New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Owner of collection not recognized #1084

Open
MPDLbrede opened this Issue Nov 7, 2018 · 4 comments

Comments

Projects
None yet
2 participants
@MPDLbrede

MPDLbrede commented Nov 7, 2018

Testserver: dev imeji
Browser: ff
Version: version 4.3.2-SNAPSHOT - build date 2018-11-06 14:54:10
User: user

Current situation: The owner of a collection is not treated as collection owner (i.e. action menu only shows "share" and "edit", owner cannot manage the collection) when the owner belongs to a user group and the collection is shared with that user group.

Expected Result: The owner of a collection has always the access and choices of an owner.

@MPDLbrede MPDLbrede added the bug label Nov 7, 2018

@MPDLbrede MPDLbrede self-assigned this Nov 7, 2018

@MPDLbrede

This comment has been minimized.

MPDLbrede commented Nov 7, 2018

Apparently the owner's admin grant in Jena (Triple of type <user/k89hjgrfghk>"ADMIN, collection789456728") is overwritten with an edit grant when the owner belongs to a usergroup that the collection is shared with. If the owner is deleted from that usergroup later on, the edit grant is removed and no grant exists for the collection in Jena.

@MPDLbrede

This comment has been minimized.

MPDLbrede commented Nov 7, 2018

Meanwhile in ElasticSearch the collection exists and has a reference to its owner. In Jena the collection doesn't exist.

@MPDLbrede

This comment has been minimized.

MPDLbrede commented Nov 7, 2018

Edit grant overwrites admin grant in Jena when a collection is shared with its owner.

@MPDLbrede MPDLbrede added this to the imeji 4.3 milestone Nov 8, 2018

MPDLbrede added a commit that referenced this issue Nov 8, 2018

#1084 Prevent that an admin user can share a collection to it's owner
- Before: Code checked that a collection cannot be shared to the
  user who is sharing the collection. In case of an admin
  user sharing an other user's collection it was still possible
  to share a collection to its owner. As a result the owner's
  admin grant for the collection was overwritten in Jena with an
  edit grant and this edit grant could be removed by revoking the
  sharing. This created owners without grants to their own
  collections.
- Now: Code checks that a collection cannot be shared to it's owner.
@hofmannc

This comment has been minimized.

hofmannc commented Nov 13, 2018

Testserver: qa imeji
Browser: ff
Version: version 4.3.1 - build date 2018-11-12 16:36:13
User: admin

result: ok, behaviour not repcoducible: admin ist not able to share with his own account

@MPDLbrede user is able to share with a user group he is member with. This is intented, isnt't it? Since this action does not reset user's admin grants, I think, this is not a problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment