From c8396ad1b6cf17a60769496c3b51aa1e390575cc Mon Sep 17 00:00:00 2001
From: Loic Baron <loic.baron@lip6.fr>
Date: Tue, 27 Jan 2015 18:37:24 +0100
Subject: [PATCH] Projects: Management, Slice Request, localStorage, ...

---
 portal/accountview.py                         | 32 ++++---
 portal/actions.py                             | 70 ++++++++++------
 portal/dashboardview.py                       |  2 +-
 portal/institution.py                         | 20 +++--
 portal/managementtabrequests.py               | 10 ++-
 portal/slicerequestview.py                    | 11 ++-
 portal/static/js/myslice.js                   | 52 +++++-------
 portal/templates/base.html                    |  8 +-
 .../fed4fire/fed4fire_account-view.html       | 35 ++++----
 .../fed4fire/fed4fire_home-view.html          | 83 -------------------
 .../fed4fire/fed4fire_institution.html        | 22 ++++-
 .../fed4fire/fed4fire_slicerequest_view.html  | 53 ++++++++----
 portal/templates/slice-request-done-view.html |  6 +-
 portal/validationview.py                      |  2 +-
 14 files changed, 199 insertions(+), 207 deletions(-)

diff --git a/portal/accountview.py b/portal/accountview.py
index 5b9c0d87..264948ac 100644
--- a/portal/accountview.py
+++ b/portal/accountview.py
@@ -38,8 +38,8 @@ class AccountView(LoginRequiredAutoLogoutView, ThemeView):
         page.add_css_files ( [ "css/onelab.css", "css/account_view.css","css/plugin.css" ] )
 
         # Execute a Query to delegate credentials if necessary
-        sfa_user_query  = Query().get('myslice:user').select('user_hrn').filter_by('user_hrn','==','$user_hrn')
-        sfa_user_result = execute_query(self.request, sfa_user_query)
+        #sfa_user_query  = Query().get('myslice:user').select('user_hrn').filter_by('user_hrn','==','$user_hrn')
+        #sfa_user_result = execute_query(self.request, sfa_user_query)
 
         user_query  = Query().get('local:user').select('config','email','status')
         user_details = execute_query(self.request, user_query)
@@ -298,7 +298,7 @@ def account_process(request):
     for account_detail in account_details:
         for platform_detail in platform_details:
             # Add reference account to the platforms
-            if 'add_'+platform_detail['platform'] in request.POST:
+            if 'add_'+platform_detail['platform'] in request.POST or request.POST['button_value'] == 'add_'+platform_detail['platform']:
                 platform_id = platform_detail['platform_id']
                 user_params = {'platform_id': platform_id, 'user_id': user_id, 'auth_type': "reference", 'config': '{"reference_platform": "myslice"}'}
                 manifold_add_account(request,user_params)
@@ -306,7 +306,7 @@ def account_process(request):
                 return HttpResponseRedirect("/portal/account/")
 
             # Delete reference account from the platforms
-            if 'delete_'+platform_detail['platform'] in request.POST:
+            if 'delete_'+platform_detail['platform'] in request.POST or request.POST['button_value'] == 'delete_'+platform_detail['platform']:
                 platform_id = platform_detail['platform_id']
                 user_params = {'user_id':user_id}
                 manifold_delete_account(request,platform_id, user_id, user_params)
@@ -331,7 +331,7 @@ def account_process(request):
             slice_cred.append(value)
         # special case: download each slice credentials separately 
         for i in range(0, len(slice_list)):
-            if 'dl_'+slice_list[i] in request.POST:
+            if 'dl_'+slice_list[i] in request.POST or request.POST['button_value'] == 'dl_'+slice_list[i]:
                 slice_detail = "Slice name: " + slice_list[i] +"\nSlice Credentials: \n"+ slice_cred[i]
                 response = HttpResponse(slice_detail, content_type='text/plain')
                 response['Content-Disposition'] = 'attachment; filename="slice_credential.txt"'
@@ -346,7 +346,7 @@ def account_process(request):
             auth_cred.append(value)
         # special case: download each slice credentials separately
         for i in range(0, len(auth_list)):
-            if 'dl_'+auth_list[i] in request.POST:
+            if 'dl_'+auth_list[i] in request.POST or request.POST['button_value'] == 'dl_'+auth_list[i]:
                 auth_detail = "Authority: " + auth_list[i] +"\nAuthority Credentials: \n"+ auth_cred[i]
                 response = HttpResponse(auth_detail, content_type='text/plain')
                 response['Content-Disposition'] = 'attachment; filename="auth_credential.txt"'
@@ -468,7 +468,7 @@ def account_process(request):
             messages.error(request, 'Account error: You need an account in myslice platform to perform this action')
             return HttpResponseRedirect("/portal/account/")
 
-    elif 'dl_pubkey' in request.POST:
+    elif 'dl_pubkey' in request.POST or request.POST['button_value'] == 'dl_pubkey':
         for account_detail in account_details:
             for platform_detail in platform_details:
                 if platform_detail['platform_id'] == account_detail['platform_id']:
@@ -483,7 +483,7 @@ def account_process(request):
             messages.error(request, 'Account error: You need an account in myslice platform to perform this action')
             return HttpResponseRedirect("/portal/account/")
                
-    elif 'dl_pkey' in request.POST:
+    elif 'dl_pkey' in request.POST or request.POST['button_value'] == 'dl_pkey':
         for account_detail in account_details:
             for platform_detail in platform_details:
                 if platform_detail['platform_id'] == account_detail['platform_id']:
@@ -502,7 +502,7 @@ def account_process(request):
             messages.error(request, 'Account error: You need an account in myslice platform to perform this action')
             return HttpResponseRedirect("/portal/account/")
     
-    elif 'delete' in request.POST:
+    elif 'delete' in request.POST or request.POST['button_value'] == 'delete':
         for account_detail in account_details:
             for platform_detail in platform_details:
                 if platform_detail['platform_id'] == account_detail['platform_id']:
@@ -528,7 +528,7 @@ def account_process(request):
             return HttpResponseRedirect("/portal/account/")
     
     # download identity for jfed
-    elif 'dl_identity' in request.POST:
+    elif 'dl_identity' in request.POST or request.POST['button_value'] == 'dl_identity':
         for account_detail in account_details:
             for platform_detail in platform_details:
                 if platform_detail['platform_id'] == account_detail['platform_id']:
@@ -551,7 +551,7 @@ def account_process(request):
             return HttpResponseRedirect("/portal/account/")
 
     # Download sfi_config
-    elif 'dl_sfi_config' in request.POST:
+    elif 'dl_sfi_config' in request.POST or request.POST['button_value'] == 'dl_sfi_config':
         platform_detail = get_myslice_platform(request)
         platform_config = json.loads(platform_detail['config'])
         account_detail = get_myslice_account(request)
@@ -585,7 +585,7 @@ def account_process(request):
         return response
 
     #clear all creds
-    elif 'clear_cred' in request.POST:
+    elif 'clear_cred' in request.POST or request.POST['button_value'] == 'clear_cred':
         try:
             result = clear_user_creds(request, user_email)
             if result is not None: 
@@ -598,7 +598,7 @@ def account_process(request):
         return HttpResponseRedirect("/portal/account/")
 
     # Download delegated_user_cred
-    elif 'dl_user_cred' in request.POST:
+    elif 'dl_user_cred' in request.POST or request.POST['button_value'] == 'dl_user_cred':
         if 'delegated_user_credential' in account_config:
             user_cred = account_config['delegated_user_credential']
             response = HttpResponse(user_cred, content_type='text/plain')
@@ -609,7 +609,7 @@ def account_process(request):
             return HttpResponseRedirect("/portal/account/")
 
     # Download user_cert
-    elif 'dl_user_cert' in request.POST:
+    elif 'dl_user_cert' in request.POST or request.POST['button_value'] == 'dl_user_cert':
         if 'user_credential' in account_config:
             user_cred = account_config['user_credential']
             obj_cred = Credential(string=user_cred)
@@ -632,7 +632,7 @@ def account_process(request):
             return HttpResponseRedirect("/portal/account/")
 
     # Download user p12 = private_key + Certificate
-    elif 'dl_user_p12' in request.POST:
+    elif 'dl_user_p12' in request.POST or request.POST['button_value'] == 'dl_user_p12':
         if 'user_credential' in account_config and 'user_private_key' in account_config:
             user_cred = account_config['user_credential']
             obj_cred = Credential(string=user_cred)
@@ -674,8 +674,6 @@ def account_process(request):
             messages.error(request, 'Download error: User private key or credential is not stored in the server')
             return HttpResponseRedirect("/portal/account/")
 
-
-
     else:
         messages.info(request, 'Under Construction. Please try again later!')
         return HttpResponseRedirect("/portal/account/")
diff --git a/portal/actions.py b/portal/actions.py
index 2075300d..90f7db9b 100644
--- a/portal/actions.py
+++ b/portal/actions.py
@@ -1,17 +1,19 @@
-from django.http                import HttpResponse
-from manifold.core.query        import Query
-from manifoldapi.manifoldapi    import execute_query,execute_admin_query
-from portal.models              import PendingUser, PendingSlice, PendingAuthority
+from django.http                    import HttpResponse
+from manifold.core.query            import Query
+from manifoldapi.manifoldapi        import execute_query,execute_admin_query
+from portal.models                  import PendingUser, PendingSlice, PendingAuthority
+from unfold.page                    import Page
+
 import json
 
-from django.contrib.auth.models  import User
-from django.contrib.sites.models import Site
-from django.contrib.auth        import get_user_model
-from django.template.loader     import render_to_string
-from django.core.mail           import EmailMultiAlternatives, send_mail
+from django.contrib.auth.models     import User
+from django.contrib.sites.models    import Site
+from django.contrib.auth            import get_user_model
+from django.template.loader         import render_to_string
+from django.core.mail               import EmailMultiAlternatives, send_mail
 
-from myslice.theme              import ThemeView
-from myslice.configengine       import ConfigEngine
+from myslice.theme                  import ThemeView
+from myslice.configengine           import ConfigEngine
 
 
 theme = ThemeView()
@@ -28,7 +30,7 @@ import activity.slice
 def authority_get_pis(request, authority_hrn):
 
     # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
-    query = Query.get('authority').filter_by('authority_hrn', '==', authority_hrn).select('pi_users')
+    query = Query.get('myslice:authority').filter_by('authority_hrn', '==', authority_hrn).select('pi_users')
     results = execute_admin_query(request, query)
     print "authority_get_pis = %s" % results
     # NOTE: temporarily commented. Because results is giving empty list. 
@@ -172,19 +174,26 @@ def clear_user_creds(request, user_email):
         return None
 
 def is_pi(wsgi_request, user_hrn, authority_hrn):
-    # XXX could be done in a single query !
-
-    # seauthorities from user where user_hrn == "ple.upmc.jordan_auge"
-
-    # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
-    query = Query.get('myslice:user').filter_by('user_hrn', '==', user_hrn).select('pi_authorities')
-    results = execute_admin_query(wsgi_request, query)
-    if not results:
-        # XXX Warning ?
-        return False
-    result = results[0]
-    user_authority_hrns = result.get('pi_authorities', [])
-    return authority_hrn in user_authority_hrns
+    # authorities from user where user_hrn == "ple.upmc.jordan_auge"
+    print "#### actions.py is_pi authority_hrn = ", authority_hrn
+    try:
+        # CACHE PB with fields
+        page = Page(wsgi_request)
+        metadata = page.get_metadata()
+        user_md = metadata.details_by_object('user')
+        user_fields = [column['name'] for column in user_md['column']]
+        
+        # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
+        query  = Query().get('myslice:user').select(user_fields).filter_by('user_hrn','==',user_hrn)
+        #query = Query.get('myslice:user').filter_by('user_hrn', '==', user_hrn).select('pi_authorities')
+        results = execute_query(wsgi_request, query)
+        print "is_pi results = ", results
+        for user_detail in results:
+            if authority_hrn in user_detail['pi_authorities']:
+                return True
+    except Exception,e:
+        print "Exception in actions.py in is_pi %s" % e
+    return False
     
 # SFA get record
 
@@ -694,9 +703,16 @@ def create_slice(wsgi_request, request):
     # Add User to Slice if we have the user_hrn in pendingslice table
     user_hrn = request.get('user_hrn', None)
     user_hrns = list([user_hrn]) if user_hrn else list()
-    
+   
+    # CACHE PB with fields
+    page = Page(wsgi_request)
+    metadata = page.get_metadata()
+    user_md = metadata.details_by_object('user')
+    user_fields = [column['name'] for column in user_md['column']]
+
     # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
-    user_query  = Query().get('myslice:user').select('user_hrn','user_email').filter_by('user_hrn','==',user_hrn)
+    #user_query  = Query().get('myslice:user').select('user_hrn','user_email').filter_by('user_hrn','==',user_hrn)
+    user_query  = Query().get('myslice:user').select(user_fields).filter_by('user_hrn','==',user_hrn)
     user_details_sfa = execute_admin_query(wsgi_request, user_query)
     if not user_details_sfa:
         raise Exception, "User %s doesn't exist, validate user before validating slice" % user_hrn
diff --git a/portal/dashboardview.py b/portal/dashboardview.py
index 06f02f83..0de9b93f 100644
--- a/portal/dashboardview.py
+++ b/portal/dashboardview.py
@@ -49,7 +49,7 @@ class DashboardView (LoginRequiredAutoLogoutView, ThemeView):
 #        else:
         print "SLICE QUERY"
         print "-" * 80
-        slice_query = Query().get('user').filter_by('user_hrn', '==', '$user_hrn').select('slices.slice_hrn')
+        slice_query = Query().get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select('slices.slice_hrn')
         page.enqueue_query(slice_query)
         page.enqueue_query(testbed_query)
 
diff --git a/portal/institution.py b/portal/institution.py
index 77cea8d4..d86e3eef 100644
--- a/portal/institution.py
+++ b/portal/institution.py
@@ -5,6 +5,7 @@ from django.template                import RequestContext
 from django.shortcuts               import render_to_response
 from django.shortcuts               import render
 
+from unfold.page                    import Page
 from unfold.loginrequired           import LoginRequiredAutoLogoutView
 
 from manifold.core.query            import Query
@@ -13,7 +14,7 @@ from manifoldapi.manifoldresult     import ManifoldResult
 from ui.topmenu                     import topmenu_items, the_user
 from myslice.configengine           import ConfigEngine
 
-from portal.actions                 import authority_check_pis
+from portal.actions                 import is_pi, authority_check_pis
 from myslice.theme                  import ThemeView
 import json
 
@@ -36,7 +37,15 @@ class InstitutionView (LoginRequiredAutoLogoutView, ThemeView):
         if request.user.is_authenticated(): 
             env['person'] = self.request.user
             if authority_hrn is None: 
-                user_query  = Query().get('myslice:user').select('user_hrn','parent_authority').filter_by('user_hrn','==','$user_hrn')
+                # CACHE PB with fields
+                page = Page(wsgi_request)
+                metadata = page.get_metadata()
+                user_md = metadata.details_by_object('user')
+                user_fields = [column['name'] for column in user_md['column']]
+                
+                # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
+                user_query  = Query().get('myslice:user').select(user_fields).filter_by('user_hrn','==',user_hrn)
+                #user_query  = Query().get('myslice:user').select('user_hrn','parent_authority').filter_by('user_hrn','==','$user_hrn')
                 user_details = execute_query(self.request, user_query)
                 try:
                     env['user_details'] = user_details[0]
@@ -57,12 +66,11 @@ class InstitutionView (LoginRequiredAutoLogoutView, ThemeView):
                 env['project'] = True
                 env['user_details'] = {'parent_authority': authority_hrn}
 
-                        
-
         else: 
             env['person'] = None
-    
-        pi = authority_check_pis (self.request, str(self.request.user))        
+        print "BEFORE  ####------####  is_pi"
+        pi = is_pi(self.request, '$user_hrn', env['user_details']['parent_authority']) 
+        print "is_pi = ",is_pi
 
         env['theme'] = self.theme
         env['section'] = "Institution"
diff --git a/portal/managementtabrequests.py b/portal/managementtabrequests.py
index dcbe8a0f..d1293722 100644
--- a/portal/managementtabrequests.py
+++ b/portal/managementtabrequests.py
@@ -7,6 +7,8 @@ from manifoldapi.manifoldapi         import execute_query
 from django.views.generic.base      import TemplateView
 
 from unfold.loginrequired           import LoginRequiredView
+from unfold.page                    import Page
+
 from django.http                    import HttpResponse
 from django.shortcuts               import render
 
@@ -85,9 +87,15 @@ class ManagementRequestsView (LoginRequiredView, ThemeView):
                     for authority_hrn, credential in config['delegated_authority_credentials'].items():
                         credential_authorities.add(authority_hrn)
 
+            # CACHE PB with fields
+            page = Page(wsgi_request)
+            metadata = page.get_metadata()
+            user_md = metadata.details_by_object('user')
+            user_fields = [column['name'] for column in user_md['column']]
+
             # ** Where am I a PI **
             # For this we need to ask SFA (of all authorities) = PI function
-            pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select('pi_authorities')
+            pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select(user_fields)
             pi_authorities_tmp = execute_query(self.request, pi_authorities_query)
             pi_authorities = set()
             try:
diff --git a/portal/slicerequestview.py b/portal/slicerequestview.py
index 15e2d740..f9c4636d 100644
--- a/portal/slicerequestview.py
+++ b/portal/slicerequestview.py
@@ -42,7 +42,8 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
         authorities_query = Query.get('authority').select('name', 'authority_hrn')
         authorities = execute_admin_query(wsgi_request, authorities_query)
         if authorities is not None:
-            authorities = sorted(authorities)
+            authorities = sorted(authorities, key=lambda k: k['authority_hrn'])
+            authorities = sorted(authorities, key=lambda k: k['name'])
 
         # Get user_email (XXX Would deserve to be simplified)
         user_query  = Query().get('local:user').select('email','config')
@@ -85,7 +86,8 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
         #else:
         #    pi = "is_pi"
 
-        pi = authority_check_pis (wsgi_request, user_email)       
+        pi = authority_check_pis (wsgi_request, user_email)
+        print "SLICEREQUESTVIEW.PY -----  pi=",pi
 
         # Page rendering
         page = Page(wsgi_request)
@@ -109,6 +111,11 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView):
             if authority_hrn is None:
                 authority_hrn = wsgi_request.POST.get('org_name', '')
 
+            # Handle project if used
+            project = wsgi_request.POST.get('project', None)
+            if project is not None:
+                authority_hrn = project
+
             slice_request = {
                 'type'              : 'slice',
                 'id'                : None,
diff --git a/portal/static/js/myslice.js b/portal/static/js/myslice.js
index d3537fb8..4fe42dae 100644
--- a/portal/static/js/myslice.js
+++ b/portal/static/js/myslice.js
@@ -174,6 +174,29 @@ var myslice = {
 		    $.post("/rest/myslice:user/",{'filters':{'user_hrn':'$user_hrn'}}, function( data ) {
 		        if (data.length > 0) {
     			    localStorage.setItem('user', JSON.stringify(data[0]));
+                    projects = [];
+    			    $.each(data[0].pi_authorities, function(idx, auth) {
+                        // PI on projects
+                        if(auth.split('.').length>2){
+                            if($.inArray(auth,projects) == -1){
+                                projects.push(auth);
+                            }
+                        }else if (auth.split('.').length>1){
+                        // PI on authorities
+                            // What are the projects under this authority?
+                            $.post("/rest/myslice:authority/",{'fields':['authority_hrn'],'filters':{'authority_hrn':'CONTAINS'+auth}}, function( data ) {
+    			                $.each(data, function(idx, project) {
+                                    console.log(project.authority_hrn);
+                                    if($.inArray(project.authority_hrn,projects) == -1){
+                                        projects.push(project.authority_hrn);
+                                    }
+                                });
+                            });
+                        }else{
+                            console.log("admin account - we don't list all from root");
+                        }
+                    });
+                    localStorage.setItem('projects', JSON.stringify(projects));
                     myslice.loadSlices(data[0].slices);
                     if(isFunction(fn)){
                         fn();
@@ -187,35 +210,6 @@ var myslice = {
         }
 
 	},
-	loadProjects: function(fn) {
-	    var u = localStorage.getItem('user');
-	    if (u !== 'undefined') {
-            user = JSON.parse(u);
-            projects = localStorage.getItem('projects');
-            if($.isEmptyObject(projects)){
-                if($.isEmptyObject(user) || $.isEmptyObject(user.parent_authority)){
-    		        $.post("/rest/myslice:user/",{'filters':{'user_hrn':'$user_hrn'},'fields':['parent_authority']}, function( data ) {
-                        parent_authority = data[0].parent_authority;
-    
-                    });
-                }else{
-                    parent_authority = user.parent_authority;
-                }
-                // REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
-                $.post("/rest/myslice:authority/",{'fields':['authority_hrn'],'filters':{'authority_hrn':'CONTAINS'+parent_authority}}, function( data ) {
-                    localStorage.setItem('projects', JSON.stringify(data));
-                    if(isFunction(fn)){
-                        fn();
-                    }
-                });
-            }else{
-                if(isFunction(fn)){
-                    fn();
-                }
-            }
-        }
-
-	},
 
     getSlices: function(name) {
     	
diff --git a/portal/templates/base.html b/portal/templates/base.html
index 4e2c5064..6ccabce6 100644
--- a/portal/templates/base.html
+++ b/portal/templates/base.html
@@ -63,10 +63,10 @@ $(document).ready(function() {
             drawSlices(slices);
         }
         {% if theme == "fed4fire" %}
-        myslice.loadProjects(function(){
-            p = myslice.projects();
+        p = myslice.projects();
+        if(p != null){
             drawProjects(p);
-        });
+        }
         {% endif %}
     });
 
@@ -85,7 +85,7 @@ $(document).ready(function() {
         var items = [];
 		
         $.each( projects, function(i, val) {
-            items.push( "<li><a href=\"/portal/project/"+val.authority_hrn+"\">" + val.authority_hrn + "</a></li>" );
+            items.push( "<li><a href=\"/portal/project/"+val+"\">" + val + "</a></li>" );
         });
         $("div#home-project-list").html($( "<ul/>", { html: items.join( "" ) }));
         $("ul#dropdown-project-list").append(items.join( "" ));
diff --git a/portal/templates/fed4fire/fed4fire_account-view.html b/portal/templates/fed4fire/fed4fire_account-view.html
index 5a610f30..034ec4f7 100644
--- a/portal/templates/fed4fire/fed4fire_account-view.html
+++ b/portal/templates/fed4fire/fed4fire_account-view.html
@@ -24,6 +24,10 @@
     {% endfor %}
 </ul>
 {% endif %}
+
+<form id="editForm" method="post" action="account_process" enctype="multipart/form-data">
+<input type="text" id="button_value"  name="button_value" value="" />
+
 <div class="row">
 	<div class="col-md-12">
 		<ul class="nav nav-tabs nav-section">
@@ -38,7 +42,6 @@
 		
 	  	<div class="col-md-12">
 
-			<form id="editForm" method="post" action="account_process" enctype="multipart/form-data">
 			  	{% csrf_token %}
 			  		<table class="profile">          
 			    		<tr>
@@ -129,7 +132,7 @@
 										   onclick="return confirm('Are you sure? It will overwrite your current credentials and you have delegate it manually.');"/>
 								</span>
 								<div style='display:none;'> <input type='hidden'  name='dload'  /> </div> 
-								<button type="submit" name="dl_pubkey" class="btn btn-default btn-xs" title="Download your public key" id="dl_file">
+								<button type="submit" name="dl_pubkey" class="btn btn-default btn-xs" title="Download your public key" id="dl_pubkey" onclick="javascript:document.getElementById('button_value').value='dl_pubkey';">
 									<span class="glyphicon glyphicon-download"></span> Download
 								</button>
 								<button class="btn btn-default btn-xs" id="upload_file" type="button" title="Upload a public key">
@@ -141,16 +144,16 @@
 						 {%if 'N/A' not in user_private_key%}
 			      			<td class="key">Private Key </td> <!-- Hide if priv_key doesn't exist in myslice platform   -->
 			      			<td class="value">********<a href="#"></a>
-			      				<button type="submit" name="dl_pkey" class="btn btn-default" title="Download your privaye key" id="dl_pkey">
+			      				<button type="submit" name="dl_pkey" class="btn btn-default" title="Download your privaye key" id="dl_pkey" value="dl_pkey" onclick="javascript:document.getElementById('button_value').value='dl_pkey';">
 									<span class="glyphicon glyphicon-download"></span> Download	
 								</button>
 			      				<input class="btn btn-danger btn-xs" id="delete" name="delete" type="submit"  value="Delete" title="Delete your private key"
-										onclick="return confirm('Are you sure? If you do so, you have to delegate your credentials manually.');"/> 
+										onclick="javascript:document.getElementById('button_value').value='delete'; return confirm('Are you sure? If you do so, you have to delegate your credentials manually.');"/> 
 			    			</td>
 						  {%else%}
 							<td class="key">Private Key </td> <!-- Hide if priv_key doesn't exist in myslice platform   -->
 		 					<td class="value">********<a href="#"></a>
-		     					<button type="submit" name="dl_pkey" class="btn btn-default disabled" title="Download your privaye key" id="dl_pkey">
+		     					<button type="submit" name="dl_pkey" class="btn btn-default disabled" title="Download your privaye key" id="dl_pkey" value="dl_pkey">
 		        					<span class="glyphicon glyphicon-download"></span> Download 
 		     					</button>
 		     					<input class="btn btn-danger btn-xs disabled" id="delete" name="delete" type="submit" title="Delete your private key" value="Delete" />
@@ -160,7 +163,7 @@
 			    		<tr class="even" id="sfi_config_row">
 			      			<td class="key">sfi_config </td>
 			      			<td class="value">use sfi_config file with sfi.py package (pip install sfa)<a href="#"></a>
-			      				<button type="submit" name="dl_sfi_config" class="btn btn-default btn-xs" title="Download your sfi_config" id="dl_sfi_config">
+			      				<button type="submit" name="dl_sfi_config" class="btn btn-default btn-xs" title="Download your sfi_config" id="dl_sfi_config" value="dl_sfi_config" onclick="javascript:document.getElementById('button_value').value='dl_sfi_config';">
 									<span class="glyphicon glyphicon-download"></span> Download
 								</button>
 			    			</td>
@@ -169,7 +172,7 @@
 							{%if 'N/A' not in user_private_key%}
 							<td class="key">Identity</td> 
     						<td>
-								<button type="submit" name="dl_identity" class="btn btn-default btn-xs" title="You will require it to use jfed" id="dl_identity">
+								<button type="submit" name="dl_identity" class="btn btn-default btn-xs" title="You will require it to use jfed" id="dl_identity" onclick="javascript:document.getElementById('button_value').value='dl_identity';">
     								<span class="glyphicon glyphicon-download"></span> Download 
 								</button>
 							</td>
@@ -237,13 +240,13 @@
 				<tr class="border_bottom">
 		    		<td class="odd"> {{ row.cred_exp }} </td>
 					<td class="odd">
-						<button class="btn btn-default btn-xs" name= "dl_user_cred" type="submit" title="Download User Credential">
+						<button class="btn btn-default btn-xs" name= "dl_user_cred" type="submit" title="Download User Credential" onclick="javascript:document.getElementById('button_value').value='dl_user_cred';">
 							<span class="glyphicon glyphicon-download"></span> Credential
 						</button>
-						<button class="btn btn-default btn-xs" name= "dl_user_cert" type="submit" title="Download User Certificate">
+						<button class="btn btn-default btn-xs" name= "dl_user_cert" type="submit" title="Download User Certificate" onclick="javascript:document.getElementById('button_value').value='dl_user_cert';">
 							<span class="glyphicon glyphicon-download"></span> Certificate
 						</button>
-                         <button class="btn btn-default btn-xs" name= "dl_user_p12" type="submit" title="Download User PKCS12">
+                         <button class="btn btn-default btn-xs" name= "dl_user_p12" type="submit" title="Download User PKCS12" onclick="javascript:document.getElementById('button_value').value='dl_user_p12';">
                              <span class="glyphicon glyphicon-download"></span> PKCS p12
                          </button>
 					</td>
@@ -263,7 +266,7 @@
 		     		<td class="odd"> {{ row.slice_name }} </td>
 					<td class="odd"> {{ row.cred_exp }} </td>
 					<td class="odd"> 
-						<button class="btn btn-default btn-xs" name= "dl_{{row.slice_name}}" type="submit" title="Download Slice Credentials">
+						<button class="btn btn-default btn-xs" name= "dl_{{row.slice_name}}" type="submit" title="Download Slice Credentials" onclick="javascript:document.getElementById('button_value').value='dl_{{row.slice_name}}';">
 							<span class="glyphicon glyphicon-download"></span> Download
 						</button> 
 					</td>
@@ -283,7 +286,7 @@
 		    		<td class="odd"> {{ row.auth_name }} </td>
 		    		<td class="odd"> {{ row.cred_exp }} </td>
 					<td class="odd">
-						<button class="btn btn-default btn-xs" name= "dl_{{row.auth_name}}" type="submit" title="Download Authority Credentials">
+						<button class="btn btn-default btn-xs" name= "dl_{{row.auth_name}}" type="submit" title="Download Authority Credentials" onclick="javascript:document.getElementById('button_value').value='dl_{{row.auth_name}}';">
 							<span class="glyphicon glyphicon-download"></span> Download
 						</button>
 					</td>
@@ -292,7 +295,7 @@
 			</table>
 			<p></p>
 			 {%if '' not in my_users%}	
-			<p><button class="btn btn-danger btn-lg btn-block"   name= "clear_cred" type="submit" title="Clear All Credentials">Clear Credentials</button></p>
+			<p><button class="btn btn-danger btn-lg btn-block"   name= "clear_cred" type="submit" title="Clear All Credentials" onclick="javascript:document.getElementById('button_value').value='clear_cred';">Clear Credentials</button></p>
 			{%else%}
 			<p><button class="btn btn-danger btn-lg btn-block disabled"   name= "clear_cred" type="submit" title="Clear All Credentials">Clear Credentials</button></p>
 			{%endif%}
@@ -317,7 +320,7 @@
                 <td class="odd"> {{ row.account_type }} </td>
 				<td class="odd"> {{ row.account_reference }} </td>
 				<td class="odd">
-    				<button class="btn btn-danger" name="delete_{{row.platform_name}}" type="submit" title="Delete account from this platform">
+    				<button class="btn btn-danger" name="delete_{{row.platform_name}}" type="submit" title="Delete account from this platform" onclick="javascript:document.getElementById('button_value').value='delete_{{row.platform_name}}';">
 						<span class="glyphicon glyphicon-minus"></span>
 					</button>
 				</td>
@@ -336,7 +339,7 @@
             <tr class="border_bottom">
                 <td class="odd"> {{ platform.platform_no_access }} </td>
                 <td class="odd">
-					<button class="btn btn-success btn-sm" name= "add_{{platform.platform_no_access}}" type="submit" title="Add account to this platform">
+					<button class="btn btn-success btn-sm" name= "add_{{platform.platform_no_access}}" type="submit" title="Add account to this platform" onclick="javascript:document.getElementById('button_value').value='add_{{platform.platform_no_access}}';">
 						<span class="glyphicon glyphicon-plus"></span>
 					</button>
 				</td>
@@ -346,9 +349,9 @@
 	</div>
 {%endif%} 
 </div>
-</form>
 </div>
 
+</form>
 <script>
     $(document).ready(function() {
     	$('.nav-tabs a').click(function (e) {
diff --git a/portal/templates/fed4fire/fed4fire_home-view.html b/portal/templates/fed4fire/fed4fire_home-view.html
index bb5b16c2..ab31f9f2 100644
--- a/portal/templates/fed4fire/fed4fire_home-view.html
+++ b/portal/templates/fed4fire/fed4fire_home-view.html
@@ -15,7 +15,6 @@
 	{%if 'creds_expired'  in user_cred %}
     	<p class="command"><a href="#" style="color:red" data-toggle="modal" data-target="#myModal">EXPIRED CREDENTIALS</a> Please delegate again your credentials to the portal!</p>
     {%endif%}
-		{% if pi %}
 		<div class="col-md-3">
 			<h3>
 				EXPERIMENT
@@ -107,88 +106,6 @@
 	    	</div>
 		</div>
 	</div>
-	{%else%}
-	<div class="row">
-		<div class="col-md-4">
-			<h3>
-				EXPERIMENT
-			</h3>
-			<div>
-				<a href="#"><img src="{{ STATIC_URL }}img/icon_slices.png" alt="" /></a>
-			</div>
-			<div>
-				<button id="slicerequestbtn" type="button" class="btn btn-default"><span class="glyphicon glyphicon-plus"></span> Request Slice</button>
-			</div>
-			<div>
-				<p><strong>Your slices </strong>
-				<span title="A slice is a set of testbed resources on which you can conduct an experiment. 
-					Either ask your colleagues to give you access to an existing slice or request a new slice by clicking 'Request Slice'. 
-					However, on the Fed4FIRE portal, you will only see slices that you have created through Fed4FIRE. If you have created slices elsewhere, 
-					those slices will not appear here."
-					class="glyphicon glyphicon-info-sign">
-				</span>
-				</p>
-			</div>
-			<div>	
-				<div id="home-slice-list"><img src="{{ STATIC_URL }}img/loading.gif" alt="Loading Slices" /></div>
-			</div>
-			{% if pending_slices %}
-			<p><strong>Pending slices</strong>
-			<span title="Slices that you have requested and are pending for validation by the contact person of your organization."
-				class="glyphicon glyphicon-info-sign">
-			<ul>
-			{% for slices in pending_slices %}
-			<li>{{slices}}</li>
-			{% endfor %}
-			</ul>
-			</span>
-			</p>
-			{%endif%}
-			<h3 title="Some tools do their own slice creation and management.">Experiment now</h3>
-			<a class="btn btn-primary" style="width: 150px;" 
-                    href='http://jfed.iminds.be/releases/5.4-dev/r2289/webstart/experimenter/jfed-experimenter.jnlp'
-					title="Click here to start your experiment with jFed" 
-					onclick="return  launchApplication('http://jfed.iminds.be/releases/5.4-dev/r2289/webstart/experimenter/jfed-experimenter.jnlp');">
-                    <span class="glyphicon glyphicon-cloud"></span> jFed</a>	
-		</div>
-		<div class="col-md-4">
-			<h3>
-				SUPPORT
-			</h3>
-			<div>
-				<a href="/portal/support"><img src="{{ STATIC_URL }}img/icon_support.png" alt="" /></a>
-			</div>
-			<div>
-				<button id="ticketbtn" type="button" class="btn btn-default"><span class="glyphicon glyphicon-envelope"></span> Contact</button>
-			</div>
-			<p></p>
-			<div>
-    			<button id="statbtn" type="button" style="width: 150px;" class="btn btn-default"><span class="glyphicon glyphicon-stats"></span>Testbeds' status</button>
-			</div>
-			<div>
-    			<button id="repbtn" type="button" style="width: 170px;" class="btn btn-default"><span class="glyphicon glyphicon-stats"></span>Testbeds' reputation</button>
-			</div>
-		</div>
-		
-		<div class="col-md-4">
-			<h3>
-				ACCOUNT
-			</h3>
-			<div>
-				<a href="/portal/account/"><img src="{{ STATIC_URL }}img/icon_user_color.png" alt="" /></a>
-			</div>
-			<div>
-				<button id="logoutbtn" type="button" class="btn btn-default" data-username="{{ username }}"><span class="glyphicon glyphicon-off"></span> Logout</button>
-			</div>
-			<div>
-				{% if person.last_name %}
-					{{person.first_name}} {{person.last_name}}<br />
-				{% endif %}
-    			<span class="label">Username:</span> <a href='/portal/account/' title="Click here to see and edit your account details.">{{person.email}}</a>
-	    	</div>
-		</div>
-	</div>
-	{%endif%}
 
 </div>
 {% else %}
diff --git a/portal/templates/fed4fire/fed4fire_institution.html b/portal/templates/fed4fire/fed4fire_institution.html
index fa4115b3..90da9840 100644
--- a/portal/templates/fed4fire/fed4fire_institution.html
+++ b/portal/templates/fed4fire/fed4fire_institution.html
@@ -87,8 +87,8 @@
     				</table>
 				
 			</div>
-        	{% if  pi %}
 			<div>
+        	{% if  pi %}
 	  		<button id="createproject" type="button" class="btn btn-default"><span class="glyphicon glyphicon-plus"></span> Create project</button>
 			<button id="deleteprojects" type="button" class="btn btn-danger"><span class="glyphicon glyphicon-remove"></span> Delete selected projects</button>
 			{% else %}
@@ -158,7 +158,14 @@ $(document).ready(function() {
                 
                 slice_row = "<tr id='"+val.slice_hrn+"'>";
                 slice_row += "<td><input type='checkbox' class='slice' id='"+val.slice_hrn+"'></td>";
-                slice_row += "<td><a href='/slice/"+val.slice_hrn+"'>" + val.slice_hrn + "</a></td>";
+
+                // filter links to slices, only those that the user has credentials for
+                s = myslice.user.slices;
+                if(s.length > 0 && $.inArray(val.slice_hrn, myslice.user.slices)!=-1){
+                    slice_row += "<td><a href='/slice/"+val.slice_hrn+"'>" + val.slice_hrn + "</a></td>";
+                }else{
+                    slice_row += "<td>" + val.slice_hrn + "</td>";
+                }
                 slice_row += "<td>"+users_length+"</td>";
                 slice_row += "<td>"+slice_url+"</td>";
                 //slice_row += "<td>"+nodes_length+"</td>";
@@ -192,7 +199,7 @@ $(document).ready(function() {
 
         });
         {% else %}
-        $.post("/rest/user/",{'fields':['user_hrn','user_email'],'filters':{'parent_authority':'{{user_details.parent_authority}}'}}, function( data ) {
+        $.post("/rest/myslice:user/",{'filters':{'parent_authority':'{{user_details.parent_authority}}'}}, function( data ) {
             var list_users = [];
             var table_users = [];
 		    /* Available fields
@@ -224,7 +231,14 @@ $(document).ready(function() {
                 console.log(val);
                 project_row = "<tr id='"+val.authority_hrn+"'>";
                 project_row += "<td><input type='checkbox' class='project' id='"+val.authority_hrn+"'></td>";
-                project_row += "<td><a href='/portal/project/"+val.authority_hrn+"'>"+val.authority_hrn+"</a></td>";
+
+                // filter links to projects, only those that the user has credentials for
+                p = myslice.projects;
+                if(p.length > 0 && $.inArray(val.authority_hrn, p)!=-1){
+                    project_row += "<td><a href='/portal/project/"+val.authority_hrn+"'>"+val.authority_hrn+"</a></td>";
+                }else{
+                    project_row += "<td>"+val.authority_hrn+"</td>";
+                }
                 project_row += "</tr>";
                 table_projects.push(project_row);
             });
diff --git a/portal/templates/fed4fire/fed4fire_slicerequest_view.html b/portal/templates/fed4fire/fed4fire_slicerequest_view.html
index 82f12410..7c172d58 100644
--- a/portal/templates/fed4fire/fed4fire_slicerequest_view.html
+++ b/portal/templates/fed4fire/fed4fire_slicerequest_view.html
@@ -38,14 +38,17 @@
 				<input type="text" class="form-control" id="authority_hrn" name="org_name" style="width:300px" placeholder="Organization" 
 				title="An authority responsible for vetting your slice" required="required">
 				{% else %}
-			    <input type="text" class="form-control" id="authority_hrn" name="org_name" placeholder="Organization" style="width:300px;" 
+			    <input type="hidden" class="form-control" id="authority_hrn" name="org_name" placeholder="Organization" style="width:300px;" 
 				title="An authority responsible for vetting your slice" required="required" readonly>
+                <span style="float:left;">Authority: &nbsp;</span>
+                <div id="authority_display">
+                <img src="{{ STATIC_URL }}img/loading.gif" alt="Loading authority" />
+                </div>
 				{% endif %}
 			  </div>
 			  <div class="form-group">
                 Project: 
-                <select id="projects">
-                    <option>project A</option>
+                <select id="project" name="project">
                 </select>
               </div>
 			  <div class="form-group">
@@ -72,8 +75,15 @@ jQuery(document).ready(function(){
 	$("#authority_hrn").load("/rest/user/", {"fields" : ["parent_authority"], "filters": {"user_hrn": "{{ user_hrn }}"}}, function(data) {
 		var jsonData = JSON.parse(data);
         $(this).attr("value", jsonData[0]['parent_authority']);
+	    {% if pi %}
         draw_projects(jsonData[0]['parent_authority']);
+        {% else %}
+        $('#authority_display').html(jsonData[0]['parent_authority']);
+        draw_projects('');
+        {% endif %}
     });
+
+	{% if pi %}
 	$("#authority_hrn").val("{{authority_name}}");
 	var availableTags = [
     {% if authorities %}
@@ -107,23 +117,36 @@ jQuery(document).ready(function(){
         draw_projects(jQuery('.ui-state-focus').html());
       },
     });
-
+    {% endif %}
 });
 
 function draw_projects(authority_hrn){
-    $.post("/rest/myslice:authority/",{'fields':['authority_hrn','pi_users'],'filters':{'authority_hrn':'CONTAINS'+authority_hrn}}, function( data ) {
-       
-        var projects = [];
-        project_row = "<option value=''> - </option>";
-        projects.push(project_row);
-       
-        $.each( data, function( key, val ) {
-            console.log(val);
-            project_row = "<option value='"+val.authority_hrn+"'>"+val.authority_hrn+"</option>";
+    var projects = [];
+    project_row = "<option value=''> - </option>";
+    projects.push(project_row);
+
+    if(authority_hrn.length > 0){
+        // Not for root authority
+        if(authority_hrn.split('.').length > 1){
+            $.post("/rest/myslice:authority/",{'fields':['authority_hrn','pi_users'],'filters':{'authority_hrn':'CONTAINS'+authority_hrn}}, function( data ) {
+               
+                $.each( data, function( key, val ) {
+                    project_row = "<option value='"+val.authority_hrn+"'>"+val.authority_hrn+"</option>";
+                    projects.push(project_row);
+                });
+                $("#project").html(projects.join( "" ));
+            });
+        }else{
+            $("#project").html(projects.join( "" ));
+        }
+    }else{
+        my_projects = JSON.parse(localStorage.getItem('projects'));
+        $.each( my_projects, function( i, val ) {
+            project_row = "<option value='"+val+"'>"+val+"</option>";
             projects.push(project_row);
         });
-        $("#projects").html(projects.join( "" ));
-    });
+        $("#project").html(projects.join( "" ));
+    }
 }
 </script>
 {% endblock %}
diff --git a/portal/templates/slice-request-done-view.html b/portal/templates/slice-request-done-view.html
index 0d0a03b4..9ab6807b 100644
--- a/portal/templates/slice-request-done-view.html
+++ b/portal/templates/slice-request-done-view.html
@@ -5,6 +5,10 @@
   <h1>Slice created</h1>
 
 As a manager of your institution, your slice has directly been created directly.
-
+<script>
+$(document).ready(function() {
+    localStorage.clear();
+});
+</script>
 {% endblock %}
 
diff --git a/portal/validationview.py b/portal/validationview.py
index b26ba0fa..b87a250f 100644
--- a/portal/validationview.py
+++ b/portal/validationview.py
@@ -151,7 +151,7 @@ class ValidatePendingView(LoginRequiredAutoLogoutView, ThemeView):
 
             # ** Where am I a PI **
             # For this we need to ask SFA (of all authorities) = PI function
-            pi_authorities_query = Query.get('user').filter_by('user_hrn', '==', '$user_hrn').select('pi_authorities')
+            pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select('pi_authorities')
             pi_authorities_tmp = execute_query(self.request, pi_authorities_query)
             pi_authorities = set()
             try:
-- 
2.47.0