All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit 3ba4addb authored by Wim Van de Meerssche's avatar Wim Van de Meerssche Committed by Leigh B Stoller

fixed users being able to bind a slice to a user not in the slice project

parent 516f341c
......@@ -958,12 +958,6 @@ sub GetKeys($)
sub BindToSlice($)
{
my ($argref) = @_;
return BindToSliceInternal($argref, 0);
}
sub BindToSliceInternal($$)
{
my ($argref, $ignore_subauthority) = @_;
my $cred = $argref->{'credential'};
my $creds = $argref->{'credentials'};
my $urn = $argref->{'urn'};
......@@ -1017,7 +1011,7 @@ sub BindToSliceInternal($$)
undef, "No such user here");
}
if (defined ($ignore_subauthority) && $ignore_subauthority && ! $allow_nonproject_slice_share) {
if (!$allow_nonproject_slice_share) {
#check if target user is member of project of slice
my ($slice_authority, $slice_type, $slice_name) = GeniHRN::Parse( $slice->urn() );
my @slice_auth_parts = split(':', $slice_authority);
......
......@@ -646,7 +646,7 @@ sub ModifySliceMembership()
foreach my $current (@{ $adding }) {
if (exists($current->{'SLICE_MEMBER'})) {
$params->{"urn"} = $current->{'SLICE_MEMBER'};
my $result = GeniSA::BindToSliceInternal($params, 1);
my $result = GeniSA::BindToSlice($params);
if (GeniResponse::IsError($result)) {
return $result;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment