Task #8710 (new)
Opened 12 years ago
Last modified 12 years ago
Review canChgrp()
Reported by: | wmoore | Owned by: | jamoore |
---|---|---|---|
Priority: | major | Milestone: | Unscheduled |
Component: | Services | Version: | n.a. |
Keywords: | n.a. | Cc: | atarkowska, cxallan, jburel |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description
devteam chat:
(Needs further discussion)
Josh - am I right in thinking that you can't chgrp an object unless you own it? josh or are group/system admin. Will Moore If group owner moves data belonging to another group member, does that change the ownership or do they have to move it to another group that the data-owner is a member? josh 09:42 At the moment, neither. Membership in a group is not required for a user to own data in a group. Will Moore If the data-owner is not in the same group as the data, I imagine the data won't show up in the clients 09:46 since we always browse data under users in a group josh Hmmm….good point. Will Moore Easiest is to only allow data-owner to move data If group-owner were to move data belonging to another member, which groups can they move it to? Do they have to be group owner of destingation groups? or just group member? josh at the moment, a member of the target group. btw, to do this, we'd need to add a "canChgrp" permission. Will Moore So, they could move it there, but not necessarily be able to move it back? josh Correct.
Change History (15)
comment:1 Changed 12 years ago by wmoore
comment:2 Changed 12 years ago by jburel
- Sprint changed from 2012-05-08 (14) to 2012-05-22 (15)
Moved from sprint 2012-05-08 (14)
comment:3 Changed 12 years ago by wmoore
After discussion in today's meeting, decided that clients will limit chgrp to data owners and Admins only.
So, this ticket can be closed as far as canChgrp() is concerned, but you may want to keep it for the stack trace (for when a group-owner moves data belonging to another group member. Although we are not going to try and support it in clients. Maybe we don't want server to support this anyway).
comment:4 Changed 12 years ago by Will Moore <will@…>
(In [dbe414d5cfe0122550fade1b4f6f703fc90b6e45/ome.git] on branch develop) Adding canChgrp() to Blitz Gateway with client-side logic. See #8710
We return True if the current user is the owner of the data OR the owner of the group
that the data is in OR is an Admin
comment:5 Changed 12 years ago by Will Moore <will@…>
(In [524bcff63cc8ddbbd79144f0c937e344ffe094b3/ome.git] on branch develop) Adding canChgrp flag to jsTree nodes, update right-click menu. See #8710
comment:6 Changed 12 years ago by Will Moore <will@…>
(In [d07dd935a1cf71938612d36679ae91d03e36e98b/ome.git] on branch develop) Small fixes to Activities chgrp. See #8710
This fixes the fact that the chgrpfailed? flag did not get updated
in the request.session, so that we tried to retrieve this callback again
and failed at checkedCast.
comment:7 Changed 12 years ago by Will Moore <will@…>
(In [bb582bbdd9747ad10ca2873fb8199377de2cf1c6/ome.git] on branch develop) canChgrp() only True for Admins or Data-Owners. See #8710
comment:8 Changed 12 years ago by jmoore
- Sprint changed from 2012-05-22 (15) to 2012-06-05 (16)
- Summary changed from canChgrp() to Bug: canChgrp()
Marking as a bug to make sure only the proper roles can chgrp.
comment:9 Changed 12 years ago by jburel
- Sprint changed from 2012-06-05 (16) to 2012-06-19 (17)
Moved from sprint 2012-06-05 (16)
comment:10 Changed 12 years ago by jmoore
- Priority changed from critical to major
comment:11 Changed 12 years ago by jburel
- Sprint changed from 2012-06-19 (17) to 2012-07-03 (18)
Moved from sprint 2012-06-19 (17)
comment:12 Changed 12 years ago by jburel
- Sprint changed from 2012-07-03 (18) to 2012-07-17 (19)
Moved from sprint 2012-07-03 (18)
comment:13 Changed 12 years ago by jmoore
- Milestone changed from OMERO-Beta4.4 to OMERO-Beta4.4.1
- Sprint 2012-07-17 (19) deleted
Moving to 4.4.1 for review.
comment:14 Changed 12 years ago by jmoore
- Milestone changed from OMERO-4.4.3 to OMERO-4.5
- Summary changed from Bug: canChgrp() to Review canChgrp()
Moving to the next larger milestone for review.
comment:15 Changed 12 years ago by jmoore
- Milestone changed from OMERO-4.5 to Unscheduled
Moving to unscheduled with and in #8100
If I am an owner of the group and I try to chgrp data belonging to another user via 'old API'