fix member list access and no show main WG for admin

internet2 · Jan 9, 2022 · 8f25ede · 8f25ede
1 parent 01c22cf
commit 8f25ede
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 52 deletions.
diff --git a/Controller/GrouperGroupsController.php b/Controller/GrouperGroupsController.php
@@ -726,11 +726,7 @@ private function breakoutGroups(array $recordSet, $type = 'basic') {
           $wgRec['workingDesc'] = $this->hackDescription($rec['description']);
           //Capturing record for incommon-collab since deleting a few lines below.
           if ($rec['WGApp'] == 'incommon-collab') {
-            if ($type == 'basic') {
-              //Removing record with stem of 'incommon-collab' since displaying on groups Member page,
-              // will show on Admin page
-              unset($wgRec['Groups'][$subCount]);
-            }
+            unset($wgRec['Groups'][$subCount]);
           }
           $subCount += 1;
         }

diff --git a/Lib/GrouperApiAccess.php b/Lib/GrouperApiAccess.php
@@ -264,20 +264,12 @@ public function removeDuplicates(array $arrOne, array $arrTwo) {
   public function getMembersInGroup(array $queryData) {
 
     try {
-      // First verify that user has read access to group
-      $privs = array('read', 'admin', 'update');
-      if ($this->verifyPrivileges($queryData, $privs) === false) {
-        return array(
-          array(
-            "sourceId" => "ldap",
-            "name" => "You do not have access to memberships"
-          )
-        );
-      }
-
       //Build request logic
       $usersToShow = array(
         "WsRestGetMembersRequest" => array(
+          "actAsSubjectLookup" => array(
+            "subjectId" => $queryData['userId']
+          ),
           "wsGroupLookups" => array(
             array("groupName" => $queryData['groupName'])
           ),
@@ -304,42 +296,6 @@ public function getMembersInGroup(array $queryData) {
     return array();
   }
 
-  /**
-   * @param array $queryData Array of conditions for querying
-   * @param array $privilege attributes that need verifying for a user
-   * @return bool If user has said attribute correctly set
-   * @throws GrouperLiteException
-   */
-  public function verifyPrivileges(array $queryData, array $privileges) {
-    //Build request logic
-    $verifyPrivs = array(
-      "WsRestGetGrouperPrivilegesLiteRequest" => array(
-        "privilegeName" => $privilege,
-        "groupName" => $queryData['groupName'],
-        "subjectId" => $queryData['userId']
-      )
-    );
-
-    $this->http->setHeader(array('Content-Type' => 'application/json', 'Accept' => 'application/json'));
-    $connectionUrl = "{$this->config['fullUrl']}/grouperPrivileges";
-
-    try {
-      $results = $this->http->sendRequest('POST', $connectionUrl, json_encode($verifyPrivs));
-
-      // Parse out relevant records to send front end
-      if (isset($results['WsGetGrouperPrivilegesLiteResult']['resultMetadata']['resultCode']) && $results['WsGetGrouperPrivilegesLiteResult']['resultMetadata']['resultCode'] != NULL) {
-        if ($results['WsGetGrouperPrivilegesLiteResult']['resultMetadata']['resultCode'] == 'SUCCESS_ALLOWED') {
-          return true;
-        }
-      }
-    } catch (Exception $e) {
-      CakeLog::write('error', __METHOD__ . ': An error occurred');
-      throw $e;
-    }
-
-    return false;
-  }
-
   /**
    * Gets all Stems/Folders where User is admin/owner
    *