• Views
  • Iteration Report
  • My Iteration Report
  •  
OMERO.server
  • Login
  • Help/Guide
  • About Trac
  • Preferences
  • Wiki
  • Timeline
  • Roadmap
  • Browse Source
  • View Tickets
  • Search

Context Navigation

  • ← Previous Ticket
  • Next Ticket →

Ticket #1072 (assigned defect)

Opened 3 months ago

Last modified 3 months ago

loadContainerHierarchy - ome.conditions.SecurityViolation: Cannot read ome.model.containers.Dataset

Reported by: atarkowska Owned by: jmoore
Priority: minor Milestone: OMERO-Beta4
Component: Services Version: 3.0-M1
Keywords: Cc:

Description

loadContainerHierarchy cannot load hierarchy when project permissions is rwr--- and contains dataset with permissions (rw----).
I am not sure about different use cases.

Change History

Changed 3 months ago by atarkowska

r2788 https://trac.openmicroscopy.org.uk/omero/browser/trunk/components/tools/OmeroPy/test/integration/tickets2000.py#L195

Changed 3 months ago by jmoore

  • status changed from new to assigned
  • type changed from story to defect
  • milestone changed from 3.0-Beta3.1 to 3.0-Beta4

No, it can't. The security system currently prevents the dataset's permissions from being removed once it has been linked to the project, but currently there is no check to make sure that a user is not "corrupting" someone else's data.

This is a related use-case to that discussed during:

http://cvs.openmicroscopy.org.uk/tiki/tiki-index.php?page=ConferenceCall%202008-08-26-Permissions

in which the server should prevent users from linking data over the group boundary. I'm pushing this to milestone:3.0-Beta4 because it's not something we can correct simply.

Note: See TracTickets for help on using tickets.

Download in other formats:

  • Comma-delimited Text
  • Tab-delimited Text
  • RSS Feed
Trac Powered

Powered by Trac 0.11
By Edgewall Software.

Visit the Trac open source project at
http://trac.edgewall.org/