Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"
User Story #1434 (new)
Re-enable group permissions support
— at Initial Version
Reported by:
jamoore
Owned by:
jamoore
Priority:
critical
Milestone:
OMERO-Beta4.1
Component:
Security
Keywords:
n.a.
Cc:
jrswedlow , jburel , cxallan , bwzloranger , atarkowska , jmwallach@…, carlos@…
Story Points:
n.a.
Sprint:
n.a.
Importance:
n.a.
Total Remaining Time:
0.0d
Estimated Remaining Time:
n.a.
Server changes:
IAdmin limits each user to a single group (?)
"user" group becomes the "user private space"
No object can be linked to an object of another group, regardless
of permissions.
All returned graphs are group-consistent, i.e. consist only of
objects from a single group (with the exception of system types)
thumbnails, annotation links, etc. become a new type of object:
"shared" (or similar) which don't prevent delete.
Gui changes:
"Move Y to group" - like the deleteY() methods, this would move an
entire graph to a user's "group space". There may need to be some
duplicating of tags, etc.
Login option: "private space" or "group space"
Upgrade:
Move all data to the private group and let users
selectively publish data to the "group space"
Error if any user is a member of more than one group.
See also:
References
Referenced by:
← Requirement (#1854 ): Permissions
References:
→ Task (#2039 ): rollback #337 (remove locking)
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1974 ): Use Session.useragent for identifying active sessionss
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2032 ): Thumbnail caching bugs
(
Owner : cxallan
Remaining Time : 0
)
→ Task (#1801 ): Thumbnail / Rendering will need to be permissions-aware
(
Owner : cxallan
Remaining Time : 0
)
→ Task (#2196 ): Throw a SessionException if setSecurityContext called during active method
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2487 ): Tag in collaborative groups
(
Owner : jburel
)
→ Task (#2144 ): SecurityViolation on ExperimenterAnnotationLink
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1731 ): Review session.details.permissions usage (4.1 and beyond)
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2082 ): Rendering settings and permissions
(
Owner : cxallan
Remaining Time : 0
)
→ Task (#2105 ): Permissions demo (Sprint 6)
(
Owner : cxallan
)
→ Task (#2031 ): Permissions demo (Sprint 5)
(
Owner : cxallan
)
→ Task (#1929 ): Permissions demo (Sprint 4)
(
Owner : jburel
Remaining Time : 0
)
→ Task (#1784 ): Permissions : problems with Scripting service
(
Remaining Time : 0
)
→ Task (#1775 ): Permissions : createGroup from python always leads to public group
(
Owner : jamoore
)
→ Task (#1791 ): Permissions : User photos broken
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1783 ): Permissions : Sensible default permissions for initial groups
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1771 ): Permissions : Refine security filter
(
Owner : jamoore
)
→ Task (#1776 ): Permissions : Prevent inappropriate permission changes in IObjects
(
Owner : jamoore
)
→ Task (#1792 ): Permissions : Linking restriction is too strict.
(
Owner : jamoore
)
→ Task (#1817 ): Permissions : Keep track of previous security context
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1769 ): Permissions : Handle admin/PI viewing/annotating in private group
(
Owner : jamoore
)
→ Task (#1767 ): Permissions : Enumerations should be global objects
(
Owner : jamoore
)
→ Task (#1794 ): Permissions : Define exceptions to standard group permissions (#1434)
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1764 ): Permissions : Allow root to login to any group even if not member
(
Owner : jamoore
)
→ Task (#1766 ): Permissions : Allow group ownership by more than one PI
(
Owner : jamoore
)
→ Task (#1781 ): Permissions : Allow group owners to manage own group
(
Owner : jamoore
)
→ Task (#1762 ): Permissions : All returned graphs are group/perms consistent
(
Owner : jamoore
)
→ Task (#1778 ): Permissions : Add addGroupOwners and removeGroupOwners
(
Owner : jamoore
)
→ Task (#1992 ): Move to READ-ONLY / READ-LINK rather than READ-WRITE
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#445 ): Logging in as root with a non-system group prevents administration.
(
Owner : jamoore
Keywords : login
)
→ Task (#1975 ): ISession methods for listing sessions
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1996 ): Fix read-write group thumbnail retrieval
(
Owner : cxallan
Remaining Time : 0
)
→ Task (#2295 ): Document Delete Permissions
(
Owner : wmoore
)
→ Task (#2079 ): Create-Image Permissions
→ Task (#2088 ): Check group/share on setSecurityContext not on use
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1310 ): Changing active group
(
Owner : jamoore
)
→ Task (#2008 ): Bug: Settings reset on another user's image does not work
(
Owner : cxallan
Remaining Time : 0
)
→ Task (#2055 ): BUG:Feedback 2341 - rating multiple images throws
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2203 ): BUG: loadAnnotations not load avatar
(
Owner : atarkowska
)
→ Task (#2269 ): BUG: group re-relogin not working (Feedback 2389)
(
Owner : bwzloranger
Remaining Time : 0
)
→ Task (#2265 ): BUG: getEventContext does not recognize read-only group
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2274 ): BUG: Thumbnail and caching
(
Owner : cxallan
)
→ Task (#2071 ): BUG: Thumbnail Permissions
(
Owner : cxallan
)
→ Task (#2038 ): BUG: Tag loading IMetadata
(
Owner : jburel
Remaining Time : 0
)
→ Task (#2058 ): BUG: SecurityViolation when updating avatar
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1798 ): BUG: SecurityFilter doesn't seem to be applied to ExperimenterAnnotationLink
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2267 ): BUG: Plate thumbnails
(
Owner : jburel
)
→ Task (#2195 ): BUG: Need group info in importer (Feedback 2370)
(
Owner : bwzloranger
)
→ Task (#2063 ): BUG: NPE when setPixelsId() is called on an unreadable Pixels ID
(
Owner : cxallan
Remaining Time : 0
)
→ Task (#2202 ): BUG: Importer has inconsistant group login dialog and behaviour
(
Owner : bwzloranger
Remaining Time : 0
)
→ Task (#2497 ): BUG: IUpdate.indexObject broken for objects not in current group
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1704 ): BUG: ISession.update is broken wrt defaultPermissions and perhaps other
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1779 ): BUG : permissions of non-group system types is influenced by current group
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#1940 ): Allow users to login to public groups
(
Owner : jamoore
Remaining Time : 0
)
→ Task (#2040 ): Add group support back into importer
(
Owner : bwzloranger
Remaining Time : 0
)
→ Task (#2215 ): Add group icons/text to importer
(
Owner : bwzloranger
Remaining Time : 0
)
→ Task (#967 ): Add defaultGroup field to Session table.
(
Owner : jamoore
Remaining Time : 0
)
Download in other formats:
1.3.13-PRO © 2008-2011
Agilo Software all
rights reserved
(this page was served in: 0.185252 sec.)