Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #6620 (new)

Opened 13 years ago

Last modified 12 years ago

chgrp: security restrictions — at Initial Version

Reported by: jamoore Owned by: jamoore
Priority: critical Milestone: OMERO-Beta4.3.2
Component: Security Version: n.a.
Keywords: n.a. Cc: jburel
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: 2011-09-01 (4)

Description

Restrictions

  • As a group member, no moving data to a group that you're not a member of
  • As a group owner, no moving other's data to a group that you're not an owner of
  • As anyone, (partially) restrict move to group with lower permissions.
  • ...

Open questions

  • Should moving to the "user" group be allowed? The primary issue is one of testing. Are there any dead-ends that the data gets into, so that it can't get back out? (i.e. once someone links to an image in "user", then it could get stuck)
  • Should users be able to move data from group A to B while logged into C? At the moment, they can't, but the ChgrpI implementation could login into A silently.

Change History (0)

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.69337 sec.)

© 2000-2014 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 3.0 Unported License
OME source code is available under the GNU General public license or through commercial license from Glencoe Software

We're Hiring!