1. 16 Feb, 2018 1 commit
  2. 17 Apr, 2017 1 commit
    • Leigh Stoller's avatar
      Attempt to operate in an admin mode for reservations · 188f041f
      Leigh Stoller authored
      So, one reason the fast RPC path is fast cause we do not normally
      operate with credentials, but with reservations we have to since we want
      the reservation creator to be a real user and of course the project has
      to exist. Need credentials for that. But when an admin is editing or
      creating a reservation in another project, we need the admin user to
      exist too, and we might need the project to be created. That requires
      different credentials. So in an attempt to deal more generally with the
      admin problem, export an entrypoint to create a user (the admin user)
      before trying to create a reservation. Not sure this is the best way to
      go but its one way to go.
      
      In general, I think we need a more explicit user/project management API
      for the Portal. Needs more thought.
      188f041f
  3. 03 Nov, 2016 1 commit
  4. 07 Oct, 2016 1 commit
  5. 04 Oct, 2016 1 commit
  6. 29 Aug, 2016 2 commits
  7. 25 Apr, 2016 1 commit
  8. 29 Mar, 2016 1 commit
  9. 01 Mar, 2016 1 commit
    • Leigh Stoller's avatar
      Some tweaks to credential handling: · 3ebffb34
      Leigh Stoller authored
      1) Anytime we need to generate a slice credential, and the slice has
         expired, bump the slice expiration so we can create a valid credential
         and then reset the expiration. Consider if the slice expires but we
         missed it and its still active; we gotta be able to control it.
      
      2) From the beginning, we have done almost all RPC operations as the
         creator of the experiment. Made sense when the portal interface was not
         project aware, but now other users in the project can see and mess with
         experiments in their project. But we are still doing all the RPC
         operations as the creator of the experiment, which will need to change
         at some point, but in the short term I am seeing a lot of credential
         errors caused by an expired speaks-for credential for that creator (if
         they have not logged into the portal in a while). When this happens,
         lets generate a plain slice credential, issued to the SA, so that we can
         complete the operation. Eventually we have to make the backend project
         aware, and issue the operations as the web user doing the driving.
         Maybe as part of the larger portalization project.
      3ebffb34
  10. 22 Feb, 2016 1 commit
  11. 21 Aug, 2015 1 commit
  12. 22 May, 2015 1 commit
  13. 30 Apr, 2015 1 commit
  14. 03 Dec, 2014 1 commit
  15. 28 Oct, 2014 1 commit