Project

General

Profile

Actions
Copy link

Bug #3573

open

[Workbench] When showing a shared project, do not include "Home" in breadcrumbs.

Added by Tom Clegg over 9 years ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
-
Target version:
Future
Story points:
0.5
Release:
Postponed
Release relationship:
Auto

Related issues

Related to Arvados - Bug #6234: [Workbench] Admins should be able to edit their own user records, and view other users' home projects" from titleResolvedRadhika Chippada06/10/2015Actions
Has duplicate Arvados - Bug #3588: [Workbench] When looking at a project shared with you (but not owned by you), the breadcrumbs still indicate it is under your "Home" project.DuplicateActions
Actions
Copy link
 #1

Updated by Tom Clegg about 9 years ago

  • Target version set to Arvados Future Sprints
Actions
Copy link
 #2

Updated by Tom Clegg almost 9 years ago

Updated version after meeting:

Given the following ownership hierarchy, where A <--- B signifies "B.owner_uuid==A.uuid":

system_user <--- user_A <--- project_A_shared
            <--- user_B <--- project_B_shared
            <--- user_C <--- project_C_shared
            <--- user_D <--- project_D_private <--- project_D_shared <--- project_D2_shared
            <--- user_I <--- project_I_private

And assuming:
  • I am user_I
  • I can read user_A and user_A's home project contents (e.g., I administer a group that user_A belongs to)
  • I can read user_B (e.g., we are members of the same organizational group) but I cannot read user_B's home project
  • I cannot read user_C at all (which implies I cannot read user_C's home project)
When I view... Breadcrumbs look like... Notes
my own home project Home (user_I) Home (<%= user_I.friendly_link_name %>)
project_I_private Home (user_I) → project_I_private
user_A's home project Home (user_A) The only reason I see user_A's name in breadcrumbs is that it's part of the name of a project I can click/view.
project_A_shared Home (user_A) → project_A_shared (ditto)
project_B_shared Shared projects → project_B_shared "Shared projects" is just that literal string, and isn't clickable.
This is what "other people's projects" look like to regular (non-sysadmin, non-group-admin) users.
project_C_shared Shared projects → project_C_shared
project_D_shared Shared projects → project_D_shared
project_D2_shared Shared projects → project_D_shared → project_D2_shared

If a non-project group appears in the ownership chain, display it but don't make it clickable. (Or, alternatively, confirm this situation is prevented by API server validations.)

Implementation

The distinctions between the various cases aren't about whether a given "owner" object is current_user, but rather whether current_user can view that object as a project. In practice this is true IFF
  • the owner is a group object which can be fetched, or
  • the owner is a user object for which we can call arvados.v1.groups.contents (calling it with limit=0 might be the best way to check this).
Actions
Copy link
 #3

Updated by Ward Vandewege almost 3 years ago

  • Target version deleted (Arvados Future Sprints)
Actions
Copy link
 #4

Updated by Peter Amstutz about 1 year ago

  • Release set to 60
Actions
Copy link
 #5

Updated by Peter Amstutz about 2 months ago

  • Target version set to Future
Actions
Copy link

Also available in: Atom PDF