Chgrp to a non-member group

[sbesson]

As mentioned in ​https://github.com/openmicroscopy/openmicroscopy/pull/1195, the CLI currently allows an administrator user to chrgp his own data to a group he is not member of. To the contrary, this operation is not permitted in the Insight client.

The same policy should be implemented across the various clients and the corresponding fix brought to either Insight or the CLI.

[pwalczysko]

At the moment, the chgrp permissions system does not allow to move data to a group which you are not a member of. This makes obvious sense - what use is the data to you (or to somebody else) when you cannot see them (because you are not a member of the target group, you have cut yourself from your own data).. There will be possibly other discrepancies between the CLI and UIs - but in general, UIs are tested, CLI comparably not - so I would guess it should be CLI which is adjusting each time. See the UI permissions at ​https://docs.google.com/spreadsheet/ccc?key=0AuqP9_Rq_HgldDNjT0ZIcHRSOUg1OFpjVUthdzM4cmc#gid=1. Note that in the table under this link the "work on others' data" is described. Even when moving (as an admin) somebody else's data into other group, you are not allowed to do it in case the person for whom you are moving the data is not a member of the target group. You do not have to be the member of the target group as the admin - but nobody can cut himself or others off his/their data.

[jamoore]

Note: a fix for this issue is not FS specific and should be backported to dev_4_4

[wmoore]

Sebastien - what are you intending to do with this ticket?
Only allow the CLI to move your Own data to groups you are a member of?
What about other users' data - only allow CLI to move that data to groups that the user is a member of?
If we agree about these restrictions then they should really be 'server-side' so the clients don't have to enforce these rules themselves.

[sbesson]

See ​https://github.com/openmicroscopy/openmicroscopy/pull/1751