Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #441 (closed)

Opened 18 years ago

Closed 12 years ago

Consider canWrite method on IAdmin.

Reported by: jamoore Owned by: jamoore
Priority: major Milestone: OMERO-4.4
Component: API Version: 3.0-Beta1
Keywords: security Cc: jrswedlow, cxallan, jburel
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: n.a.

Description

Rather than requiring this logic to be written by the user each time:

		if (p.isGranted(Role.WORLD, Right.WRITE)
				|| (uid.equals(e.getId()) && p
						.isGranted(Role.USER, Right.WRITE))
				|| (gid.equals(g.getId()) && p.isGranted(Role.GROUP,
						Right.WRITE))) {
			canWrite = true;
		}

just provide:

IAdmin.canWrite(IObject)

IAdmin.canRead() is most likely not necessary since a user shouldn't have the object in the first place!

Change History (1)

comment:1 Changed 12 years ago by jmoore

  • Milestone changed from GatherReqs to OMERO-Beta4.4
  • Resolution set to invalid
  • Status changed from new to closed

Added long ago:

commit 73da29ba07fc80c54bda7c4f9a32a2be4fd8ee3d
Author: jmoore <jmoore@05709c45-44f0-0310-885b-81a1db45b4a6>
Date:   Mon Jan 12 08:49:39 2009 +0000

    Beta4 : Initial fixes after patching from JCB DV
    
     * Added new_ImageI() for OmeroCpp tests
     * Various fixes to omero/__init__.py
     * Missing canUpdate patch from 8c60854573a52e602167ef16ff2cfb721dd61385
    
    
    git-svn-id: file:///home/svn/omero/trunk@3282 05709c45-44f0-0310-885b-81a1db45b4a6

diff --git a/components/common/src/ome/api/IAdmin.java b/components/common/src/ome/api/IAdmin.java
index 243b8ef..924425d 100644
--- a/components/common/src/ome/api/IAdmin.java
+++ b/components/common/src/ome/api/IAdmin.java
@@ -44,6 +44,13 @@ import ome.system.Roles;
  */
 public interface IAdmin extends ServiceInterface {
 
+    /**
+     * Returns true if the currently logged in user can modify the given
+     * {@link IObject}. This uses the same logic that would be applied during
+     * a Hibernate flush to the database.
+     */
+    boolean canUpdate(IObject obj);
Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.73113 sec.)

© 2000-2014 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 3.0 Unported License
OME source code is available under the GNU General public license or through commercial license from Glencoe Software

We're Hiring!