Task #9630 (closed)
Bug: Web admin
Reported by: | jburel | Owned by: | wmoore |
---|---|---|---|
Priority: | blocker | Milestone: | OMERO-4.4.4 |
Component: | WebAdmin | Version: | n.a. |
Keywords: | n.a. | Cc: | wmoore, jamoore |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description (last modified by jburel)
- Logged in as user-6
- Click on edit user-6
- Did not modify any data.
- Click save
- See the following error.
- Cannot log in as user-6 after that i.e. user becomes inactive
Traceback (most recent call last): File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/django/core/handlers/base.py", line 111, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/decorators.py", line 377, in wrapped retval = f(request, *args, **kwargs) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/decorators.py", line 414, in wrapper context = f(request, *args, **kwargs) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/webadmin/views.py", line 359, in experimenters experimenterList = prepare_experimenterList(conn) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/webadmin/views.py", line 114, in prepare_experimenterList experimentersList = list(conn.getObjects("Experimenter")) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero/gateway/__init__.py", line 2537, in getObjects result = self.getQueryService().findAllByQuery(query, params, self.SERVICE_OPTS) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero/gateway/__init__.py", line 3327, in __call__ return self.handle_exception(e, *args, **kwargs) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/webclient/webclient_gateway.py", line 1876, in handle_exception e, *args, **kwargs) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero/gateway/__init__.py", line 3324, in __call__ return self.f(*args, **kwargs) File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero_api_IQuery_ice.py", line 139, in findAllByQuery return _M_omero.api.IQuery._op_findAllByQuery.invoke(self, ((query, params), _ctx)) SecurityViolation: exception ::omero::SecurityViolation { serverStackTrace = ome.conditions.SecurityViolation: No matching roles found in [read-annotate-1, read-only-1, private-1, read-write-1, system] for session 834b12ed-53c4-4123-a523-55d216b65507 (allowed: [user]) at ome.security.basic.BasicMethodSecurity.checkMethod(BasicMethodSecurity.java:137) at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:81) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy75.findAllByQuery(Unknown Source) at sun.reflect.GeneratedMethodAccessor337.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179) at ome.services.throttling.Callback.run(Callback.java:56) at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56) at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:150) at ome.services.blitz.impl.QueryI.findAllByQuery_async(QueryI.java:66) at sun.reflect.GeneratedMethodAccessor336.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at omero.cmd.CallContext.invoke(CallContext.java:59) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy76.findAllByQuery_async(Unknown Source) at omero.api._IQueryTie.findAllByQuery_async(_IQueryTie.java:92) at omero.api._IQueryDisp.___findAllByQuery(_IQueryDisp.java:366) at omero.api._IQueryDisp.__dispatch(_IQueryDisp.java:496) at IceInternal.Incoming.invoke(Incoming.java:159) at Ice.ConnectionI.invokeAll(ConnectionI.java:2037) at Ice.ConnectionI.message(ConnectionI.java:972) at IceInternal.ThreadPool.run(ThreadPool.java:577) at IceInternal.ThreadPool.access$100(ThreadPool.java:12) at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971) serverExceptionClass = ome.conditions.SecurityViolation message = No matching roles found in [read-annotate-1, read-only-1, private-1, read-write-1, system] for session 834b12ed-53c4-4123-a523-55d216b65507 (allowed: [user]) } <WSGIRequest GET:<QueryDict: {}>, POST:<QueryDict: {}>, COOKIES:{'sessionid': 'ac9914f85ec3da5e2ed9f425fe552bc4'}, META:{'DOCUMENT_ROOT': '/htdocs', 'GATEWAY_INTERFACE': 'CGI/1.1', 'HTTPS': 'on', 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'HTTP_ACCEPT_ENCODING': 'gzip, deflate', 'HTTP_ACCEPT_LANGUAGE': 'en-us,en;q=0.5', 'HTTP_CONNECTION': 'keep-alive', 'HTTP_COOKIE': 'sessionid=ac9914f85ec3da5e2ed9f425fe552bc4', 'HTTP_DNT': '1', 'HTTP_HOST': 'gretzky.openmicroscopy.org.uk', 'HTTP_REFERER': 'https://gretzky.openmicroscopy.org.uk/omero/webadmin/experimenter/edit/7/', 'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:15.0) Gecko/20100101 Firefox/15.0', 'PATH': '/usr/local/bin:/usr/bin:/bin', 'PATH_INFO': u'/webadmin/experimenters/', 'PATH_TRANSLATED': '/htdocs/webadmin/experimenters/', 'QUERY_STRING': '', 'REMOTE_ADDR': '92.23.90.83', 'REMOTE_PORT': '61342', 'REQUEST_METHOD': 'GET', 'REQUEST_URI': '/omero/webadmin/experimenters/', 'SCRIPT_FILENAME': '/home/omero/OMERO-CURRENT/var/omero.fcgi', 'SCRIPT_NAME': u'/omero', 'SCRIPT_URI': 'https://gretzky.openmicroscopy.org.uk/omero/webadmin/experimenters/', 'SCRIPT_URL': '/omero/webadmin/experimenters/', 'SERVER_ADDR': '134.36.65.227', 'SERVER_ADMIN': '[no address given]', 'SERVER_NAME': 'gretzky.openmicroscopy.org.uk', 'SERVER_PORT': '443', 'SERVER_PROTOCOL': 'HTTP/1.1', 'SERVER_SIGNATURE': '<address>Apache/2.2.14 (Ubuntu) Server at gretzky.openmicroscopy.org.uk Port 443</address>\n', 'SERVER_SOFTWARE': 'Apache/2.2.14 (Ubuntu)', 'SSL_TLS_SNI': 'gretzky.openmicroscopy.org.uk', 'wsgi.errors': <flup.server.fcgi_base.TeeOutputStream object at 0xe7f790>, 'wsgi.input': <flup.server.fcgi_base.InputStream object at 0xe7fd90>, 'wsgi.multiprocess': True, 'wsgi.multithread': False, 'wsgi.run_once': False, 'wsgi.url_scheme': 'https', 'wsgi.version': (1, 0)}>
Change History (5)
comment:1 Changed 12 years ago by jburel
- Description modified (diff)
comment:2 Changed 12 years ago by wmoore
- Owner changed from web-team@… to wmoore
comment:3 Changed 12 years ago by wmoore
- Resolution set to fixed
- Status changed from new to closed
comment:4 Changed 12 years ago by Will Moore <will@…>
(In [1079659f88ee3539b7142460026f884ed4dfd99b/ome.git] on branch develop) Make sure admins can't disable themselves in views.py - See #9630
comment:5 Changed 12 years ago by jean-marie burel <j.burel@…>
(In [316d4b8d126b3900a159daf700109405814c3bec/ome.git] on branch develop) Merge pull request #366 from will-moore/web_admin_9630
Make sure admins can't disable themselves in views.py - See #9630
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.
Seems to be this bug: http://stackoverflow.com/questions/4727974/how-to-post-submit-an-input-checkbox-that-is-disabled