Commit 3dc0f289 authored by Leigh Stoller's avatar Leigh Stoller

A few changes as per today's meeting:

* Get rid of login (and logout) by ajax. Use the modal, but do a
  normal form submit so that the page is refreshed properly.

* Bug fix for - and _ not working in Firefox/Shellinabox window; thank
  you google search.

* Fix for NaN dates on Firefox. Turns out Javascript Date() is not
  rfcwhatever compliant. Too funny.

* Fix permission check that was allowing guest user to see and use
  someone else's experiments.
parent f28ed0a9
......@@ -33,10 +33,5 @@ window.APT_OPTIONS.initialize = function (sup)
sup.ShowModal('#verify_modal');
}
$('#quickvm_login_modal_button').click(function (event) {
event.preventDefault();
sup.LoginByModal();
});
$('body').show();
}
......@@ -532,7 +532,6 @@ function StartCountdownClock(when)
// Reformat in local time and show the user.
var local_date = new Date(when);
local_date.setHours(local_date.getHours() + timeOffsetInHours);
var local_string = local_date.format("yyyy-mm-dd hh:MM:ss Z");
$("#quickvm_expires").html(local_string);
......@@ -895,89 +894,6 @@ function ShowUploadedRspec(content)
300, topo);
}
/*
* Try to log the user in via an ajax call.
*/
function LoginByModal()
{
var uid = $("#quickvm_login_form [name='uid']").val();
var password = $("#quickvm_login_form [name='password']").val();
// Clear previous error.
$("#quickvm_login_form_error").html("");
var callback = function(json) {
if (json.code) {
$("#quickvm_login_form_error").html("Login failed. Try again?");
}
else {
// Clear previous error.
$("#quickvm_login_form_error").html("");
$("#loginstatus").html("<a>" + uid + " logged in</a>");
$("#loginstatus").removeClass("hidden");
$("#quickvm_actions_menu").removeClass("hidden");
$("#loginbutton").addClass("hidden");
$("#quickvm_login_form_error").html(
"<center>" + "Login successful</center><br>");
setTimeout(function() {
HideModal("#quickvm_login_modal");
$("#quickvm_login_form_error").html("");
}, 2000);
}
}
var xmlthing = $.ajax({
// the URL for the request
url: "login.php",
// the data to send (will be converted to a query string)
data: {
ajax_request: 1,
uid: uid,
password: password
},
// whether this is a POST or GET request
type: "POST",
// the type of data we expect back
dataType : "json",
});
xmlthing.done(callback);
}
/*
* log the user out via an ajax call.
*/
function Logout()
{
var callback = function(json) {
if (json.code) {
alert("Logout failed!");
}
else {
$("#loginstatus").addClass("hidden");
$("#quickvm_actions_menu").addClass("hidden");
$("#loginbutton").removeClass("hidden");
}
}
var xmlthing = $.ajax({
// the URL for the request
url: "logout.php",
// the data to send (will be converted to a query string)
data: {
ajax_request: 1,
},
// whether this is a POST or GET request
type: "GET",
// the type of data we expect back
dataType : "json",
});
xmlthing.done(callback);
}
// Exports from this module for use elsewhere
return {
Extend: Extend,
......@@ -992,8 +908,6 @@ return {
Terminate: Terminate,
UpdateProfileSelection: UpdateProfileSelection,
ShowUploadedRspec: ShowUploadedRspec,
LoginByModal: LoginByModal,
Logout: Logout,
ConvertManifestToJSON: ConvertManifestToJSON,
maketopmap: maketopmap,
CallMethod: CallMethod,
......
......@@ -106,7 +106,11 @@ if (!$creator) {
if (get_class($creator) == "User") {
if (! (isset($this_user) &&
($creator->uuid() == $this_user->uuid() || ISADMIN()))) {
if ($ajax_request) {
SPITAJAX_ERROR(1, "You do not have permission!");
exit();
}
PAGEERROR("You do not have permission to look at this experiment!");
}
}
$slice = GeniSlice::Lookup("sa", $instance->slice_uuid());
......@@ -148,7 +152,8 @@ if (isset($ajax_request)) {
if ($retval == 0) {
# Refresh.
$slice = GeniSlice::Lookup("sa", $instance->slice_uuid());
$new_expires = gmdate("Y-m-d H:i:s",strtotime($slice->expires()));
$new_expires = gmdate("Y-m-d\TH:i:s\Z",
strtotime($slice->expires()));
SPITAJAX_RESPONSE($new_expires);
......@@ -176,7 +181,7 @@ $slice_urn = "n/a";
$slice_expires = "n/a";
if (isset($slice)) {
$slice_urn = $slice->urn();
$slice_expires = gmdate("Y-m-d H:i:s", strtotime($slice->expires()));
$slice_expires = gmdate("Y-m-d\TH:i:s\Z", strtotime($slice->expires()));
}
$instance_status = $instance->status();
$creator_uid = $creator->uid();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment