca3c064aff4a730495a410606d1c5760ecd7 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Mon, 15 Aug 2016 12:09:33 -0400 Subject: [PATCH 08/21] fixed issue 2005, 2014, 2021 --- app/controllers/ExperimentController.php | 4 ++-- app/libraries/ExperimentUtilities.php | 8 +++----- app/libraries/SharingUtilities.php | 14 ++++++++------ public/js/sharing/share.js | 6 +++--- 4 files changed, 16 insertions(+), 16 deletions(-) mode change 100644 => 100755 app/libraries/SharingUtilities.php diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index 0b4860543..defe7009c 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -333,11 +333,11 @@ public function sharedUsers() public function unsharedUsers() { - if (array_key_exists('resourceId', $_POST)) { + if (array_key_exists('resourceId', $_GET)) { return Response::json(SharingUtilities::getProfilesForUnsharedUsers($_GET['resourceId'], ResourceType::EXPERIMENT)); } else { - return Response::json(array("error" => "Error: No project specified")); + return Response::json(array("error" => "Error: No experiment specified")); } } } diff --git a/app/libraries/ExperimentUtilities.php b/app/libraries/ExperimentUtilities.php index e5da839a0..b22b8be15 100755 --- a/app/libraries/ExperimentUtilities.php +++ b/app/libraries/ExperimentUtilities.php @@ -634,10 +634,8 @@ public static function clone_experiment($expId) Airavata::updateExperiment(Session::get('authz-token'), $cloneId, $experiment); $share = SharingUtilities::getAllUserPermissions($expId, ResourceType::EXPERIMENT); - $share->{Session::get('username')} = new stdClass(); - $share->{Session::get('username')}->read = true; - $share->{Session::get('username')}->write = true; - ExperimentUtilities::share_experiment($cloneId, $share); + $share[Session::get('username')] = ["read" => true, "write" => true]; + ExperimentUtilities::share_experiment($cloneId, json_decode(json_encode($share))); return $cloneId; } catch (InvalidRequestException $ire) { @@ -1131,7 +1129,7 @@ public static function get_expsearch_results_with_pagination($inputs, $limit, $o $expContainer = array(); $expNum = 0; foreach ($experiments as $experiment) { - if (SharingUtilities::userCanRead(Session::get('username'), $experiment, ResourceType::EXPERIMENT)) { + if (SharingUtilities::userCanRead(Session::get('username'), $experiment->experimentId, ResourceType::EXPERIMENT)) { $expValue = ExperimentUtilities::get_experiment_values($experiment, true); $expContainer[$expNum]['experiment'] = $experiment; if ($expValue["experimentStatusString"] == "FAILED") diff --git a/app/libraries/SharingUtilities.php b/app/libraries/SharingUtilities.php old mode 100644 new mode 100755 index 7b98f97d0..bf9987fdf --- a/app/libraries/SharingUtilities.php +++ b/app/libraries/SharingUtilities.php @@ -25,12 +25,14 @@ public static function resourceIsShared($resourceId, $dataResourceType) { * @return True if the user has read permission, false otherwise. */ public static function userCanRead($uid, $resourceId, $dataResourceType) { - if (WSIS::usernameExists($uid)) { - $read = GrouperUtilities::getAllAccessibleUsers($resourceId, $dataResourceType, ResourcePermissionType::READ); - return (array_key_exists($uid, $read) ? true : false); - } - else { - return false; + $read = GrouperUtilities::getAllAccessibleUsers($resourceId, $dataResourceType, ResourcePermissionType::READ); + foreach($read as $user) { + if (strcmp($uid, $user) === 0) { + return true; + } + else { + return false; + } } } diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js index ee4885ef7..5171b021e 100755 --- a/public/js/sharing/share.js +++ b/public/js/sharing/share.js @@ -110,11 +110,11 @@ $(function() { var user, $user, $users; $users = $('#share-box-users'); - $users.empty().removeClass('text-align-center'); - console.log(data); + $users.removeClass('text-align-center'); + $users.text(''); for (user in data) { if (data.hasOwnProperty(user)) { - $user = createThumbnail(user, data.firstname, data.lastname, data.email, access_enum.NONE, true); + $user = createThumbnail(user, data[user].firstname, data[user].lastname, data[user].email, access_enum.NONE, true); $user.find('.sharing-thumbnail-access').hide(); $user.addClass('user-thumbnail'); From 7b21101001e406144c130086121db51f003fc37f Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Mon, 15 Aug 2016 12:10:45 -0400 Subject: [PATCH 09/21] minor fixes --- app/libraries/ExperimentUtilities.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/app/libraries/ExperimentUtilities.php b/app/libraries/ExperimentUtilities.php index b22b8be15..d90d2ce6b 100755 --- a/app/libraries/ExperimentUtilities.php +++ b/app/libraries/ExperimentUtilities.php @@ -572,7 +572,12 @@ public static function update_experiment($expId, $updatedExperiment) '

AiravataSystemException: ' . $ase->getMessage() . '

'); } - ExperimentUtilities::share_experiment($expId, json_decode($share)); + $share = json_decode($share); + $share->{Session::get("username")} = new stdClass(); + $share->{Session::get("username")}->read = true; + $share->{Session::get("username")}->write = true; + + ExperimentUtilities::share_experiment($expId, $share); } From dcf8e479978e050c072aea251514dec538ea5911 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Tue, 16 Aug 2016 09:56:18 -0400 Subject: [PATCH 10/21] Project summary page now only load experiments that the user may access --- app/libraries/ProjectUtilities.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php index 476f94d81..1e5fecc38 100755 --- a/app/libraries/ProjectUtilities.php +++ b/app/libraries/ProjectUtilities.php @@ -184,6 +184,12 @@ public static function get_experiments_in_project($projectId) CommonUtilities::print_error_message('TTransportException!

' . $tte->getMessage()); } + for($i = 0; $i < count($experiments); $i++) { + if (!SharingUtilities::userCanRead(Session::get("username"), $experiments[$i]->experimentId, ResourceType::EXPERIMENT)) { + array_splice($experiments, $i, 1); + } + } + return $experiments; } From 39f9b23ca22082888be0fa6601ba9399684173f2 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Tue, 16 Aug 2016 10:06:07 -0400 Subject: [PATCH 11/21] Default Project owner granted read and write permissions at creation --- app/libraries/ProjectUtilities.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php index 1e5fecc38..0437526c7 100755 --- a/app/libraries/ProjectUtilities.php +++ b/app/libraries/ProjectUtilities.php @@ -150,6 +150,12 @@ public static function create_default_project($username) try { $projectId = Airavata::createProject(Session::get('authz-token'), Config::get('pga_config.airavata')['gateway-id'], $project); + $share = new stdClass(); + $share->{$username} = new stdClass(); + $share->{$username}->read = true; + $share->{$username}->write = true; + ProjectUtilities::share_project($projectId, $share); + } catch (InvalidRequestException $ire) { CommonUtilities::print_error_message('InvalidRequestException!

' . $ire->getMessage()); } catch (AiravataClientException $ace) { From fe506210fc317afb4cab24b18f119f78684688ba Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Tue, 16 Aug 2016 10:17:21 -0400 Subject: [PATCH 12/21] project owner always granted sharing when permissions are set (to ensure that even if something goes wrong on the client end, the owner can still access their project) --- app/libraries/ProjectUtilities.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php index 0437526c7..a5efdb4ea 100755 --- a/app/libraries/ProjectUtilities.php +++ b/app/libraries/ProjectUtilities.php @@ -305,6 +305,10 @@ public static function get_proj_search_results_with_pagination($searchKey, $sear * @param $users A map of username => {read_permission, write_permission} */ private static function share_project($projectId, $users) { + $project = Airavata::getProject(Session::get("authz-token"), $projectId); + $users->{$project->owner}->read = true; + $users->{$project->owner}->write = true; + $wadd = array(); $wrevoke = array(); $ewrevoke = array(); From cb57e294829bcbc98376329729ee04f28f9398c1 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Tue, 16 Aug 2016 11:24:43 -0400 Subject: [PATCH 13/21] Removed ability for users with read only permissions to access project edit pages --- app/controllers/ProjectController.php | 66 ++++++++++++++++++++++----- app/libraries/SharingUtilities.php | 20 +++++++- app/views/project/browse.blade.php | 4 +- app/views/project/summary.blade.php | 5 +- 4 files changed, 78 insertions(+), 17 deletions(-) diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php index 3bf91d510..97a41f81b 100755 --- a/app/controllers/ProjectController.php +++ b/app/controllers/ProjectController.php @@ -46,8 +46,25 @@ public function summary() $users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT); + $experiments = ProjectUtilities::get_experiments_in_project(Input::get("projId")); + + $experiment_can_write = array(); + foreach($experiments as $experiment) { + if (SharingUtilities::userCanWrite(Session::get("username"), $experiment->experimentId, ResourceType::EXPERIMENT)) { + $experiment_can_write[$experiment->experimentId] = true; + } + else { + $experiment_can_write[$experiment->experimentId] = false; + } + } + return View::make("project/summary", - array("projectId" => Input::get("projId"), "users" => json_encode($users))); + array("projectId" => Input::get("projId"), + "experiments" => $experiments, + "users" => json_encode($users), + "project_can_write" => SharingUtilities::userCanWrite(Session::get("username"), Input::get("projId"), ResourceType::PROJECT), + "experiment_can_write" => $experiment_can_write + )); } else return Redirect::to("home"); } @@ -55,20 +72,33 @@ public function summary() public function editView() { if (Input::has("projId")) { - $users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT); - - return View::make("project/edit", - array("projectId" => Input::get("projId"), - "project" => ProjectUtilities::get_project($_GET['projId']), - "users" => json_encode($users) - )); + if (SharingUtilities::userCanWrite(Session::get("username"), Input::get("projId"), ResourceType::PROJECT)) { + $project = ProjectUtilities::get_project($_GET['projId']); + $users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT); + $owner = array(); + + if (strcmp(Session::get("username"), $project->owner) !== 0) { + $owner = array($project->owner => $users[$project->owner]); + $users = array_key_diff($users, $owner); + } + + return View::make("project/edit", + array("projectId" => Input::get("projId"), + "project" => $project, + "users" => json_encode($users), + "owner" => json_encode($owner) + )); + } + else { + return Redirect::to('project/summary?projId=' . Input::get("projId"))->with("error", "You do not have permission to edit this project."); + } } else return Redirect::to("home"); } public function editSubmit() { - if (isset($_POST['save'])) { + if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"))) { $projectDetails = array(); $projectDetails["owner"] = Session::get("username"); $projectDetails["name"] = Input::get("project-name"); @@ -103,10 +133,22 @@ public function browseView() $projects = ProjectUtilities::get_all_user_accessible_projects_with_pagination($this->limit, ($pageNo - 1) * $this->limit); } + $can_write = array(); + $user = Session::get("username"); + foreach($projects as $project) { + if (SharingUtilities::userCanWrite($user, $project->projectID, ResourceType::PROJECT)) { + $can_write[$project->projectID] = true; + } + else { + $can_write[$project->projectID] = false; + } + } + return View::make('project/browse', array( 'pageNo' => $pageNo, 'limit' => $this->limit, - 'projects' => $projects + 'projects' => $projects, + 'can_write' => $can_write )); } @@ -119,7 +161,7 @@ public function browseView() */ public function sharedUsers() { - if (array_key_exists('resourceId', $_GET)) { + if (Session::has("authz-token") && array_key_exists('resourceId', $_GET)) { return Response::json(SharingUtilities::getProfilesForSharedUsers($_GET['resourceId'], ResourceType::PROJECT)); } else { @@ -129,7 +171,7 @@ public function sharedUsers() public function unsharedUsers() { - if (array_key_exists('resourceId', $_GET)) { + if (Session::has("authz-token") && array_key_exists('resourceId', $_GET)) { return Response::json(SharingUtilities::getProfilesForUnsharedUsers($_GET['resourceId'], ResourceType::PROJECT)); } else { diff --git a/app/libraries/SharingUtilities.php b/app/libraries/SharingUtilities.php index bf9987fdf..477cec5d4 100755 --- a/app/libraries/SharingUtilities.php +++ b/app/libraries/SharingUtilities.php @@ -30,10 +30,26 @@ public static function userCanRead($uid, $resourceId, $dataResourceType) { if (strcmp($uid, $user) === 0) { return true; } - else { - return false; + } + return false; + } + + /** + * Determine if the user has write privileges on the resource. + * + * @param $uid The user to check + * @param $resourceId Experiment or Project ID + * @param $dataResourceType e.g Airavata\Model\Group\ResourceType:PROJECT,Airavata\Model\Group\ResourceType:EXPERIMENT + * @return True if the user has write permission, false otherwise. + */ + public static function userCanWrite($uid, $resourceId, $dataResourceType) { + $write = GrouperUtilities::getAllAccessibleUsers($resourceId, $dataResourceType, ResourcePermissionType::WRITE); + foreach($write as $user) { + if (strcmp($uid, $user) === 0) { + return true; } } + return false; } /** diff --git a/app/views/project/browse.blade.php b/app/views/project/browse.blade.php index 4e68ddc4e..3b6e34843 100755 --- a/app/views/project/browse.blade.php +++ b/app/views/project/browse.blade.php @@ -107,9 +107,11 @@ class="glyphicon glyphicon-search"> Search name; ?> + @if($can_write[$project->projectID] === true) + @endif {{$project->owner}} @@ -143,4 +145,4 @@ class="glyphicon glyphicon-search"> Search @section('scripts') @parent {{ HTML::script('js/time-conversion.js')}} - @stop \ No newline at end of file + @stop diff --git a/app/views/project/summary.blade.php b/app/views/project/summary.blade.php index 9e7adceff..fc6fe69d7 100755 --- a/app/views/project/summary.blade.php +++ b/app/views/project/summary.blade.php @@ -10,7 +10,6 @@
projectID); ?>

Project Summary @if( !isset($dashboard)) @@ -21,9 +20,11 @@

{{ $project->name }} + @if($project_can_write === true) + @endif

{{ $project->description }}

@@ -62,7 +63,7 @@ {{ $experiment->experimentName }} - @if( $expValues['editable']) + @if( $expValues['editable'] and $experiment_can_write[$experiment->experimentId] === true) @endif From 9f0ee4e621a244d6cb5731e0fe617c7e01222e15 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Tue, 16 Aug 2016 12:25:48 -0400 Subject: [PATCH 14/21] changes to ensure project owner cannot have permissions changed by other users --- app/controllers/ProjectController.php | 17 +++++++++--- app/libraries/ProjectUtilities.php | 14 +++------- app/views/project/edit.blade.php | 2 ++ app/views/project/summary.blade.php | 7 ++--- public/js/sharing/share.js | 37 ++++++++++++--------------- public/js/sharing/sharing_utils.js | 8 +++--- 6 files changed, 44 insertions(+), 41 deletions(-) diff --git a/app/controllers/ProjectController.php b/app/controllers/ProjectController.php index 97a41f81b..966f36a39 100755 --- a/app/controllers/ProjectController.php +++ b/app/controllers/ProjectController.php @@ -26,7 +26,7 @@ public function __construct() public function createView() { $users = SharingUtilities::getAllUserProfiles(); - return View::make("project/create", array("users" => json_encode($users))); + return View::make("project/create", array("users" => json_encode($users), "owner" => json_encode(array()))); } public function createSubmit() @@ -44,8 +44,16 @@ public function summary() if (Input::has("projId")) { Session::put("projId", Input::get("projId")); + $project = ProjectUtilities::get_project(Input::get('projId')); + $users = SharingUtilities::getProfilesForSharedUsers(Input::get('projId'), ResourceType::PROJECT); + $owner = array(); + if (strcmp(Session::get("username"), $project->owner) !== 0) { + $owner[$project->owner] = $users[$project->owner]; + $users = array_diff_key($users, $owner); + } + $experiments = ProjectUtilities::get_experiments_in_project(Input::get("projId")); $experiment_can_write = array(); @@ -62,6 +70,7 @@ public function summary() array("projectId" => Input::get("projId"), "experiments" => $experiments, "users" => json_encode($users), + "owner" => json_encode($owner), "project_can_write" => SharingUtilities::userCanWrite(Session::get("username"), Input::get("projId"), ResourceType::PROJECT), "experiment_can_write" => $experiment_can_write )); @@ -78,8 +87,8 @@ public function editView() $owner = array(); if (strcmp(Session::get("username"), $project->owner) !== 0) { - $owner = array($project->owner => $users[$project->owner]); - $users = array_key_diff($users, $owner); + $owner[$project->owner] = $users[$project->owner]; + $users = array_diff_key($users, $owner); } return View::make("project/edit", @@ -98,7 +107,7 @@ public function editView() public function editSubmit() { - if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"))) { + if (isset($_POST['save']) && SharingUtilities::userCanWrite(Session::get("username"), Input::get("projectId"), ResourceType::PROJECT)) { $projectDetails = array(); $projectDetails["owner"] = Session::get("username"); $projectDetails["name"] = Input::get("project-name"); diff --git a/app/libraries/ProjectUtilities.php b/app/libraries/ProjectUtilities.php index a5efdb4ea..ca8081e25 100755 --- a/app/libraries/ProjectUtilities.php +++ b/app/libraries/ProjectUtilities.php @@ -127,11 +127,7 @@ public static function create_project() CommonUtilities::print_error_message('AiravataSystemException!

' . $ase->getMessage()); } - $share = json_decode($share); - $share->{Session::get('username')} = new stdClass(); - $share->{Session::get('username')}->read = true; - $share->{Session::get('username')}->write = true; - ProjectUtilities::share_project($projectId, $share); + ProjectUtilities::share_project($projectId, json_decode($share)); return $projectId; } @@ -223,12 +219,7 @@ public static function update_project($projectId, $projectDetails) CommonUtilities::print_error_message('AiravataSystemException!

' . $ase->getMessage()); } - $share = json_decode($share); - $share->{Session::get('username')} = new stdClass(); - $share->{Session::get('username')}->read = true; - $share->{Session::get('username')}->write = true; - - ProjectUtilities::share_project($projectId, $share); + ProjectUtilities::share_project($projectId, json_decode($share)); } @@ -306,6 +297,7 @@ public static function get_proj_search_results_with_pagination($searchKey, $sear */ private static function share_project($projectId, $users) { $project = Airavata::getProject(Session::get("authz-token"), $projectId); + $users->{$project->owner} = new stdClass(); $users->{$project->owner}->read = true; $users->{$project->owner}->write = true; diff --git a/app/views/project/edit.blade.php b/app/views/project/edit.blade.php index 388138e49..edd8ac980 100755 --- a/app/views/project/edit.blade.php +++ b/app/views/project/edit.blade.php @@ -62,8 +62,10 @@ class="form-control" @parent {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} + @stop diff --git a/app/views/project/summary.blade.php b/app/views/project/summary.blade.php index fc6fe69d7..a307a6380 100755 --- a/app/views/project/summary.blade.php +++ b/app/views/project/summary.blade.php @@ -108,11 +108,12 @@ @stop @section('scripts') @parent -{{ HTML::script('js/time-conversion.js')}} +{{ HTML::script('js/time-conversion.js')}} {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} + @stop diff --git a/public/js/sharing/share.js b/public/js/sharing/share.js index 5171b021e..956cec371 100755 --- a/public/js/sharing/share.js +++ b/public/js/sharing/share.js @@ -4,6 +4,8 @@ * @author Jeff Kinnison */ +var createThumbnails; + $(function() { var comparator_map, comparator, $original_shared_list, $revoke_list; comparator_map = { @@ -16,7 +18,7 @@ $(function() { /* Share box functions */ - var createTestData = function () { + createThumbnails = function () { var $users, $share, $user, share_settings; $users = $('#share-box-users'); @@ -55,23 +57,16 @@ $(function() { } } - // for (var group in dummy_group_data) { - // if (dummy_group_data.hasOwnProperty(group)) { - // data = dummy_group_data[group]; - // $group = createThumbnail(data.username, data.firstname, data.lastname, data.email, data.access); - // $group.addClass('group-thumbnail'); - // if (data.access === access_enum.NONE) { - // $group.addClass('share-box-users-item'); - // $users.append($group); - // } - // else { - // $group.addClass('share-box-share-item'); - // $group.find('.sharing-thumbnail-access').prop("disabled", false).show(); - // $group.find('.sharing-thumbnail-unshare').show(); - // $share.append($group); - // } - // } - // } + for (var o in owner) { + if (owner.hasOwnProperty(o)) { + var odata = owner[o]; + $owner = createThumbnail(o, odata.firstname, odata.lastname, odata.email, access_enum.OWNER, false); + $owner.find(".sharing-thumbnail-unshare").detach(); + $owner.addClass("share-box-share-item owner"); + $share.prepend($owner); + } + } + if ($share.children().length === 0) { $share.append($('

This has not been shared

')).addClass('text-align-center'); } @@ -132,7 +127,9 @@ $(function() { $share_list.each(function(index, element) { var $e; $e = $(element); - $e.find('.sharing-thumbnail-access-text').hide(); + if (!$e.hasClass('owner')) { + $e.find('.sharing-thumbnail-access-text').hide(); + } $e.find('.sharing-thumbnail-access').prop('disabled', false).show(); $e.find('.sharing-thumbnail-unshare').show(); $e.detach().appendTo($('#share-box-share')); @@ -339,5 +336,5 @@ $(function() { /* Set up the sharing interface */ - createTestData(); + createThumbnails(); }); diff --git a/public/js/sharing/sharing_utils.js b/public/js/sharing/sharing_utils.js index 5191de91a..550576a78 100644 --- a/public/js/sharing/sharing_utils.js +++ b/public/js/sharing/sharing_utils.js @@ -1,13 +1,15 @@ var access_enum = { NONE: 0, READ: 1, - WRITE: 2 + WRITE: 2, + OWNER: 3 }; var access_text = [ 'Cannot access', 'Can read', - 'Can write' + 'Can write', + 'Owner' ]; var createThumbnail = function(username, firstname, lastname, email, access, share) { @@ -30,7 +32,7 @@ var createThumbnail = function(username, firstname, lastname, email, access, sha access_text_current = access_text[access]; - if (access !== access_enum.NONE) { + if (access !== access_enum.NONE && access !== access_enum.OWNER) { data.access.read = true; data.currentaccess.read = true; } From ca0105c6b18e59fdc9fff0be8d598160f62c2c86 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 10:23:14 -0400 Subject: [PATCH 15/21] redirect read-inly users from edit view to summary view --- app/controllers/ExperimentController.php | 116 ++++++++++++----------- 1 file changed, 63 insertions(+), 53 deletions(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index defe7009c..1be34f467 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -199,47 +199,52 @@ public function expChange() public function editView() { - $queueDefaults = array("queueName" => Config::get('pga_config.airavata')["queue-name"], - "nodeCount" => Config::get('pga_config.airavata')["node-count"], - "cpuCount" => Config::get('pga_config.airavata')["total-cpu-count"], - "wallTimeLimit" => Config::get('pga_config.airavata')["wall-time-limit"] - ); + if (SharingUtilities::userCanWrite(Session::get("username"), $_GET['expId'], ResourceType::EXPERIMENT) === true) { + $queueDefaults = array("queueName" => Config::get('pga_config.airavata')["queue-name"], + "nodeCount" => Config::get('pga_config.airavata')["node-count"], + "cpuCount" => Config::get('pga_config.airavata')["total-cpu-count"], + "wallTimeLimit" => Config::get('pga_config.airavata')["wall-time-limit"] + ); - $experiment = ExperimentUtilities::get_experiment($_GET['expId']); - $expVal = ExperimentUtilities::get_experiment_values($experiment); - $expVal["jobState"] = ExperimentUtilities::get_job_status($experiment); + $experiment = ExperimentUtilities::get_experiment($_GET['expId']); + $expVal = ExperimentUtilities::get_experiment_values($experiment); + $expVal["jobState"] = ExperimentUtilities::get_job_status($experiment); - $computeResources = CRUtilities::create_compute_resources_select($experiment->executionId, $expVal['scheduling']->resourceHostId); - - $clonedExp = false; $savedExp = false; - if( Input::has("clonedExp")) - $clonedExp = true; - if( Input::has("savedExp")) - $savedExp = true; - - $experimentInputs = array( - "clonedExp" => $clonedExp, - "savedExp" => $savedExp, - "disabled" => ' ', - "experimentName" => $experiment->experimentName, - "experimentDescription" => $experiment->description, - "application" => $experiment->executionId, - "autoSchedule" => $experiment->userConfigurationData->airavataAutoSchedule, - "userDN" => $experiment->userConfigurationData->userDN, - "allowedFileSize" => Config::get('pga_config.airavata')["server-allowed-file-size"], - 'experiment' => $experiment, - "queueDefaults" => $queueDefaults, - 'computeResources' => $computeResources, - "resourceHostId" => $expVal['scheduling']->resourceHostId, - 'project' => $experiment->projectId, - 'expVal' => $expVal, - 'cloning' => true, - 'advancedOptions' => Config::get('pga_config.airavata')["advanced-experiment-options"] - ); + $computeResources = CRUtilities::create_compute_resources_select($experiment->executionId, $expVal['scheduling']->resourceHostId); + + $clonedExp = false; $savedExp = false; + if( Input::has("clonedExp")) + $clonedExp = true; + if( Input::has("savedExp")) + $savedExp = true; - $users = SharingUtilities::getProfilesForSharedUsers($_GET['expId'], ResourceType::EXPERIMENT); + $experimentInputs = array( + "clonedExp" => $clonedExp, + "savedExp" => $savedExp, + "disabled" => ' ', + "experimentName" => $experiment->experimentName, + "experimentDescription" => $experiment->description, + "application" => $experiment->executionId, + "autoSchedule" => $experiment->userConfigurationData->airavataAutoSchedule, + "userDN" => $experiment->userConfigurationData->userDN, + "allowedFileSize" => Config::get('pga_config.airavata')["server-allowed-file-size"], + 'experiment' => $experiment, + "queueDefaults" => $queueDefaults, + 'computeResources' => $computeResources, + "resourceHostId" => $expVal['scheduling']->resourceHostId, + 'project' => $experiment->projectId, + 'expVal' => $expVal, + 'cloning' => true, + 'advancedOptions' => Config::get('pga_config.airavata')["advanced-experiment-options"] + ); - return View::make("experiment/edit", array("expInputs" => $experimentInputs, "users" => json_encode($users))); + $users = SharingUtilities::getProfilesForSharedUsers($_GET['expId'], ResourceType::EXPERIMENT); + + return View::make("experiment/edit", array("expInputs" => $experimentInputs, "users" => json_encode($users))); + } + else { + Redirect::to("experiment/summary?expId=" . $experiment->experimentId)->with("error", "You do not have permission to edit this experiment"); + } } public function cloneExperiment() @@ -258,22 +263,27 @@ public function cloneExperiment() public function editSubmit() { - if (isset($_POST['save']) || isset($_POST['launch'])) { - $experiment = ExperimentUtilities::get_experiment(Input::get('expId')); // update local experiment variable - $updatedExperiment = ExperimentUtilities::apply_changes_to_experiment($experiment, Input::all()); + if (SharingUtilities::userCanWrite(Session::get("username"), Input::get('expId'), ResourceType::EXPERIMENT)) { + if (isset($_POST['save']) || isset($_POST['launch'])) { + $experiment = ExperimentUtilities::get_experiment(Input::get('expId')); // update local experiment variable + $updatedExperiment = ExperimentUtilities::apply_changes_to_experiment($experiment, Input::all()); - ExperimentUtilities::update_experiment($experiment->experimentId, $updatedExperiment); + ExperimentUtilities::update_experiment($experiment->experimentId, $updatedExperiment); - if (isset($_POST['save'])) { - $experiment = ExperimentUtilities::get_experiment(Input::get('expId')); // update local experiment variable - } - if (isset($_POST['launch'])) { - ExperimentUtilities::launch_experiment($experiment->experimentId); - } + if (isset($_POST['save'])) { + $experiment = ExperimentUtilities::get_experiment(Input::get('expId')); // update local experiment variable + } + if (isset($_POST['launch'])) { + ExperimentUtilities::launch_experiment($experiment->experimentId); + } - return Redirect::to('experiment/summary?expId=' . $experiment->experimentId); - } else - return View::make("home"); + return Redirect::to('experiment/summary?expId=' . $experiment->experimentId); + } else + return View::make("home"); + } + else { + return Redirect::to("experiment/summary?expId=" . Input::get('expId'))->with("error", "You do not have permission to edit this experiment"); + } } public function getQueueView() @@ -310,7 +320,7 @@ public function browseView() 'pageNo' => $pageNo, 'limit' => $this->limit, 'expStates' => $experimentStates, - 'expContainer' => $expContainer + 'expContainer' => $expContainer, )); } @@ -323,7 +333,7 @@ public function browseView() */ public function sharedUsers() { - if (array_key_exists('resourceId', $_GET)) { + if (Session::has("authz-token") && array_key_exists('resourceId', $_GET)) { return Response::json(SharingUtilities::getProfilesForSharedUsers($_GET['resourceId'], ResourceType::EXPERIMENT)); } else { @@ -333,7 +343,7 @@ public function sharedUsers() public function unsharedUsers() { - if (array_key_exists('resourceId', $_GET)) { + if (Session::has("authz-token") && array_key_exists('resourceId', $_GET)) { return Response::json(SharingUtilities::getProfilesForUnsharedUsers($_GET['resourceId'], ResourceType::EXPERIMENT)); } else { From a5dbbaaf75b55e24a6527569f2266944c87b6d6c Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 10:23:38 -0400 Subject: [PATCH 16/21] minor logic change --- app/controllers/ExperimentController.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index 1be34f467..0828bcbd8 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -281,9 +281,6 @@ public function editSubmit() } else return View::make("home"); } - else { - return Redirect::to("experiment/summary?expId=" . Input::get('expId'))->with("error", "You do not have permission to edit this experiment"); - } } public function getQueueView() From 2fe80e77fa06232e9a3d60ff90c00ffce72aa439 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 10:31:42 -0400 Subject: [PATCH 17/21] Removed link to edit page to read-only users --- app/controllers/ExperimentController.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index 0828bcbd8..bb5877908 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -142,7 +142,8 @@ public function summary() "jobDetails" => $jobDetails, "expVal" => $expVal, "autoRefresh"=> $autoRefresh, - "users" => json_encode($users) + "users" => json_encode($users), + "can_write" => SharingUtilities::userCanWrite(Session::get("username"), $experiment->experimentId, ResourceType::EXPERIMENT) ); if( Input::has("dashboard")) { From ebdc1631bb67c6a03703e16115bf9d8b07a868e2 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 10:35:38 -0400 Subject: [PATCH 18/21] Removed edit links from browse --- app/controllers/ExperimentController.php | 7 +++++++ .../partials/experiment-container.blade.php | 16 ++++++++-------- app/views/partials/experiment-info.blade.php | 2 ++ 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index bb5877908..b884a171a 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -313,12 +313,19 @@ public function browseView() $expContainer = ExperimentUtilities::get_expsearch_results_with_pagination(Input::all(), $this->limit, ($pageNo - 1) * $this->limit); $experimentStates = ExperimentUtilities::getExpStates(); + + $can_write = array(); + foreach ($expContainer as $experiment) { + $can_write[$experiment->experimentId] = SharingUtilities::userCanWrite(Session::get("username"), $experiment->experimentId, ResourceType::EXPERIMENT); + } + return View::make('experiment/browse', array( 'input' => Input::all(), 'pageNo' => $pageNo, 'limit' => $this->limit, 'expStates' => $experimentStates, 'expContainer' => $expContainer, + 'can_write' => $can_write )); } diff --git a/app/views/partials/experiment-container.blade.php b/app/views/partials/experiment-container.blade.php index 4ecf3de1c..25f99c765 100644 --- a/app/views/partials/experiment-container.blade.php +++ b/app/views/partials/experiment-container.blade.php @@ -24,11 +24,11 @@ @foreach($expContainer as $experiment) - + - {{ $experiment['experiment']->name }} + {{ $experiment['experiment']->name }} - @if( $experiment['expValue']['editable']) + @if( $experiment['expValue']['editable'] and $can_write[$experiment->experimentId] === true) @endif @@ -41,7 +41,7 @@ @endif - @if( !empty( explode("_", $experiment['experiment']->resourceHostId)[0] ) ) + @if( !empty( explode("_", $experiment['experiment']->resourceHostId)[0] ) ) {{ explode("_", $experiment['experiment']->resourceHostId)[0] }} @endif @@ -53,18 +53,18 @@ {{$experiment['expValue']['experimentStatusString'] }} - @if( isset( $dashboard)) + @if( isset( $dashboard)) @endif - + @endforeach - +
@endif -@endif \ No newline at end of file +@endif diff --git a/app/views/partials/experiment-info.blade.php b/app/views/partials/experiment-info.blade.php index fa6a60527..36c9fe235 100644 --- a/app/views/partials/experiment-info.blade.php +++ b/app/views/partials/experiment-info.blade.php @@ -225,6 +225,7 @@ class="btn btn-primary" Clone + @if($can_write === true) Edit + @endif

@endif From face8c535732639870aa9fc9acf9e91692e9ba5c Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 11:28:13 -0400 Subject: [PATCH 19/21] Added owner thumbnail, post-completion sharing, and verified that the changes work --- app/controllers/ExperimentController.php | 17 +++++++++++++++-- app/libraries/ExperimentUtilities.php | 17 ++++++----------- app/views/experiment/edit.blade.php | 1 + .../partials/experiment-container.blade.php | 2 +- app/views/partials/experiment-info.blade.php | 10 ++++++++++ app/views/partials/sharing-form-modal.blade.php | 2 +- 6 files changed, 34 insertions(+), 15 deletions(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index b884a171a..2cee7ab23 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -135,6 +135,12 @@ public function summary() $users = SharingUtilities::getProfilesForSharedUsers(Input::get("expId"), ResourceType::EXPERIMENT); + $owner = array(); + if (strcmp(Session::get("username"), $experiment->userName) !== 0) { + $owner[$experiment->userName] = $users[$experiment->userName]; + $users = array_diff_key($users, $owner); + } + $data = array( "expId" => Input::get("expId"), "experiment" => $experiment, @@ -143,6 +149,7 @@ public function summary() "expVal" => $expVal, "autoRefresh"=> $autoRefresh, "users" => json_encode($users), + "owner" => json_encode($owner), "can_write" => SharingUtilities::userCanWrite(Session::get("username"), $experiment->experimentId, ResourceType::EXPERIMENT) ); if( Input::has("dashboard")) @@ -241,7 +248,13 @@ public function editView() $users = SharingUtilities::getProfilesForSharedUsers($_GET['expId'], ResourceType::EXPERIMENT); - return View::make("experiment/edit", array("expInputs" => $experimentInputs, "users" => json_encode($users))); + $owner = array(); + if (strcmp(Session::get("username"), $experiment->userName) !== 0) { + $owner[$experiment->userName] = $users[$experiment->userName]; + $users = array_diff_key($users, $owner); + } + + return View::make("experiment/edit", array("expInputs" => $experimentInputs, "users" => json_encode($users), "owner" => json_encode($owner))); } else { Redirect::to("experiment/summary?expId=" . $experiment->experimentId)->with("error", "You do not have permission to edit this experiment"); @@ -316,7 +329,7 @@ public function browseView() $can_write = array(); foreach ($expContainer as $experiment) { - $can_write[$experiment->experimentId] = SharingUtilities::userCanWrite(Session::get("username"), $experiment->experimentId, ResourceType::EXPERIMENT); + $can_write[$experiment['experiment']->experimentId] = SharingUtilities::userCanWrite(Session::get("username"), $experiment['experiment']->experimentId, ResourceType::EXPERIMENT); } return View::make('experiment/browse', array( diff --git a/app/libraries/ExperimentUtilities.php b/app/libraries/ExperimentUtilities.php index d90d2ce6b..631cb98ce 100755 --- a/app/libraries/ExperimentUtilities.php +++ b/app/libraries/ExperimentUtilities.php @@ -572,12 +572,7 @@ public static function update_experiment($expId, $updatedExperiment) '

AiravataSystemException: ' . $ase->getMessage() . '

'); } - $share = json_decode($share); - $share->{Session::get("username")} = new stdClass(); - $share->{Session::get("username")}->read = true; - $share->{Session::get("username")}->write = true; - - ExperimentUtilities::share_experiment($expId, $share); + ExperimentUtilities::share_experiment($expId, json_decode($share)); } @@ -826,11 +821,7 @@ public static function create_experiment() CommonUtilities::print_error_message('AiravataSystemException!

' . $ase->getMessage()); } - $share = json_decode($share); - $share->{Session::get('username')} = new stdClass(); - $share->{Session::get('username')}->read = true; - $share->{Session::get('username')}->write = true; - ExperimentUtilities::share_experiment($expId, $share); + ExperimentUtilities::share_experiment($expId, json_decode($share)); return $expId; } @@ -1335,6 +1326,10 @@ public static function create_application_select($id = null, $editable = true) */ private static function share_experiment($expId, $users) { $experiment = ExperimentUtilities::get_experiment($expId); + $users->{$experiment->owner} = new stdClass(); + $users->{$experiment->owner}->read = true; + $users->{$experiment->owner}->write = true; + $wadd = array(); $wrevoke = array(); $radd = array(); diff --git a/app/views/experiment/edit.blade.php b/app/views/experiment/edit.blade.php index 75a6c5dc4..a4abe0ea8 100755 --- a/app/views/experiment/edit.blade.php +++ b/app/views/experiment/edit.blade.php @@ -54,6 +54,7 @@ @parent {{ HTML::script('js/sharing/sharing_utils.js') }} diff --git a/app/views/partials/experiment-container.blade.php b/app/views/partials/experiment-container.blade.php index 25f99c765..561063e6a 100644 --- a/app/views/partials/experiment-container.blade.php +++ b/app/views/partials/experiment-container.blade.php @@ -28,7 +28,7 @@ {{ $experiment['experiment']->name }} - @if( $experiment['expValue']['editable'] and $can_write[$experiment->experimentId] === true) + @if( $experiment['expValue']['editable'] and $can_write[$experiment['experiment']->experimentId] === true) @endif diff --git a/app/views/partials/experiment-info.blade.php b/app/views/partials/experiment-info.blade.php index 36c9fe235..3ca3340eb 100644 --- a/app/views/partials/experiment-info.blade.php +++ b/app/views/partials/experiment-info.blade.php @@ -192,7 +192,11 @@
+ @if($can_write === true) + @include('partials/sharing-display-body', array("form" => true)) + @else @include('partials/sharing-display-body', array("form" => false)) + @endif
@if( !isset( $dashboard)) @@ -320,11 +324,17 @@ class="btn btn-default" @endif +@if($can_write === true) +@include('partials/sharing-form-modal') +@endif + @section('scripts') @parent {{ HTML::script('js/time-conversion.js')}} {{ HTML::script('js/sharing/sharing_utils.js') }} {{ HTML::script('js/sharing/share.js') }} diff --git a/app/views/partials/sharing-form-modal.blade.php b/app/views/partials/sharing-form-modal.blade.php index b66a66670..dee2036bf 100644 --- a/app/views/partials/sharing-form-modal.blade.php +++ b/app/views/partials/sharing-form-modal.blade.php @@ -10,7 +10,7 @@ @include('partials/sharing-form-body')
- +
From 81628aaa47b7c27395cccb640708a4bfe1706467 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 13:40:03 -0400 Subject: [PATCH 20/21] fixed experiment ownership nomenclature issue --- app/libraries/ExperimentUtilities.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/libraries/ExperimentUtilities.php b/app/libraries/ExperimentUtilities.php index 631cb98ce..9cc63a572 100755 --- a/app/libraries/ExperimentUtilities.php +++ b/app/libraries/ExperimentUtilities.php @@ -1326,9 +1326,9 @@ public static function create_application_select($id = null, $editable = true) */ private static function share_experiment($expId, $users) { $experiment = ExperimentUtilities::get_experiment($expId); - $users->{$experiment->owner} = new stdClass(); - $users->{$experiment->owner}->read = true; - $users->{$experiment->owner}->write = true; + $users->{$experiment->userName} = new stdClass(); + $users->{$experiment->userName}->read = true; + $users->{$experiment->userName}->write = true; $wadd = array(); $wrevoke = array(); From 9ff72964597e971cd43487c60bc06e57dbd6ce98 Mon Sep 17 00:00:00 2001 From: Jeff Kinnison Date: Wed, 17 Aug 2016 13:56:27 -0400 Subject: [PATCH 21/21] Fixed create-complete screen --- app/controllers/ExperimentController.php | 3 ++- app/views/experiment/create-complete.blade.php | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/app/controllers/ExperimentController.php b/app/controllers/ExperimentController.php index 2cee7ab23..3a3dcdacf 100755 --- a/app/controllers/ExperimentController.php +++ b/app/controllers/ExperimentController.php @@ -74,8 +74,9 @@ public function createSubmit() ); $users = SharingUtilities::getProfilesForSharedUsers($_POST['project'], ResourceType::PROJECT); + $owner = array(); - return View::make("experiment/create-complete", array("expInputs" => $experimentInputs, "users" => json_encode($users))); + return View::make("experiment/create-complete", array("expInputs" => $experimentInputs, "users" => json_encode($users), "owner" => json_encode($owner))); } else if (isset($_POST['save']) || isset($_POST['launch'])) { $expId = ExperimentUtilities::create_experiment(); diff --git a/app/views/experiment/create-complete.blade.php b/app/views/experiment/create-complete.blade.php index ef76bcd99..7ae755a81 100755 --- a/app/views/experiment/create-complete.blade.php +++ b/app/views/experiment/create-complete.blade.php @@ -46,6 +46,7 @@ @parent {{ HTML::script('js/sharing/sharing_utils.js') }}