airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Christie (Jira)" <j...@apache.org>
Subject [jira] [Resolved] (AIRAVATA-3320) Disallow editing GRP when user doesn't have at least READ access to credential token(s)
Date Wed, 05 Aug 2020 23:01:00 GMT

     [ https://issues.apache.org/jira/browse/AIRAVATA-3320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Marcus Christie resolved AIRAVATA-3320.
---------------------------------------
    Resolution: Fixed

> Disallow editing GRP when user doesn't have at least READ access to credential token(s)
> ---------------------------------------------------------------------------------------
>
>                 Key: AIRAVATA-3320
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-3320
>             Project: Airavata
>          Issue Type: Bug
>          Components: Django Portal
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> Currently, if a user edits a GroupResourceProfile (GRP) but doesn't have at least READ
access to the GRP's default credential token, then it appears as though no default credential
token is set since that token is not populated in the list of the credential token drop down.
 Likewise with the resource specific credential token of GRP compute resource preferences.
> When a user has WRITE access to a GRP but not READ access to one or more of the credential
tokens referenced in the GRP, the user should not be allowed to edit it.
> h5. TODO
> - [x] update GroupResourceProfileSerializer.get_userHasWriteAccess to also check for
READ access to defaultCredentialStoreToken and each computePreference resourceSpecificCredentialStoreToken
> - create a readonly UI of GRP so users can at least see details, and see which credentials
user doesn't have access to - created issue AIRAVATA-3321



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message