Task #1731 (closed)
Review session.details.permissions usage (4.1 and beyond)
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | major | Milestone: | OMERO-Beta4.2 |
Component: | Security | Version: | 4.1 |
Keywords: | n.a. | Cc: | carlos@… |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | 0.0d |
Sprint: | 2010-04-02 (6) |
Description (last modified by jmoore)
The use of Permissions.DEFAULT here may be causing issues with setting the session permissions.
For the initial version, we will be restricting all object permissions to match the group permissions, which means that the use of umask and similar should be disabled and an exception added to catch explicit attempts.
Change History (15)
comment:1 Changed 14 years ago by jmoore
comment:2 Changed 14 years ago by jmoore
- Description modified (diff)
Semi-related to #1779 (see Carlos' comment).
comment:3 Changed 14 years ago by jmoore
- Description modified (diff)
comment:4 Changed 14 years ago by jmoore
- Type changed from defect to Task
comment:5 Changed 14 years ago by jmoore
- Sprint set to Sprint 2
comment:6 Changed 14 years ago by jmoore
- Status changed from new to assigned
comment:7 Changed 14 years ago by jmoore
From Jean-Marie:
I checked out the latest server code (r6126) and re-installed everything, my db was corrupted b/c of permissions test I was doing. I went through a fresh install twice just in case, and I still have the same error. Note that nothing during the process tells me that the install did not work.
Caused by: ome.conditions.PermissionMismatchGroupSecurityViolation: Manually setting permissions currently disallowed at ome.security.basic.OmeroInterceptor.newTransientDetails(OmeroInterceptor.java:477) at ome.security.basic.OmeroInterceptor.onSave(OmeroInterceptor.java:160) at org.hibernate.event.def.AbstractSaveEventListener.substituteValuesIfNecessary(AbstractSaveEventListener.java:394) at org.hibernate.event.def.AbstractSaveEventListener.performSaveOrReplicate(AbstractSaveEventListener.java:270) at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:181) at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:121) at org.hibernate.event.def.DefaultMergeEventListener.entityIsTransient(DefaultMergeEventListener.java:186) at org.springframework.orm.hibernate3.support.IdTransferringMergeEventListener.entityIsTransient(IdTransferringMergeEventListener.java:58) at ome.security.basic.MergeEventListener.entityIsTransient(MergeEventListener.java:135) at org.hibernate.event.def.DefaultMergeEventListener.onMerge(DefaultMergeEventListener.java:123) at ome.security.basic.MergeEventListener.onMerge(MergeEventListener.java:85) at org.hibernate.event.def.DefaultMergeEventListener.onMerge(DefaultMergeEventListener.java:53) n at ome.security.basic.MergeEventListener.onMerge(MergeEventListener.java:75) at org.hibernate.impl.SessionImpl.fireMerge(SessionImpl.java:677) at org.hibernate.impl.SessionImpl.merge(SessionImpl.java:661) at org.hibernate.impl.SessionImpl.merge(SessionImpl.java:665) at ome.logic.UpdateImpl.internalMerge(UpdateImpl.java:266) at ome.logic.UpdateImpl$2.run(UpdateImpl.java:120) at ome.logic.UpdateImpl$2.run(UpdateImpl.java:119) at ome.logic.UpdateImpl.doAction(UpdateImpl.java:304) at ome.logic.UpdateImpl.doAction(UpdateImpl.java:295) at ome.logic.UpdateImpl.saveAndReturnObject(UpdateImpl.java:117) at ome.services.scripts.ScriptUploader.createScript(ScriptUploader.java:182) at ome.services.scripts.ScriptUploader$1.doWork(ScriptUploader.java:121)
comment:8 Changed 14 years ago by jmoore
- Remaining Time set to 4
comment:9 Changed 14 years ago by jmoore
comment:10 Changed 14 years ago by jmoore
- Remaining Time changed from 4 to 1
comment:11 Changed 14 years ago by jmoore
- Owner jmoore deleted
- Status changed from assigned to new
comment:12 Changed 14 years ago by jmoore
- Sprint 2010-02-19 (3) deleted
comment:13 Changed 14 years ago by jmoore
- Sprint set to 2010-04-02 (6)
comment:14 Changed 14 years ago by jmoore
- Remaining Time changed from 1 to 0
- Resolution set to duplicate
- Status changed from new to closed
comment:15 Changed 14 years ago by jmoore
- Owner set to jmoore
Related to #1774