Task #11465 (closed)
Bug: IAdmin allows dangerous modification of admin tables
Reported by: | jamoore | Owned by: | mtbcarroll |
---|---|---|---|
Priority: | blocker | Milestone: | 5.0.0-rc1 |
Component: | API | Version: | 4.4.8 |
Keywords: | n.a. | Cc: | java@…, wmoore |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | 0.0d |
Sprint: | OMERO 5 Beta 2 (1) |
Description
As described in #10209, it is possible to perform several actions which leave one or more users or groups unusable:
- rename one of the groups: system, user
- rename one of the users: root, guest
- remove root from user or system
- remove the current user (if admin) from system
Rather than prevent this at the SQL level in 4.4.9, we can instead modify ome.logic.AdminImpl to check for these actions and raise a ValidationException (i.e. requested data change is invalid).
The javadocs on ome.api.IAdmin should be modified to describe the new limitations, and tests written in either Java or Python. (Internal integration tests in the server/ component would suffice)
Note: it will still be possible to perform the requested actions directly via IUpdate, but that may be an acceptable compromise for 4.4.9.
Change History (15)
comment:1 Changed 11 years ago by mtbcarroll
- Sprint set to Blocker 4.4.9 (1)
comment:2 Changed 11 years ago by mtbcarroll
- Status changed from new to accepted
comment:3 Changed 11 years ago by atarkowska
comment:4 Changed 11 years ago by mtbcarroll
So, we should have a ValidationException when there is an attempt to remove a user from the only group of which they're a member?
comment:5 Changed 11 years ago by mtbcarroll
- Resolution set to fixed
- Status changed from accepted to closed
comment:6 Changed 11 years ago by Colin Blackburn <colin@…>
(In [9e1f87f263074d412a4a13ba9f579a7c2c1d831f/ome.git] on branch develop) adding decorator to failing test, see #11465
comment:7 Changed 11 years ago by Mark Carroll <m.t.b.carroll@…>
- Remaining Time set to 0
(In [958b56cc95960ae4198cd43a7e5b4101011d7d0a/ome.git] on branch develop) fix #11465: add further admin action validation
Conflicts:
components/server/src/ome/logic/AdminImpl.java
comment:8 Changed 11 years ago by Josh Moore <josh@…>
(In [69367aba4c3c7d473b83e148e5d3466261f2b948/ome.git] on branch develop) Merge pull request #1595 from mtbc/11465-admin-checks
fix #11465: add validation checks for admin service (rebased)
comment:9 Changed 10 years ago by jburel
- Milestone changed from OMERO-4.4.9 to 5.0.0-beta2
- Resolution fixed deleted
- Sprint changed from Blocker 4.4.9 (1) to OMERO 5 Beta 2 (1)
- Status changed from closed to reopened
The remote Roles guest groupID and guest ID are not correct.
They are currently equal to 0 i.e. system group.
Found the issue while working on https://github.com/openmicroscopy/openmicroscopy/pull/1753
Moving to Beta2 so it appears in the list of ticket to be fixed before we can release.
comment:10 Changed 10 years ago by mtbcarroll
- Resolution set to fixed
- Status changed from reopened to closed
comment:11 Changed 10 years ago by jean-marie burel <j.burel@…>
(In [78ca348d3e00d3a06dc0a9b05bf7b19dc6144d62/ome.git] on branch develop) Merge pull request #1832 from mtbc/trac-11465-populate-roles
fix #11465: properly populate roles proxy object
comment:12 Changed 10 years ago by Aleksandra Tarkowska <A.Tarkowska@…>
(In [d51f43e2344ff8d5d4329600e2c9f79bf34c5123/ome.git]on branches master, dev_4_4) adding decorator to failing test, see #11465
comment:13 Changed 10 years ago by cneves <carlos@…>
(In [5ffad467df78bff371777726fd24e9e5ad4648ea/ome.git]on branches master, dev_4_4) Merge pull request #4 from aleksandra-tarkowska/dev/web_pytest_4_4
adding decorator to failing test, see #11465
comment:14 Changed 10 years ago by Mark Carroll <m.t.b.carroll@…>
(In [15f31f9133575776f5afaa03c1facf49551ff45b/ome.git]on branches master, dev_4_4) fix #11465: add further admin action validation
comment:15 Changed 10 years ago by Josh Moore <josh@…>
(In [c83023d54d677ed824f4bb65f043df592fb390cb/ome.git]on branches master, dev_4_4) Merge pull request #1537 from mtbc/11465-admin-checks
fix #11465: add validation checks for admin service
In the PR 1460 another bug was picked up. After closer look at the failing tests it turned out that it's a bug:
User who is a member of one group shouldn't be removed from that group because 'USER' group will become his default. Webadmin prevents from doing that while rendering list of groups that can't be empty, but not API.