Bug #3573: [Workbench] When showing a shared project, do not include "Home" in breadcrumbs. - Arvados

Custom queries

All assigned issues
All issues assigned for grooming
My issues for grooming
My issues for grooming (no story pts)
Prioritized open issues

Actions

Copy link

Bug #3573

open

[Workbench] When showing a shared project, do not include "Home" in breadcrumbs.

Added by Tom Clegg over 10 years ago. Updated over 3 years ago.

Status:

New

Priority:

Normal

Assigned To:

Category:

Target version:

Start date:

Due date:

% Done:

Estimated time:

Story points:

0.5

Related issues 2 (0 open — 2 closed)

Related to Arvados - Bug #6234: [Workbench] Admins should be able to edit their own user records, and view other users' home projects" from title

Resolved

Radhika Chippada

06/10/2015

Actions

Has duplicate Arvados - Bug #3588: [Workbench] When looking at a project shared with you (but not owned by you), the breadcrumbs still indicate it is under your "Home" project.

Duplicate

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by Tom Clegg almost 10 years ago

Target version set to Arvados Future Sprints

Actions

Copy link

Updated by Tom Clegg over 9 years ago

Updated version after meeting:

Given the following ownership hierarchy, where A <--- B signifies "B.owner_uuid==A.uuid":

system_user <--- user_A <--- project_A_shared
            <--- user_B <--- project_B_shared
            <--- user_C <--- project_C_shared
            <--- user_D <--- project_D_private <--- project_D_shared <--- project_D2_shared
            <--- user_I <--- project_I_private

And assuming:

I am user_I
I can read user_A and user_A's home project contents (e.g., I administer a group that user_A belongs to)
I can read user_B (e.g., we are members of the same organizational group) but I cannot read user_B's home project
I cannot read user_C at all (which implies I cannot read user_C's home project)

When I view...	Breadcrumbs look like...	Notes
my own home project	Home (user_I)	`Home (<%= user_I.friendly_link_name %>)`
project_I_private	Home (user_I) → project_I_private
user_A's home project	Home (user_A)	The only reason I see user_A's name in breadcrumbs is that it's part of the name of a project I can click/view.
project_A_shared	Home (user_A) → project_A_shared	(ditto)
project_B_shared	Shared projects → project_B_shared	"Shared projects" is just that literal string, and isn't clickable. This is what "other people's projects" look like to regular (non-sysadmin, non-group-admin) users.
project_C_shared	Shared projects → project_C_shared
project_D_shared	Shared projects → project_D_shared
project_D2_shared	Shared projects → project_D_shared → project_D2_shared

If a non-project group appears in the ownership chain, display it but don't make it clickable. (Or, alternatively, confirm this situation is prevented by API server validations.)

Implementation¶

The distinctions between the various cases aren't about whether a given "owner" object is current_user, but rather whether current_user can view that object as a project. In practice this is true IFF

the owner is a group object which can be fetched, or
the owner is a user object for which we can call arvados.v1.groups.contents (calling it with limit=0 might be the best way to check this).

Actions

Copy link