1. 22 May, 2015 7 commits
  2. 30 Apr, 2015 2 commits
  3. 22 Apr, 2015 1 commit
  4. 21 Apr, 2015 1 commit
  5. 10 Apr, 2015 1 commit
  6. 03 Apr, 2015 1 commit
  7. 01 Apr, 2015 1 commit
    • Leigh B Stoller's avatar
      Tighten up permissions granted to geni users coming from the GPO Portal. · 105c42e1
      Leigh B Stoller authored
      We now ask the portal for a the user's project membership list, and if the
      user is not a member of any (unexpired) projects, we do not allow them to
      create experiments (or much of anything else) in the Cloud Portal. I did
      this by setting the local holding project trust to "user" and setting the
      webonly bit in the users table. The user can use the picker to see public
      profiles, but the create button tells them no dice, go join a project at
      the GPO portal.
      We make the project check each time the user logs in via the trusted
  8. 31 Mar, 2015 1 commit
  9. 19 Mar, 2015 1 commit
  10. 13 Mar, 2015 1 commit
    • Leigh B Stoller's avatar
      Checkpoint various changes. · 0d09773b
      Leigh B Stoller authored
      * Various UI tweaks for profile versioning.
      * Roll out profile versioning for all users.
      * Disable/Hide publishing for now.
      * Move profile/version URLs into a modal that is invoked by a new Share
        button, that explains things a little better.
      * Unify profile permissions between APT/Cloudlab. Users now see just two
        choices; project or anyone, where anyone includes guest users in the APT
        interface, for now.
      * Get rid of "List on the front page" checkbox, all public profiles will be
        listed, but red-dot can still set that bit.
      * Return the publicURL dynamically in the status blob, and set/show the
        sliver info button as soon as we get it.
      * Console password support; if the aggregate returns the console password,
        add an item to the context menu to show it.
      * Other stuff.
  11. 05 Mar, 2015 1 commit
  12. 02 Mar, 2015 1 commit
  13. 31 Jan, 2015 1 commit
  14. 30 Jan, 2015 1 commit
  15. 29 Jan, 2015 1 commit
  16. 27 Jan, 2015 1 commit
    • Leigh B Stoller's avatar
      Two co-mingled sets of changes: · 85cb063b
      Leigh B Stoller authored
      1) Implement the latest dataset read/write access settings from frontend to
         backend. Also updates for simultaneous read-only usage.
         The first changes the way that projects and users are treated at the
         CM. When set, we create real accounts (marked as nonlocal) for users and
         also create real projects (also marked as nonlocal). Users are added to
         those projects according to their credentials. The underlying experiment
         is thus owned by the user and in the project, although all the work is
         still done by the geniuser pseudo user. The advantage of this approach
         is that we can use standard emulab access checks to control access to
         objects like datasets. Maybe images too at some point.
         NOTE: Users are not removed from projects once they are added; we are
         going to need to deal with this, perhaps by adding an expiration stamp
         to the groups_membership tables, and using the credential expiration to
         mark it.
         The second new configure option turns on the web login via the geni
         trusted signer. So, if I create a sliver on a backend cluster when both
         options are set, I can use the trusted signer to log into my newly
         created account on the cluster, and see it (via the emulab classic web
         All this is in flux, might end up being a bogus approach in the end.
  17. 20 Jan, 2015 2 commits
  18. 08 Jan, 2015 2 commits
  19. 03 Jan, 2015 1 commit
  20. 11 Dec, 2014 3 commits
  21. 10 Dec, 2014 1 commit
  22. 05 Dec, 2014 2 commits
  23. 04 Dec, 2014 1 commit
  24. 03 Dec, 2014 2 commits
  25. 04 Nov, 2014 1 commit
  26. 28 Oct, 2014 1 commit
  27. 27 Oct, 2014 1 commit