airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Christie (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AIRAVATA-2207) Gateway admins cannot view experiments launched by gateway users in Experiment Statistics
Date Thu, 03 Nov 2016 19:05:58 GMT

    [ https://issues.apache.org/jira/browse/AIRAVATA-2207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15633864#comment-15633864
] 

Marcus Christie commented on AIRAVATA-2207:
-------------------------------------------

The problem is that Airavata::getExperiments in the API server applies the sharing registry
permissions and the admin user doesn't have READ access.

https://github.com/machristie/airavata/blob/0300c5233fa7a84d8157f84801ad25aab8f4ffb5/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java#L1184-L1184

Supun suggested the following on Hipchat
{quote}
\[2:54 PM] Supun Chathuranaga Nakandala: @marcus my suggestion is that we add new API method
getExperimentByAdmin and by pass the sharing module in that API method
\[2:55 PM] Supun Chathuranaga Nakandala: from hte XACML security definitions we can enforce
that only a user with admin role can invoke that
\[2:55 PM] Supun Chathuranaga Nakandala: but we still need to check that gateway of the admin
user and the experiment is the same
\[2:56 PM] Supun Chathuranaga Nakandala: just my suggestion. I am open to other ideas
{quote}


> Gateway admins cannot view experiments launched by gateway users in Experiment Statistics
> -----------------------------------------------------------------------------------------
>
>                 Key: AIRAVATA-2207
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2207
>             Project: Airavata
>          Issue Type: Bug
>          Components: PGA PHP Web Gateway
>         Environment: https://dev.seagrid.org
>            Reporter: Eroma
>            Assignee: Marcus Christie
>         Attachments: Screen Shot 2016-11-03 at 11.15.40 AM.png
>
>
> In Admin dashboard -> Experiment Statistics page gateway admin should be able to view
any experiment. Currently when tried to view other users experiment summary throws error 'Exception:
User does not have permission to access this resource'
> Admin can only view his own experiments in experiment statistics



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message