Commit 3ba4addb authored by Wim Van de Meerssche's avatar Wim Van de Meerssche Committed by Leigh Stoller

fixed users being able to bind a slice to a user not in the slice project

parent 516f341c
...@@ -958,12 +958,6 @@ sub GetKeys($) ...@@ -958,12 +958,6 @@ sub GetKeys($)
sub BindToSlice($) sub BindToSlice($)
{ {
my ($argref) = @_; my ($argref) = @_;
return BindToSliceInternal($argref, 0);
}
sub BindToSliceInternal($$)
{
my ($argref, $ignore_subauthority) = @_;
my $cred = $argref->{'credential'}; my $cred = $argref->{'credential'};
my $creds = $argref->{'credentials'}; my $creds = $argref->{'credentials'};
my $urn = $argref->{'urn'}; my $urn = $argref->{'urn'};
...@@ -1017,7 +1011,7 @@ sub BindToSliceInternal($$) ...@@ -1017,7 +1011,7 @@ sub BindToSliceInternal($$)
undef, "No such user here"); undef, "No such user here");
} }
if (defined ($ignore_subauthority) && $ignore_subauthority && ! $allow_nonproject_slice_share) { if (!$allow_nonproject_slice_share) {
#check if target user is member of project of slice #check if target user is member of project of slice
my ($slice_authority, $slice_type, $slice_name) = GeniHRN::Parse( $slice->urn() ); my ($slice_authority, $slice_type, $slice_name) = GeniHRN::Parse( $slice->urn() );
my @slice_auth_parts = split(':', $slice_authority); my @slice_auth_parts = split(':', $slice_authority);
......
...@@ -646,7 +646,7 @@ sub ModifySliceMembership() ...@@ -646,7 +646,7 @@ sub ModifySliceMembership()
foreach my $current (@{ $adding }) { foreach my $current (@{ $adding }) {
if (exists($current->{'SLICE_MEMBER'})) { if (exists($current->{'SLICE_MEMBER'})) {
$params->{"urn"} = $current->{'SLICE_MEMBER'}; $params->{"urn"} = $current->{'SLICE_MEMBER'};
my $result = GeniSA::BindToSliceInternal($params, 1); my $result = GeniSA::BindToSlice($params);
if (GeniResponse::IsError($result)) { if (GeniResponse::IsError($result)) {
return $result; return $result;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment