Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #11374 (new)

Opened 6 years ago

Last modified 4 years ago

Bug: Passing group -1 throws API usage exception.

Reported by: cblackburn Owned by: jamoore
Priority: major Milestone: Permissions
Component: Security Version: 4.4.8
Keywords: n.a. Cc: java@…
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: n.a.

Description

The following Python tests:

integration.permissions.testSaveWithNegBadLink
integration.permissions.testSaveWithNegOneExplicit

the tests fail for the following reason:

ApiUsageException: No valid permissions available! DUMMY permissions are not intended for copying. Make sure that you have not passed omero.group=-1 for a save without context

when they are expected not to. See full exception for one failure in comment below.

Change History (3)

comment:1 Changed 6 years ago by cblackburn

ERROR: testSaveWithNegOneExplicit (test.integration.permissions.TestPermissions)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/cblackburn/Work/repos/ome/components/tools/OmeroPy/test/integration/permissions.py", line 577, in testSaveWithNegOneExplicit
    update.saveAndReturnObject(tag, all_context)
  File "/Users/cblackburn/Work/repos/ome/components/tools/OmeroPy/target/omero_api_IUpdate_ice.py", line 101, in saveAndReturnObject
    return _M_omero.api.IUpdate._op_saveAndReturnObject.invoke(self, ((obj, ), _ctx))
ApiUsageException: exception ::omero::ApiUsageException
{
    serverStackTrace = ome.conditions.ApiUsageException: No valid permissions available! DUMMY permissions are not intended for copying. Make sure that you have not passed omero.group=-1 for a save without context
	at ome.model.internal.Permissions.<init>(Permissions.java:156)
	at ome.security.basic.CurrentDetails.createDetails(CurrentDetails.java:384)
	at ome.security.basic.OmeroInterceptor.newTransientDetails(OmeroInterceptor.java:551)
	at ome.security.basic.OmeroInterceptor.onSave(OmeroInterceptor.java:157)
	at org.hibernate.event.def.AbstractSaveEventListener.substituteValuesIfNecessary(AbstractSaveEventListener.java:414)
	at org.hibernate.event.def.AbstractSaveEventListener.performSaveOrReplicate(AbstractSaveEventListener.java:293)
	at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:204)
	at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:144)
	at org.hibernate.event.def.DefaultMergeEventListener.saveTransientEntity(DefaultMergeEventListener.java:415)
	at org.hibernate.event.def.DefaultMergeEventListener.mergeTransientEntity(DefaultMergeEventListener.java:341)
	at org.hibernate.event.def.DefaultMergeEventListener.entityIsTransient(DefaultMergeEventListener.java:303)
	at org.springframework.orm.hibernate3.support.IdTransferringMergeEventListener.entityIsTransient(IdTransferringMergeEventListener.java:59)
	at ome.security.basic.MergeEventListener.entityIsTransient(MergeEventListener.java:161)
	at org.hibernate.event.def.DefaultMergeEventListener.onMerge(DefaultMergeEventListener.java:258)
	at ome.security.basic.MergeEventListener.onMerge(MergeEventListener.java:94)
	at org.hibernate.event.def.DefaultMergeEventListener.onMerge(DefaultMergeEventListener.java:84)
	at ome.security.basic.MergeEventListener.onMerge(MergeEventListener.java:80)
	at org.hibernate.impl.SessionImpl.fireMerge(SessionImpl.java:861)
	at org.hibernate.impl.SessionImpl.merge(SessionImpl.java:845)
	at org.hibernate.impl.SessionImpl.merge(SessionImpl.java:849)
	at ome.logic.UpdateImpl.internalMerge(UpdateImpl.java:273)
	at ome.logic.UpdateImpl$2.run(UpdateImpl.java:121)
	at ome.logic.UpdateImpl$2.run(UpdateImpl.java:118)
	at ome.logic.UpdateImpl.doAction(UpdateImpl.java:311)
	at ome.logic.UpdateImpl.doAction(UpdateImpl.java:302)
	at ome.logic.UpdateImpl.saveAndReturnObject(UpdateImpl.java:118)
	at sun.reflect.GeneratedMethodAccessor750.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at ome.security.basic.EventHandler.invoke(EventHandler.java:154)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:241)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:116)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at com.sun.proxy.$Proxy81.saveAndReturnObject(Unknown Source)
	at sun.reflect.GeneratedMethodAccessor750.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:98)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at com.sun.proxy.$Proxy81.saveAndReturnObject(Unknown Source)
	at sun.reflect.GeneratedMethodAccessor833.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179)
	at ome.services.throttling.Callback.run(Callback.java:56)
	at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56)
	at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:149)
	at ome.services.blitz.impl.UpdateI.saveAndReturnObject_async(UpdateI.java:64)
	at sun.reflect.GeneratedMethodAccessor832.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at omero.cmd.CallContext.invoke(CallContext.java:59)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at com.sun.proxy.$Proxy82.saveAndReturnObject_async(Unknown Source)
	at omero.api._IUpdateTie.saveAndReturnObject_async(_IUpdateTie.java:92)
	at omero.api._IUpdateDisp.___saveAndReturnObject(_IUpdateDisp.java:185)
	at omero.api._IUpdateDisp.__dispatch(_IUpdateDisp.java:365)
	at IceInternal.Incoming.invoke(Incoming.java:159)
	at Ice.ConnectionI.invokeAll(ConnectionI.java:2037)
	at Ice.ConnectionI.message(ConnectionI.java:972)
	at IceInternal.ThreadPool.run(ThreadPool.java:577)
	at IceInternal.ThreadPool.access$100(ThreadPool.java:12)
	at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971)
    serverExceptionClass = ome.conditions.ApiUsageException
    message = No valid permissions available! DUMMY permissions are not intended for copying. Make sure that you have not passed omero.group=-1 for a save without context
}
----------------------------------------------------------------------

comment:2 Changed 6 years ago by jamoore

  • Cc java@… added
  • Milestone changed from OMERO-4.4.9 to OMERO-4.4.x

Since the actions are actually failing, pushing this along with #11375 out of 4.4.9. For reference, likely the only thing that has happened is that changes in the code path put a more stringent check before the previous check so that a new (perhaps less-specific) exception is being thrown. Though that's an API break, it's unclear when these happened, and by now, we may be relying on that new logic. This will require a brief discussion when the time comes.

comment:3 Changed 4 years ago by jamoore

  • Milestone changed from 5.x to Permissions
Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.79932 sec.)

We're Hiring!