Task #10016 (closed)
Bug: webadmin remove self from group
Reported by: | omero-qa | Owned by: | wmoore |
---|---|---|---|
Priority: | major | Milestone: | OMERO-4.4.7 |
Component: | WebAdmin | Version: | n.a. |
Keywords: | n.a. | Cc: | ned@… |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | 2013-01-15 (4) |
Description
"I believe I had just removed myself from a couple of groups, leaving myself only in the group that I used to upload my data. I think it crashed when I left the admin page."
https://www.openmicroscopy.org/qa2/qa2/qa/feedback/4784/
Traceback (most recent call last): File "/home/omero/OMERO.server/lib/python/django/core/handlers/base.py", line 111, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/home/omero/OMERO.server/lib/python/omeroweb/decorators.py", line 377, in wrapped retval = f(request, *args, **kwargs) File "/home/omero/OMERO.server/lib/python/omeroweb/webadmin/views.py", line 344, in index if conn.isAdmin(): File "/home/omero/OMERO.server/lib/python/omero/gateway/__init__.py", line 1836, in isAdmin return self.getEventContext().isAdmin File "/home/omero/OMERO.server/lib/python/omero/gateway/__init__.py", line 1785, in getEventContext self._ctx = self._proxies['admin'].getEventContext() File "/home/omero/OMERO.server/lib/python/omero/gateway/__init__.py", line 3327, in __call__ return self.handle_exception(e, *args, **kwargs) File "/home/omero/OMERO.server/lib/python/omeroweb/webclient/webclient_gateway.py", line 1876, in handle_exception e, *args, **kwargs) File "/home/omero/OMERO.server/lib/python/omero/gateway/__init__.py", line 3324, in __call__ return self.f(*args, **kwargs) File "/home/omero/OMERO.server/lib/python/omero_api_IAdmin_ice.py", line 394, in getEventContext return _M_omero.api.IAdmin._op_getEventContext.invoke(self, ((), _ctx)) SecurityViolation: exception ::omero::SecurityViolation { serverStackTrace = ome.conditions.SecurityViolation: User 2 is not a member of group 0 and cannot login at ome.security.basic.BasicSecuritySystem.loadEventContext(BasicSecuritySystem.java:380) at ome.security.basic.EventHandler.doLogin(EventHandler.java:210) at ome.security.basic.EventHandler.invoke(EventHandler.java:146) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:241) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:116) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy78.getEventContext(Unknown Source) at sun.reflect.GeneratedMethodAccessor649.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:98) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy78.getEventContext(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179) at ome.services.throttling.Callback.run(Callback.java:56) at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56) at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:150) at ome.services.blitz.impl.AdminI.getEventContext_async(AdminI.java:217) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at omero.cmd.CallContext.invoke(CallContext.java:59) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy79.getEventContext_async(Unknown Source) at omero.api._IAdminTie.getEventContext_async(_IAdminTie.java:204) at omero.api._IAdminDisp.___getEventContext(_IAdminDisp.java:1405) at omero.api._IAdminDisp.__dispatch(_IAdminDisp.java:1561) at IceInternal.Incoming.invoke(Incoming.java:159) at Ice.ConnectionI.invokeAll(ConnectionI.java:2037) at Ice.ConnectionI.message(ConnectionI.java:972) at IceInternal.ThreadPool.run(ThreadPool.java:577) at IceInternal.ThreadPool.access$100(ThreadPool.java:12) at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971) serverExceptionClass = ome.conditions.SecurityViolation message = User 2 is not a member of group 0 and cannot login } <WSGIRequest GET:<QueryDict: {}>, POST:<QueryDict: {}>, COOKIES:{'__utma': '65601905.1757668320.1306890498.1306890498.1316938101.2', 'sessionid': 'a9a7b33997bbc19b5fc54b17c2eb6764'}, META:{'CONTENT_LENGTH': '', 'CONTENT_TYPE': '', 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'HTTP_ACCEPT_ENCODING': 'gzip, deflate', 'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.5', 'HTTP_CONNECTION': 'keep-alive', 'HTTP_COOKIE': '__utma=65601905.1757668320.1306890498.1306890498.1316938101.2; sessionid=a9a7b33997bbc19b5fc54b17c2eb6764', 'HTTP_HOST': 'tralfaz.caltech.edu:8080', 'HTTP_REFERER': 'http://tralfaz.caltech.edu:8080/webadmin/experimenters/', 'HTTP_USER_AGENT': 'Mozilla/5.0 (Windows NT 5.1; rv:16.0) Gecko/20100101 Firefox/16.0', 'PATH_INFO': u'/webadmin/', 'QUERY_STRING': '', 'REQUEST_METHOD': 'GET', 'SCRIPT_NAME': u'', 'SERVER_NAME': '_', 'SERVER_PORT': '8080', 'SERVER_PROTOCOL': 'HTTP/1.1', 'wsgi.errors': <flup.server.fcgi_base.TeeOutputStream object at 0xb50f0cc>, 'wsgi.input': <flup.server.fcgi_base.InputStream object at 0xb50f18c>, 'wsgi.multiprocess': True, 'wsgi.multithread': False, 'wsgi.run_once': False, 'wsgi.url_scheme': 'http', 'wsgi.version': (1, 0)}>
Change History (4)
comment:1 Changed 11 years ago by wmoore
- Component changed from from QA to WebAdmin
- Milestone changed from Unscheduled to OMERO-4.5
- Priority changed from minor to major
- Sprint set to 2012-12-18 (3)
comment:2 Changed 11 years ago by jburel
- Sprint changed from 2012-12-18 (3) to 2013-01-15 (4)
comment:3 Changed 11 years ago by wmoore
- Resolution set to fixed
- Status changed from new to closed
comment:4 Changed 11 years ago by Will Moore <will@…>
(In [488a8b9a0af01237d6d88ce17947915cbac5df26/ome.git] on branch develop) Don't allow removal of 'system' from groups list. See #10016
Although we tried to prevent admins removing themselves from 'system' group, they could still do
this in the groups chooser.
Moved from sprint 2012-12-18 (3)