Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Task #9437 (closed)

Opened 7 years ago

Closed 7 years ago

Bug: Web showing two different user names

Reported by: saloynton Owned by: saloynton
Priority: major Milestone: OMERO-4.4.4
Component: Web Version: n.a.
Keywords: n.a. Cc: web-team@…, ux@…
Resources: n.a. Referenced By: n.a.
References: n.a. Remaining Time: n.a.
Sprint: n.a.

Description

  • I took the image link from IE 9 logged in as user 6 group-read annotate.
  • Pasted link into chrome
  • logged in as user 3 to confirm the image would not be shown.
  • logged out
  • logged in as user 6 to access the image
  • now I see user-6 in top right hand corner
  • but I see the group shown as group-read annotate user-3.

See screenshot attached.

Attachments (1)

diff in user name.png (41.6 KB) - added by saloynton 7 years ago.

Download all attachments as: .zip

Change History (7)

comment:1 Changed 7 years ago by wmoore

  • Owner changed from wmoore to saloynton

Is that the wrong screen-shot Scott? Doesn't seem to match the text.

Who is the owner of the image in your description? When you say "logged in as user 6 to access the image" did you follow the landing page url? Did it show you the image?

When you follow the ?show=image-<id> path, the data tree displayed will be for the image Owner and Group that the image is currently in.

comment:2 Changed 7 years ago by saloynton

  • Cc changed from web-team@openmicroscopy.org.uk, ux@openmicroscopy.org.uk, ux@openmicroscopy.org.uk to web-team@openmicroscopy.org.uk, ux@openmicroscopy.org.uk

Yes sorry Will the wrong screenshot is shown I will switch that over later as it on the other machine I was using for testing.

The correct screenshot is up but I did not copy in the URL to check if it was the already known problem. I shall re-test this now.

Last edited 7 years ago by saloynton (previous) (diff)

comment:3 Changed 7 years ago by saloynton

In trying to reproduce this error again I have had the following exception.
I was trying to log in as user-2 to the url that belongs to user-6. User-2 does definitely not have access to the image. 

Traceback (most recent call last):

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/django/core/handlers/base.py", line 111, in get_response
    response = callback(request, *callback_args, **callback_kwargs)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/decorators.py", line 376, in wrapped
    retval = f(request, *args, **kwargs)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/decorators.py", line 413, in wrapper
    context = f(request, *args, **kwargs)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/webclient/views.py", line 481, in load_data
    manager.listContainerHierarchy(filter_user_id)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/webclient/controller/container.py", line 275, in listContainerHierarchy
    self.experimenter = self.conn.getObject("Experimenter", eid)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero/gateway/__init__.py", line 2479, in getObject
    result = self.getQueryService().findByQuery(query, params, self.SERVICE_OPTS)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero/gateway/__init__.py", line 3286, in __call__
    return self.handle_exception(e, *args, **kwargs)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omeroweb/webclient/webclient_gateway.py", line 1875, in handle_exception
    e, *args, **kwargs)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero/gateway/__init__.py", line 3283, in __call__
    return self.f(*args, **kwargs)

  File "/home/omero/slave/workspace/OMERO-merge-green/src/dist/lib/python/omero_api_IQuery_ice.py", line 133, in findByQuery
    return _M_omero.api.IQuery._op_findByQuery.invoke(self, ((query, params), _ctx))

SecurityViolation: exception ::omero::SecurityViolation
{
    serverStackTrace = ome.conditions.SecurityViolation: User 3 is not a member of group 5 and cannot login
	at ome.security.basic.BasicSecuritySystem.loadEventContext(BasicSecuritySystem.java:380)
	at ome.security.basic.EventHandler.doLogin(EventHandler.java:210)
	at ome.security.basic.EventHandler.invoke(EventHandler.java:146)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:241)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:116)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at $Proxy75.findByQuery(Unknown Source)
	at sun.reflect.GeneratedMethodAccessor297.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:98)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at $Proxy75.findByQuery(Unknown Source)
	at sun.reflect.GeneratedMethodAccessor390.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179)
	at ome.services.throttling.Callback.run(Callback.java:56)
	at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56)
	at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:137)
	at ome.services.blitz.impl.QueryI.findByQuery_async(QueryI.java:92)
	at sun.reflect.GeneratedMethodAccessor389.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at omero.cmd.CallContext.invoke(CallContext.java:59)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at $Proxy76.findByQuery_async(Unknown Source)
	at omero.api._IQueryTie.findByQuery_async(_IQueryTie.java:113)
	at omero.api._IQueryDisp.___findByQuery(_IQueryDisp.java:342)
	at omero.api._IQueryDisp.__dispatch(_IQueryDisp.java:508)
	at IceInternal.Incoming.invoke(Incoming.java:159)
	at Ice.ConnectionI.invokeAll(ConnectionI.java:2037)
	at Ice.ConnectionI.message(ConnectionI.java:972)
	at IceInternal.ThreadPool.run(ThreadPool.java:577)
	at IceInternal.ThreadPool.access$100(ThreadPool.java:12)
	at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971)

    serverExceptionClass = ome.conditions.SecurityViolation
    message = User 3 is not a member of group 5 and cannot login
}


<WSGIRequest
GET:<QueryDict: {u'view': [u'tree']}>,
POST:<QueryDict: {}>,
COOKIES:{'sessionid': '216503d0eaa580f023bb95b6e9fb6220'},
META:{'DOCUMENT_ROOT': '/var/www',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT': 'text/html, */*; q=0.01',
 'HTTP_ACCEPT_CHARSET': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3',
 'HTTP_ACCEPT_ENCODING': 'gzip,deflate,sdch',
 'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.8',
 'HTTP_CONNECTION': 'keep-alive',
 'HTTP_COOKIE': 'sessionid=216503d0eaa580f023bb95b6e9fb6220',
 'HTTP_HOST': 'gretzky.openmicroscopy.org.uk',
 'HTTP_REFERER': 'http://gretzky.openmicroscopy.org.uk/webclient/?show=image-1770',
 'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11',
 'HTTP_X_REQUESTED_WITH': 'XMLHttpRequest',
 'PATH': '/usr/local/bin:/usr/bin:/bin',
 'PATH_INFO': u'/webclient/load_data/',
 'PATH_TRANSLATED': '/home/omero/OMERO-CURRENT/var/omero.fcgi/webclient/load_data/',
 'QUERY_STRING': 'view=tree',
 'REMOTE_ADDR': '10.34.1.155',
 'REMOTE_PORT': '63865',
 'REQUEST_METHOD': 'GET',
 'REQUEST_URI': '/webclient/load_data/?view=tree',
 'SCRIPT_FILENAME': '/home/omero/OMERO-CURRENT/var/omero.fcgi',
 'SCRIPT_NAME': u'',
 'SERVER_ADDR': '134.36.65.227',
 'SERVER_ADMIN': 'webmaster@localhost',
 'SERVER_NAME': 'gretzky.openmicroscopy.org.uk',
 'SERVER_PORT': '80',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SIGNATURE': '<address>Apache/2.2.14 (Ubuntu) Server at gretzky.openmicroscopy.org.uk Port 80</address>\n',
 'SERVER_SOFTWARE': 'Apache/2.2.14 (Ubuntu)',
 'wsgi.errors': <flup.server.fcgi_base.TeeOutputStream object at 0x499b6d0>,
 'wsgi.input': <flup.server.fcgi_base.InputStream object at 0x4910cd0>,
 'wsgi.multiprocess': True,
 'wsgi.multithread': False,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}>

Changed 7 years ago by saloynton

comment:4 Changed 7 years ago by wmoore

I think this is a different issue caused by switching users without logging out? I created a ticket #9448

I just tried logging in as user-3, logging out and logging in as user-6, but didn't get shown user-3 data (as in screen-shot). Any ideas? If you repeat the steps above, do you still get the same screen-shot? Could you try it and capture the url too - would help a lot, Cheers,

comment:5 Changed 7 years ago by eehill

closing as Scott says this was not reproducible.

comment:6 Changed 7 years ago by eehill

  • Resolution set to worksforme
  • Status changed from new to closed
Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.80645 sec.)

© 2000-2014 University of Dundee & Open Microscopy Environment. Creative Commons Attribution 3.0 Unported License
OME source code is available under the GNU General public license or through commercial license from Glencoe Software

We're Hiring!