Task #6620 (new)
Opened 13 years ago
Last modified 12 years ago
chgrp: security restrictions — at Initial Version
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | critical | Milestone: | OMERO-Beta4.3.2 |
Component: | Security | Version: | n.a. |
Keywords: | n.a. | Cc: | jburel |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | 2011-09-01 (4) |
Description
Restrictions
- As a group member, no moving data to a group that you're not a member of
- As a group owner, no moving other's data to a group that you're not an owner of
- As anyone, (partially) restrict move to group with lower permissions.
- ...
Open questions
- Should moving to the "user" group be allowed? The primary issue is one of testing. Are there any dead-ends that the data gets into, so that it can't get back out? (i.e. once someone links to an image in "user", then it could get stuck)
- Should users be able to move data from group A to B while logged into C? At the moment, they can't, but the ChgrpI implementation could login into A silently.
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.