Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

One-click-importer permission issue for non-superusers #6713

Closed
mark-de-haan opened this issue Sep 22, 2017 · 5 comments
Closed

One-click-importer permission issue for non-superusers #6713

mark-de-haan opened this issue Sep 22, 2017 · 5 comments
Assignees
@dennishendriksen
Labels
5.1 bug mod:one-click-importer
Milestone
Sprint 109

Comments

@mark-de-haan
Copy link
Contributor

mark-de-haan commented Sep 22, 2017
edited by sidohaakma
Loading

How to Reproduce

Create a user with:

  • View permissions on one click importer plugin, OneClickImporterJobExecution
  • View permissions on dataexplorer and dataexplorer-settings and genomebrowsersettings and attributes
  • Write permissions on attribute, entityType, Package
  • Login as user
  • Import a simple csv or xlsx
  • Click the link to the dataexplorer

Expected behavior

I can see my data

Observed behavior

Error
After looking at permissions on the EntityType, I can see the user has none
@mark-de-haan mark-de-haan added this to the Sprint 108 milestone Sep 22, 2017
@mswertz mswertz modified the milestones: Sprint 109, Sprint 109 apps Sep 25, 2017
@mark-de-haan
Copy link
Contributor Author

Note

It works after logging out and logging in

@mark-de-haan
Copy link
Contributor Author

Note

/**
 * Updates current user permissions as system user, changes take effect immediately.
 */
public interface PermissionSystemService
{
	void giveUserWriteMetaPermissions(EntityType entityType);

	void giveUserWriteMetaPermissions(Collection<EntityType> entityTypes);
}

changes take effect immediately

Is not true apparently

@mark-de-haan mark-de-haan self-assigned this Sep 26, 2017
@mark-de-haan
Copy link
Contributor Author

Note

private void updateSecurityContext(SecurityContext context, Collection<? extends GrantedAuthority> authorities)

Creates a new Authentication, but does not include the authorities passed down as parameter

@mark-de-haan
Copy link
Contributor Author

Passing this to platform @fdlk @dennishendriksen

@mark-de-haan mark-de-haan removed their assignment Sep 26, 2017
@dennishendriksen dennishendriksen self-assigned this Sep 28, 2017
@dennishendriksen
Copy link
Contributor

dennishendriksen commented Sep 28, 2017
edited
Loading

I get the error:
Import failed; No [WRITE] permission on entity type [Package] with id [sys_md_Package]
When I grant WRITE permissions on entity type Package to the user I get:
Import failed; No [WRITE] permission on entity type [Entity type] with id [sys_md_EntityType]
When I grant WRITE permissions on entity type EntityType to the user I get:
Import failed; No [WRITE] permission on entity type [Attribute] with id [sys_md_Attribute]
When I grant WRITE permissions on entity type Attribute to the user I get:

HTTP ERROR 403
Problem accessing /menu/main/dataexplorer. Reason:
Access is denied

When I grant READ permissions on plugin 'dataexplorer' and READ permissions on entity type 'sys_set_dataexplorer', 'sys_genomebrowser_GenomeBrowserAttributesMetadata' and 'sys_genomebrowser_GenomeBrowserSettingsMetadata' to the user I get the following error:

Error! An error occurred. Please contact the administrator.
Message:Unknown entity [aaaacxwibwxsqgg36jrg2zaaam]

@dennishendriksen dennishendriksen changed the title When uploading files as a user in the one-click-importer, I do not get permissions on the created tables One-click-importer data permission issue for non-superusers Sep 28, 2017
@dennishendriksen dennishendriksen changed the title One-click-importer data permission issue for non-superusers One-click-importer permission issue for non-superusers Sep 28, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dennishendriksen dennishendriksen

Labels
5.1 bug mod:one-click-importer
Projects
None yet
Milestone
Sprint 109
Development

No branches or pull requests
4 participants
@mswertz @dennishendriksen @mark-de-haan @LuukDijkhuis