Commit 3ba4addb authored by Wim Van de Meerssche's avatar Wim Van de Meerssche Committed by Leigh Stoller

fixed users being able to bind a slice to a user not in the slice project

parent 516f341c
......@@ -958,12 +958,6 @@ sub GetKeys($)
sub BindToSlice($)
{
my ($argref) = @_;
return BindToSliceInternal($argref, 0);
}
sub BindToSliceInternal($$)
{
my ($argref, $ignore_subauthority) = @_;
my $cred = $argref->{'credential'};
my $creds = $argref->{'credentials'};
my $urn = $argref->{'urn'};
......@@ -1017,7 +1011,7 @@ sub BindToSliceInternal($$)
undef, "No such user here");
}
if (defined ($ignore_subauthority) && $ignore_subauthority && ! $allow_nonproject_slice_share) {
if (!$allow_nonproject_slice_share) {
#check if target user is member of project of slice
my ($slice_authority, $slice_type, $slice_name) = GeniHRN::Parse( $slice->urn() );
my @slice_auth_parts = split(':', $slice_authority);
......
......@@ -646,7 +646,7 @@ sub ModifySliceMembership()
foreach my $current (@{ $adding }) {
if (exists($current->{'SLICE_MEMBER'})) {
$params->{"urn"} = $current->{'SLICE_MEMBER'};
my $result = GeniSA::BindToSliceInternal($params, 1);
my $result = GeniSA::BindToSlice($params);
if (GeniResponse::IsError($result)) {
return $result;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment