Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #5933 (new)

Opened 8 years ago

Last modified 8 years ago

LIM: Data access by not-in-group user

Reported by: atarkowska Owned by: jamoore
Priority: critical Milestone: Unscheduled
Component: Security Version: n.a.
Keywords: n.a. Cc: saloynton, jburel, cxallan
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: n.a.

Description (last modified by atarkowska)

Once user imported the data in context of current active group, those data is no longer transferable to other contexts. Because Omero allows free user transfer between groups then user might end up with the situation of "loosing" the data (data is still in the system but no longer visible for the owner). Similar problem can be faced by admins (member of group "system"). That user should be able to access every single object created in the system regardless which group is a member of.

Questions:

  • How ex-member of the group could access his own data while is no longer a member of the group?
  • How admin could access the data if is not a member of group?

Solutions:

  • Ability to create session in particular context of a group

Change History (2)

comment:1 Changed 8 years ago by atarkowska

  • Description modified (diff)

comment:2 Changed 8 years ago by jmoore

  • Cc jburel cxallan added
  • Milestone changed from OMERO-Beta4.3.1 to Unscheduled

After some discussion (Jean-Marie, Chris, Josh), the impact of this is quite large. Pushing to "Unscheduled" for more evaluation.

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.88804 sec.)

We're Hiring!