Commit 942ddf1d authored by Leigh B Stoller's avatar Leigh B Stoller

Enable profile deletion for non-APT projects. There are still some

interactions with versioning that need to be worked out, since only
the head version can be deleted.
parent 16ac2d6b
......@@ -94,6 +94,7 @@ use EmulabFeatures;
sub fatal($);
sub UserError(;$);
sub DeleteProfile($);
sub CanDelete($);
sub PublishProfile($);
# Parse args below.
......@@ -585,15 +586,12 @@ sub DeleteProfile($)
if (!defined($profile)) {
fatal("No such profile exists");
}
#
# Not allowed to delete a published profile, yet. Needs thought.
#
if (defined($profile->published()) && !$this_user->IsAdmin()) {
UserError("Not allowed to delete a published profile");
}
if (!$profile->IsHead()) {
UserError("Only allowed to delete the most recent profile");
}
if (!CanDelete($profile)) {
UserError("Not allowed to delete this profile (version)");
}
#
# Version zero is special of course.
#
......@@ -626,3 +624,27 @@ sub PublishProfile($)
fatal("Could not publish profile");
return 0;
}
#
#
#
sub CanDelete($)
{
my ($profile) = @_;
# Want to know if the project is APT or Cloud/Emulab. APT projects
# may not delete profiles (yet).
my $project = Project->Lookup($profile->pid_idx());
return 0
if (!defined($project));
return 0
if (!$profile->IsHead());
return 1
if ($this_user->IsAdmin() || $this_user->stud());
return 1
if (!$project->isAPT());
# APT profiles may not be deleted if published.
return 1
if (!$profile->published());
return 0;
}
......@@ -105,18 +105,11 @@ function Do_DeleteProfile()
SPITAJAX_ERROR(1, "Unknown profile uuid");
return;
}
if ($this_idx != $profile->creator_idx() && !ISADMIN()) {
if (!$profile->CanDelete($this_user)) {
SPITAJAX_ERROR(1, "Not enough permission");
return;
}
if (!$profile->IsHead()) {
SPITAJAX_ERROR(1, "Not allowed to delete non-head version");
return;
}
if ($profile->published() && !ISADMIN()) {
SPITAJAX_ERROR(1, "Not allowed to delete a published version");
return;
}
#
# Invoke backend.
#
......
......@@ -74,8 +74,7 @@ function SPITFORM($formfields, $errors)
$viewing = 1;
$version_uuid = "'" . $profile->uuid() . "'";
$profile_uuid = "'" . $profile->profile_uuid() . "'";
$candelete = ($profile->IsHead() &&
(!$profile->published() || ISADMIN()) ? 1 : 0);
$candelete = ($profile->CanDelete($this_user) ? 1 : 0);
$history = ($profile->HasHistory() ? 1 : 0);
$canmodify = ($profile->CanModify() ? 1 : 0);
$canpublish = ($profile->CanPublish() ? 1 : 0);
......
......@@ -395,6 +395,28 @@ class Profile
function CanView($user) {
return $this->CanInstantiate($user);
}
function CanDelete($user) {
# Want to know if the project is APT or Cloud/Emulab. APT projects
# may not delete profiles (yet).
$project = Project::Lookup($this->pid_idx());
if (!$project) {
return 0;
}
if (!$this->IsHead()) {
return 0;
}
if (ISADMIN() || STUDLY()) {
return 1;
}
if (!$project->isAPT()) {
return 1;
}
# APT profiles may not be deleted if published.
if (!$this->published()) {
return 1;
}
return 0;
}
function BestAggregate($rspec = null) {
if (!$rspec) {
......
......@@ -426,13 +426,26 @@
<div id='delete_modal' class='modal fade'>
<div class='modal-dialog'>
<div class='modal-content'>
<div class='modal-header'>
<center><h4>Confirm to Delete</h4></center>
</div>
<div class='modal-body'>
<button type='button' class='close' data-dismiss='modal'
aria-hidden='true'>&times;</button>
<center><h3>Confirm to Delete</h3>
<a class='btn btn-danger btn-sm'
id='delete-confirm'
type='button' name='delete'>Confirm</a></center>
<p><em>Warning; deleting a profile cannot be undone!</em> In
addition, if you have published links to this profile, or sent
links to collaborators, those links <b>will no longer be valid</b>.
</p>
<br>
<center>
<button class='btn btn-danger btn-sm'
id='delete-confirm'
style='margin-right: 10px;'
type='button' name='delete'>Confirm
</button>
<button class='btn btn-default btn-sm'
data-dismiss='modal'
type='button'>Cancel
</button>
</center>
</div>
</div>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment