Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #3529 (closed)

Opened 13 years ago

Closed 12 years ago

Last modified 12 years ago

Implement {omero.group:-1} for non-admin

Reported by: jamoore Owned by: jamoore
Priority: critical Milestone: OMERO-4.4
Component: Security Version: n.a.
Keywords: n.a. Cc: jburel, atarkowska, cneves, wmoore
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: 0.0d
Sprint: 2012-02-28 (9)

Description

Currently, {omero.group:-1} is only available to root, and allows access to all groups. For a non-admin, this should only provide access to a users groups.

Change History (7)

comment:1 Changed 13 years ago by cxallan

Referencing ticket #3527 has changed sprint.

comment:2 Changed 13 years ago by jmoore

  • Milestone changed from OMERO-Beta4.3 to Unscheduled

Moving to Unscheduled since we are approaching the 4.3 freeze.

comment:3 Changed 12 years ago by jmoore

  • Cc cneves-x wmoore added
  • Component changed from General to Security
  • Milestone changed from Unscheduled to OMERO-Beta4.4
  • Priority changed from major to critical
  • Remaining Time set to 2.0

Prioritizing after Jan. 26 discussion with the chgrp mini-group.

comment:4 Changed 12 years ago by jmoore

  • Owner set to jmoore
  • Sprint set to 2012-02-14 (8)
  • Status changed from new to accepted

comment:5 Changed 12 years ago by jburel

  • Sprint changed from 2012-02-14 (8) to 2012-02-28 (9)

Moved from sprint 2012-02-14 (8)

comment:6 Changed 12 years ago by jmoore

  • Remaining Time changed from 2.0 to 0
  • Resolution set to fixed
  • Status changed from accepted to closed

call context for omero.group is now largely in place, and I'm primarily bug fixing. Carlos is actively testing https://github.com/joshmoore/openmicroscopy/tree/3529-callcontext, so I'm closing this in favor of the individual bugs which we are finding.

comment:7 Changed 12 years ago by jmoore <josh@…>

(In [ecf24f49519268d83e4a9f359f5cf993bca3b7ad/ome.git] on branch develop) Make ShareBean?.setShareId public (See #2219, #3529, Fix #8037)

The use of shareId==-1 was intended only for session-wide
activities. The use via HandleI and ChgrpI led to the data
leakage outlined by Will (#8037).

This commits makes use of the omero.group facilities added
as part of #3529.

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.67772 sec.)

We're Hiring!