Example #1
0
    def testGroupOwners(self):
        # this is the test of creating private group and updating it
        # including changes in #1434
        uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
        query = self.root.sf.getQueryService()
        update = self.root.sf.getUpdateService()
        admin = self.root.sf.getAdminService()

        # create group1
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring("group1_%s" % uuid)
        p = PermissionsI()
        p.setUserRead(True)
        p.setUserWrite(True)
        p.setGroupRead(True)
        p.setGroupAnnotate(False)
        p.setGroupWrite(False)
        p.setWorldRead(False)
        p.setWorldAnnotate(False)
        p.setWorldWrite(False)
        new_gr1.details.permissions = p
        g1_id = admin.createGroup(new_gr1)
        gr1 = admin.getGroup(g1_id)

        # create user1
        new_exp1 = ExperimenterI()
        new_exp1.omeName = rstring("user1_%s" % uuid)
        new_exp1.firstName = rstring("New")
        new_exp1.lastName = rstring("Test")
        new_exp1.email = rstring("*****@*****.**")

        uuid = self.uuid()
        uuidGroup = ExperimenterGroupI()
        uuidGroup.name = rstring(uuid)
        uuidGroupId = admin.createGroup(uuidGroup)
        uuidGroup = ExperimenterGroupI(uuidGroupId, False)
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))
        eid1 = admin.createExperimenterWithPassword(new_exp1, rstring("ome"), uuidGroup, listOfGroups)
        exp1 = admin.getExperimenter(eid1)

        # set owner of the group (user is not a member of)
        admin.addGroupOwners(gr1, [exp1])
        # chech if is the leader
        leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
        self.assertTrue(gr1.id.val in leaderOfGroups)

        # remove group owner
        admin.removeGroupOwners(gr1, [exp1])
        # chech if no longer is the leader
        leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
        self.assertFalse(gr1.id.val in leaderOfGroups)

        """
    def test1109(self):
        uuid = self.uuid()
        admin = self.root.sf.getAdminService()

        # Replace defaultGroup with something new
        defaultGroup = self.new_group()

        # create data
        #group1
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring("group1_%s" % uuid)
        gid = admin.createGroup(new_gr1)

        #new user1
        new_exp = ExperimenterI()
        new_exp.omeName = rstring("user_%s" % uuid)
        new_exp.firstName = rstring("New")
        new_exp.lastName = rstring("Test")
        new_exp.email = rstring("*****@*****.**")

        listOfGroups = list()
        # defaultGroup = admin.lookupGroup("default") Removed in 4.2
        listOfGroups.append(admin.getGroup(gid))
        listOfGroups.append(admin.lookupGroup("user"))

        eid = admin.createExperimenter(new_exp, defaultGroup, listOfGroups)

        #test
        exp = admin.getExperimenter(eid)
        #print "exp: ", exp.id.val, " his default group is: ", admin.getDefaultGroup(exp.id.val).id.val

        gr1 = admin.getGroup(2)
        indefault = admin.containedExperimenters(gr1.id.val)
        # print "members of group %s %i" % (gr1.name.val, gr1.id.val)
        for m in indefault:
            if m.id.val == exp.id.val:
                assert m.copyGroupExperimenterMap()[0].parent.id.val == admin.getDefaultGroup(exp.id.val).id.val
                # print "exp: id=", m.id.val, "; GEM[0]: ", type(m.copyGroupExperimenterMap()[0].parent), m.copyGroupExperimenterMap()[0].parent.id.val

        gr2 = admin.getGroup(gid)
        members2 = admin.containedExperimenters(gr2.id.val)
        # print "members of group %s %i" % (gr2.name.val, gr2.id.val)
        for m in members2:
            if m.id.val == exp.id.val:
                copied_id = m.copyGroupExperimenterMap()[0].parent.id.val
                got_id = admin.getDefaultGroup(exp.id.val).id.val
                contained = admin.containedGroups(m.id.val)
                assert copied_id == got_id,\
                """
                %s != %s. Groups for experimenter %s = %s (graph) or %s (contained)
                """ % ( copied_id, got_id, exp.id.val, [ x.parent.id.val for x in m.copyGroupExperimenterMap() ], [ y.id.val for y in contained ] )
Example #3
0
    def testLinkGroupAndUser(self):
        user = ExperimenterI()
        group = ExperimenterGroupI()
        link = GroupExperimenterMapI()

        link.id = rlong(1)
        link.link(group, user)
        user.addGroupExperimenterMap(link, False)
        group.addGroupExperimenterMap(link, False)

        count = 0
        for i in user.iterateGroupExperimenterMap():
            count += 1

        self.assert_(count == 1)
Example #4
0
    def testLinkViaLink(self):
        user = ExperimenterI()
        user.setFirstName(rstring("test"))
        user.setLastName(rstring("user"))
        user.setOmeName(rstring("UUID"))
        user.setLdap(rbool(False))

        # possibly setOmeName() and setOmeName(string) ??
        # and then don't need omero/types.h

        group = ExperimenterGroupI()
        # TODOuser.linkExperimenterGroup(group)
        link = GroupExperimenterMapI()
        link.parent = group
        link.child = user
Example #5
0
    def testLinkGroupAndUser(self):
        user = ExperimenterI()
        group = ExperimenterGroupI()
        link = GroupExperimenterMapI()

        link.id = rlong(1)
        link.link(group, user)
        user.addGroupExperimenterMap(link, False)
        group.addGroupExperimenterMap(link, False)

        count = 0
        for i in user.iterateGroupExperimenterMap():
            count += 1

        assert count == 1
Example #6
0
 def testGetAttrSetAttrDetails(self):
     d = DetailsI()
     assert None == d.owner
     d.owner = ExperimenterI()
     assert d.owner
     d.owner = None
     assert None == d.owner
     d.ice_preMarshal()
Example #7
0
 def testGetAttrSetAttrDetails(self):
     d = DetailsI()
     self.assert_(None == d.owner)
     d.owner = ExperimenterI()
     self.assert_(d.owner)
     d.owner = None
     self.assert_(None == d.owner)
     d.ice_preMarshal()
Example #8
0
    def add(self, args):
        email = args.email
        login = args.username
        first = args.firstname
        middle = args.middlename
        last = args.lastname
        inst = args.institution
        pasw = args.userpassword

        import omero
        from omero.rtypes import rstring
        from omero_model_ExperimenterI import ExperimenterI as Exp
        from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp
        c = self.ctx.conn(args)
        p = c.ic.getProperties()
        e = Exp()
        e.omeName = rstring(login)
        e.firstName = rstring(first)
        e.lastName = rstring(last)
        e.middleName = rstring(middle)
        e.email = rstring(email)
        e.institution = rstring(inst)
        admin = c.getSession().getAdminService()

        try:
            usr = admin.lookupExperimenter(login)
            if usr:
                if args.ignore_existing:
                    self.ctx.out("User exists: %s (id=%s)" % (login, usr.id.val))
                    return
                else:
                    self.ctx.die(3, "User exists: %s (id=%s)" % (login, usr.id.val))
        except omero.ApiUsageException, aue:
            pass # Apparently no such user exists
Example #9
0
    def testGroupOwners(self):
        # this is the test of creating private group and updating it
        # including changes in #1434
        uuid = self.uuid()
        admin = self.root.sf.getAdminService()

        # create group1
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring("group1_%s" % uuid)
        new_gr1.ldap = rbool(False)
        p = PermissionsI()
        p.setUserRead(True)
        p.setUserWrite(True)
        p.setGroupRead(True)
        p.setGroupAnnotate(False)
        p.setGroupWrite(False)
        p.setWorldRead(False)
        p.setWorldAnnotate(False)
        p.setWorldWrite(False)
        new_gr1.details.permissions = p
        g1_id = admin.createGroup(new_gr1)
        gr1 = admin.getGroup(g1_id)

        # create user1
        new_exp1 = ExperimenterI()
        new_exp1.omeName = rstring("user1_%s" % uuid)
        new_exp1.firstName = rstring("New")
        new_exp1.lastName = rstring("Test")
        new_exp1.ldap = rbool(False)
        new_exp1.email = rstring("*****@*****.**")

        uuid = self.uuid()
        uuidGroup = ExperimenterGroupI()
        uuidGroup.name = rstring(uuid)
        uuidGroup.ldap = rbool(False)
        uuidGroupId = admin.createGroup(uuidGroup)
        uuidGroup = ExperimenterGroupI(uuidGroupId, False)
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))
        eid1 = admin.createExperimenterWithPassword(new_exp1, rstring("ome"),
                                                    uuidGroup, listOfGroups)
        exp1 = admin.getExperimenter(eid1)

        # set owner of the group (user is not a member of)
        admin.addGroupOwners(gr1, [exp1])
        # chech if is the leader
        leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
        assert gr1.id.val in leaderOfGroups

        # remove group owner
        admin.removeGroupOwners(gr1, [exp1])
        # chech if no longer is the leader
        leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
        assert gr1.id.val not in leaderOfGroups
        """
Example #10
0
    def test1109(self):
        uuid = self.uuid()
        admin = self.root.sf.getAdminService()

        # Replace defaultGroup with something new
        defaultGroup = self.new_group()

        # create data
        #group1
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring("group1_%s" % uuid)
        gid = admin.createGroup(new_gr1)

        #new user1
        new_exp = ExperimenterI()
        new_exp.omeName = rstring("user_%s" % uuid)
        new_exp.firstName = rstring("New")
        new_exp.lastName = rstring("Test")
        new_exp.email = rstring("*****@*****.**")

        listOfGroups = list()
        # defaultGroup = admin.lookupGroup("default") Removed in 4.2
        listOfGroups.append(admin.getGroup(gid))
        listOfGroups.append(admin.lookupGroup("user"))

        eid = admin.createExperimenter(new_exp, defaultGroup, listOfGroups)

        #test
        exp = admin.getExperimenter(eid)
        #print "exp: ", exp.id.val, " his default group is: ", admin.getDefaultGroup(exp.id.val).id.val

        gr1 = admin.getGroup(2)
        indefault = admin.containedExperimenters(gr1.id.val)
        # print "members of group %s %i" % (gr1.name.val, gr1.id.val)
        for m in indefault:
            if m.id.val == exp.id.val:
                self.assert_(m.copyGroupExperimenterMap()[0].parent.id.val ==
                             admin.getDefaultGroup(exp.id.val).id.val)
                # print "exp: id=", m.id.val, "; GEM[0]: ", type(m.copyGroupExperimenterMap()[0].parent), m.copyGroupExperimenterMap()[0].parent.id.val

        gr2 = admin.getGroup(gid)
        members2 = admin.containedExperimenters(gr2.id.val)
        # print "members of group %s %i" % (gr2.name.val, gr2.id.val)
        for m in members2:
            if m.id.val == exp.id.val:
                copied_id = m.copyGroupExperimenterMap()[0].parent.id.val
                got_id = admin.getDefaultGroup(exp.id.val).id.val
                contained = admin.containedGroups(m.id.val)
                self.assertEquals(copied_id, got_id,\
                """
                %s != %s. Groups for experimenter %s = %s (graph) or %s (contained)
                """ % ( copied_id, got_id, exp.id.val, [ x.parent.id.val for x in m.copyGroupExperimenterMap() ], [ y.id.val for y in contained ] ))
Example #11
0
    def add(self, args):
        email = args.email
        login = args.username
        first = args.firstname
        middle = args.middlename
        last = args.lastname
        inst = args.institution
        pasw = args.userpassword

        import omero
        from omero.rtypes import rstring
        from omero_model_ExperimenterI import ExperimenterI as Exp
        from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp
        c = self.ctx.conn(args)
        p = c.ic.getProperties()
        e = Exp()
        e.omeName = rstring(login)
        e.firstName = rstring(first)
        e.lastName = rstring(last)
        e.middleName = rstring(middle)
        e.email = rstring(email)
        e.institution = rstring(inst)
        admin = c.getSession().getAdminService()

        try:
            usr = admin.lookupExperimenter(login)
            if usr:
                if args.ignore_existing:
                    self.ctx.out("User exists: %s (id=%s)" %
                                 (login, usr.id.val))
                    return
                else:
                    self.ctx.die(
                        3, "User exists: %s (id=%s)" % (login, usr.id.val))
        except omero.ApiUsageException, aue:
            pass  # Apparently no such user exists
Example #12
0
    def testFindAndCountAnnotationsForSharedData(self):
        uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
        query = self.root.sf.getQueryService()
        update = self.root.sf.getUpdateService()
        admin = self.root.sf.getAdminService()
        ipojo = self.root.sf.getContainerService()
        
        ### create new users
        #group1
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring("group1_%s" % uuid)
        gid = admin.createGroup(new_gr1)
        
        #new user1
        new_exp = ExperimenterI()
        new_exp.omeName = rstring("user1_%s" % uuid)
        new_exp.firstName = rstring("New")
        new_exp.lastName = rstring("Test")
        
        defaultGroup = admin.getGroup(gid)
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))
        
        eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), defaultGroup, listOfGroups)
        
        #new user2
        new_exp2 = ExperimenterI()
        new_exp2.omeName = rstring("user2_%s" % uuid)
        new_exp2.firstName = rstring("New2")
        new_exp2.lastName = rstring("Test2")
        
        defaultGroup = admin.getGroup(gid)
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))
        
        eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), defaultGroup, listOfGroups)
    
        ## get users
        user1 = admin.getExperimenter(eid)
        user2 = admin.getExperimenter(eid2)
        
        ## login as user1
        cl1 = self.new_client(user=user1, password="******")
        update1 = cl1.sf.getUpdateService()
        ipojo1 = cl1.sf.getContainerService()
        
        # create image
        img = ImageI()
        img.setName(rstring('test1154-img-%s' % (uuid)))
        img.setAcquisitionDate(rtime(0))

        # default permission 'rw----':
        img = update1.saveAndReturnObject(img)
        img.unload()

        ann1 = CommentAnnotationI()
        ann1.textValue = rstring("user comment - %s" % uuid)
        l_ann1 = ImageAnnotationLinkI()
        l_ann1.setParent(img)
        l_ann1.setChild(ann1)
        update1.saveObject(l_ann1)

        #user retrives the annotations for image
        coll_count = ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None)
        self.assertEquals(1, coll_count.get(img.id.val, []))
        #self.assertEquals(1, len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])))

        ## login as user2
        cl2 = self.new_client(user=user2, password="******")
        update2 = cl1.sf.getUpdateService()
        
        ann = CommentAnnotationI()
        ann.textValue = rstring("user2 comment - %s" % uuid)
        l_ann = ImageAnnotationLinkI()
        l_ann.setParent(img)
        l_ann.setChild(ann)
        update2.saveObject(l_ann)
        
        #do they see the same vals?
        #print ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None)
        #print ipojo.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None)
        #print len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []))
        #print len(ipojo.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []))
        coll_count = ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None)
        self.assertEquals(2, coll_count.get(img.id.val, []))
        #anns = ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])
        #self.assertEquals(2, len(anns))
        
        #self.assert_(anns[0].details.permissions == 'rw----')
        #self.assert_(anns[1].details.permissions == 'rw----')
        
        cl1.sf.closeOnDestroy()
        cl2.sf.closeOnDestroy()
Example #13
0
    def testFindAndCountAnnotationsForSharedData(self):
        uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
        query = self.root.sf.getQueryService()
        update = self.root.sf.getUpdateService()
        admin = self.root.sf.getAdminService()
        ipojo = self.root.sf.getContainerService()

        ### create new users
        #group1
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring("group1_%s" % uuid)
        gid = admin.createGroup(new_gr1)

        #new user1
        new_exp = ExperimenterI()
        new_exp.omeName = rstring("user1_%s" % uuid)
        new_exp.firstName = rstring("New")
        new_exp.lastName = rstring("Test")

        defaultGroup = admin.getGroup(gid)
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))

        eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"),
                                                   defaultGroup, listOfGroups)

        #new user2
        new_exp2 = ExperimenterI()
        new_exp2.omeName = rstring("user2_%s" % uuid)
        new_exp2.firstName = rstring("New2")
        new_exp2.lastName = rstring("Test2")

        defaultGroup = admin.getGroup(gid)
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))

        eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"),
                                                    defaultGroup, listOfGroups)

        ## get users
        user1 = admin.getExperimenter(eid)
        user2 = admin.getExperimenter(eid2)

        ## login as user1
        cl1 = self.new_client(user=user1, password="******")
        update1 = cl1.sf.getUpdateService()
        ipojo1 = cl1.sf.getContainerService()

        # create image
        img = ImageI()
        img.setName(rstring('test1154-img-%s' % (uuid)))
        img.setAcquisitionDate(rtime(0))

        # default permission 'rw----':
        img = update1.saveAndReturnObject(img)
        img.unload()

        ann1 = CommentAnnotationI()
        ann1.textValue = rstring("user comment - %s" % uuid)
        l_ann1 = ImageAnnotationLinkI()
        l_ann1.setParent(img)
        l_ann1.setChild(ann1)
        update1.saveObject(l_ann1)

        #user retrives the annotations for image
        coll_count = ipojo1.getCollectionCount(
            "Image", "ome.model.containers.Image_annotationLinks",
            [img.id.val], None)
        self.assertEquals(1, coll_count.get(img.id.val, []))
        #self.assertEquals(1, len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])))

        ## login as user2
        cl2 = self.new_client(user=user2, password="******")
        update2 = cl1.sf.getUpdateService()

        ann = CommentAnnotationI()
        ann.textValue = rstring("user2 comment - %s" % uuid)
        l_ann = ImageAnnotationLinkI()
        l_ann.setParent(img)
        l_ann.setChild(ann)
        update2.saveObject(l_ann)

        #do they see the same vals?
        #print ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None)
        #print ipojo.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None)
        #print len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []))
        #print len(ipojo.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []))
        coll_count = ipojo1.getCollectionCount(
            "Image", "ome.model.containers.Image_annotationLinks",
            [img.id.val], None)
        self.assertEquals(2, coll_count.get(img.id.val, []))
        #anns = ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])
        #self.assertEquals(2, len(anns))

        #self.assert_(anns[0].details.permissions == 'rw----')
        #self.assert_(anns[1].details.permissions == 'rw----')

        cl1.sf.closeOnDestroy()
        cl2.sf.closeOnDestroy()
Example #14
0
    def add(self, args):
        email = args.email
        login = args.username
        first = args.firstname
        middle = args.middlename
        last = args.lastname
        inst = args.institution
        pasw = args.userpassword

        import omero
        from omero.rtypes import rstring
        from omero_model_ExperimenterI import ExperimenterI as Exp
        from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp
        c = self.ctx.conn(args)
        e = Exp()
        e.omeName = rstring(login)
        e.firstName = rstring(first)
        e.lastName = rstring(last)
        e.middleName = rstring(middle)
        e.email = rstring(email)
        e.institution = rstring(inst)

        # Fail-fast if a non-admin runs this command
        isAdmin = self.ctx._event_context.isAdmin
        if not isAdmin:
            self.error_admin_only(fatal=True)

        # Fail-fast if no-password is passed and the server does not accept
        # empty passwords
        configService = c.getSession().getConfigService()
        password_required = configService.getConfigValue(
            "omero.security.password_required").lower()
        if args.no_password and password_required != 'false':
            self.ctx.die(502, "Server does not allow user creation with empty"
                         " passwords")

        # Check user existence
        admin = c.getSession().getAdminService()
        try:
            usr = admin.lookupExperimenter(login)
            if usr:
                if args.ignore_existing:
                    self.ctx.out("User exists: %s (id=%s)"
                                 % (login, usr.id.val))
                    return
                else:
                    self.ctx.die(3, "User exists: %s (id=%s)"
                                 % (login, usr.id.val))
        except omero.ApiUsageException:
            pass  # Apparently no such user exists

        groups = self.list_groups(admin, args)

        roles = admin.getSecurityRoles()
        groups.append(Grp(roles.userGroupId, False))
        if args.admin:
            groups.append(Grp(roles.systemGroupId, False))

        group = groups.pop(0)

        try:
            if args.no_password:
                id = admin.createExperimenter(e, group, groups)
                self.ctx.out("Added user %s (id=%s) without password"
                             % (login, id))
            else:
                if pasw is None:
                    pasw = self._ask_for_password(" for your new user (%s)"
                                                  % login, strict=True)
                id = admin.createExperimenterWithPassword(e, rstring(pasw),
                                                          group, groups)
                self.ctx.out("Added user %s (id=%s) with password"
                             % (login, id))
        except omero.ValidationException, ve:
            # Possible, though unlikely after previous check
            if self.exc.is_constraint_violation(ve):
                self.ctx.die(66, "User already exists: %s" % login)
            else:
                self.ctx.die(67, "Unknown ValidationException: %s"
                             % ve.message)
Example #15
0
    def testThumbs(self):

        # root session is root.sf
        uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
        admin = self.root.sf.getAdminService()

        group1name = "private_%s" % uuid
        group2name = "read-only_%s" % uuid
        group3name = "collaborative_%s" % uuid
        ownerName = "owner_%s" % uuid
        user1name = "user1_%s" % uuid
        user2name = "user2_%s" % uuid
        
        ### create three users in 3 groups
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup("user"))  # all users need to be in 'user' group to do anything! 
        
        #group1 - private
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring(group1name)
        p = PermissionsI('rw----')
        new_gr1.details.permissions = p
        gid = admin.createGroup(new_gr1)
        privateGroup = admin.getGroup(gid)
        self.assertEquals('rw----', str(privateGroup.details.permissions))
        listOfGroups.append(privateGroup)
        
        #group2 - read-only
        new_gr2 = ExperimenterGroupI()
        new_gr2.name = rstring(group2name)
        p2 = PermissionsI('rwr---')
        new_gr2.details.permissions = p2
        gid2 = admin.createGroup(new_gr2)
        readOnlyGroup = admin.getGroup(gid2)
        self.assertEquals('rwr---', str(readOnlyGroup.details.permissions))
        listOfGroups.append(readOnlyGroup)
        
        #group3 - read-annotate
        new_gr3 = ExperimenterGroupI()
        new_gr3.name = rstring(group3name)
        p = PermissionsI('rwra--')
        new_gr3.details.permissions = p
        gid3 = admin.createGroup(new_gr3)
        collaborativeGroup = admin.getGroup(gid3)
        self.assertEquals('rwra--', str(collaborativeGroup.details.permissions))
        listOfGroups.append(collaborativeGroup)
        
        #new user (group owner)
        owner = ExperimenterI()
        owner.omeName = rstring(ownerName)
        owner.firstName = rstring("Group")
        owner.lastName = rstring("Owner")
        owner.email = rstring("*****@*****.**")
        
        ownerId = admin.createExperimenterWithPassword(owner, rstring("ome"), privateGroup, listOfGroups)
        newOwner = admin.getExperimenter(ownerId) 
        admin.setGroupOwner(privateGroup, newOwner) 
        admin.setGroupOwner(readOnlyGroup, newOwner) 
        admin.setGroupOwner(collaborativeGroup, newOwner) 
        
        #new user1
        new_exp = ExperimenterI()
        new_exp.omeName = rstring(user1name)
        new_exp.firstName = rstring("Will")
        new_exp.lastName = rstring("Moore")
        new_exp.email = rstring("*****@*****.**")
        
        eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), privateGroup, listOfGroups)
        
        #new user2
        new_exp2 = ExperimenterI()
        new_exp2.omeName = rstring(user2name)
        new_exp2.firstName = rstring("User")
        new_exp2.lastName = rstring("Test2")
        new_exp2.email = rstring("*****@*****.**")
        
        eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), privateGroup, listOfGroups)
        
        ## get users
        user1 = admin.getExperimenter(eid)
        user2 = admin.getExperimenter(eid2)
        
        ## login as user1 (into their default group)
        client_share1 = self.new_client(user=user1, password="******")

        print len(client_share1.sf.activeServices())
        
        # create image in private group
        privateImageId = createTestImage(client_share1.sf)
        print len(client_share1.sf.activeServices())
        
        self.getThumbnail(client_share1.sf, privateImageId)    # if we don't get thumbnail, test fails when another user does
        print len(client_share1.sf.activeServices())
        
        # change user into read-only group. Use object Ids for this, NOT objects from a different context
        a = client_share1.sf.getAdminService()
        me = a.getExperimenter(a.getEventContext().userId)
        a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))

        self.set_context(client_share1, gid2)
        #print a.getEventContext()
        
        # create image and get thumbnail (in read-only group)
        readOnlyImageId = createTestImage(client_share1.sf)
        self.getThumbnail(client_share1.sf, readOnlyImageId)
        
        # change user into collaborative group. Use object Ids for this, NOT objects from a different context
        a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
        self.set_context(client_share1, gid3)
        
        # create image and get thumbnail (in collaborative group)
        collaborativeImageId = createTestImage(client_share1.sf)
        self.getThumbnail(client_share1.sf, collaborativeImageId)
        
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None, self.getThumbnail(client_share1.sf, privateImageId))
        self.assertEquals(None, self.getThumbnail(client_share1.sf, readOnlyImageId))
        
        
        # now check that the 'owner' of each group can see all 3 thumbnails.
        ## login as owner (into private group)
        owner_client = self.new_client(user=newOwner, password="******")
        
        self.getThumbnail(owner_client.sf, privateImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId))
        self.assertEquals(None, self.getThumbnail(owner_client.sf, collaborativeImageId))
        
        # change owner into read-only group.
        o = client_share1.sf.getAdminService()
        me = o.getExperimenter(o.getEventContext().userId)
        o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
        self.set_context(owner_client, gid2)

        self.getThumbnail(owner_client.sf, readOnlyImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId))
        self.assertEquals(None, self.getThumbnail(owner_client.sf, collaborativeImageId))
        
        # change owner into collaborative group.
        o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
        self.set_context(owner_client, gid3)
        
        self.getThumbnail(owner_client.sf, collaborativeImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId))
        self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId))
        
        
        # now check that the 'user2' of each group can see all thumbnails except private.
        ## login as user2 (into private group)
        user2_client = self.new_client(user=user2, password="******")
        
        # check that we can't get thumbnails for any images in private group
        self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId))
        self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId))
        self.assertEquals(None, self.getThumbnail(user2_client.sf, collaborativeImageId))
        
        # change owner into read-only group.
        u = user2_client.sf.getAdminService()
        me = u.getExperimenter(u.getEventContext().userId)
        u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
        self.set_context(user2_client, gid2)

        self.getThumbnail(user2_client.sf, readOnlyImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId))
        self.assertEquals(None, self.getThumbnail(user2_client.sf, collaborativeImageId))
        
        # change owner into collaborative group.
        u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
        self.set_context(user2_client, gid3)
        
        self.getThumbnail(user2_client.sf, collaborativeImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId))
        self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId))
Example #16
0
    def add(self, args):
        email = args.email
        login = args.username
        first = args.firstname
        middle = args.middlename
        last = args.lastname
        inst = args.institution
        pasw = args.userpassword

        import omero
        from omero.rtypes import rbool, rstring
        from omero_model_ExperimenterI import ExperimenterI as Exp
        from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp
        c = self.ctx.conn(args)
        e = Exp()
        e.omeName = rstring(login)
        e.firstName = rstring(first)
        e.lastName = rstring(last)
        e.middleName = rstring(middle)
        e.email = rstring(email)
        e.institution = rstring(inst)
        e.ldap = rbool(False)

        # Fail-fast if no-password is passed and the server does not accept
        # empty passwords
        configService = c.getSession().getConfigService()
        password_required = configService.getConfigValue(
            "omero.security.password_required").lower()
        if args.no_password and password_required != 'false':
            self.ctx.die(
                502, "Server does not allow user creation with empty"
                " passwords")

        # Check user existence
        admin = c.getSession().getAdminService()
        try:
            usr = admin.lookupExperimenter(login)
            if usr:
                if args.ignore_existing:
                    self.ctx.out("User exists: %s (id=%s)" %
                                 (login, usr.id.val))
                    return
                else:
                    self.ctx.die(
                        3, "User exists: %s (id=%s)" % (login, usr.id.val))
        except omero.ApiUsageException:
            pass  # Apparently no such user exists

        [gid, groups] = self.list_groups(admin, args, use_context=False)

        roles = admin.getSecurityRoles()
        groups.append(Grp(roles.userGroupId, False))
        if args.admin:
            groups.append(Grp(roles.systemGroupId, False))

        group = groups.pop(0)

        try:
            if args.no_password:
                id = admin.createExperimenter(e, group, groups)
                self.ctx.out("Added user %s (id=%s) without password" %
                             (login, id))
            else:
                if pasw is None:
                    pasw = self._ask_for_password(" for your new user (%s)" %
                                                  login,
                                                  strict=True)
                id = admin.createExperimenterWithPassword(
                    e, rstring(pasw), group, groups)
                self.ctx.out("Added user %s (id=%s) with password" %
                             (login, id))
        except omero.ValidationException as ve:
            # Possible, though unlikely after previous check
            if self.exc.is_constraint_violation(ve):
                self.ctx.die(66, "User already exists: %s" % login)
            else:
                self.ctx.die(67,
                             "Unknown ValidationException: %s" % ve.message)
        except omero.SecurityViolation as se:
            self.ctx.die(68, "Security violation: %s" % se.message)
Example #17
0
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from omero_model_EventI import EventI
from omero_model_ExperimenterI import ExperimenterI
from omero_model_GroupExperimenterMapI import GroupExperimenterMapI

assert (not EventI().isMutable())
assert ExperimenterI().isMutable()
assert ExperimenterI().isGlobal()
assert ExperimenterI().isAnnotated()
assert GroupExperimenterMapI().isLink()
Example #18
0
    def add(self, args):
        email = args.email
        login = args.username
        first = args.firstname
        middle = args.middlename
        last = args.lastname
        inst = args.institution
        pasw = args.userpassword

        import omero
        from omero.rtypes import rstring
        from omero_model_ExperimenterI import ExperimenterI as Exp
        from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp
        c = self.ctx.conn(args)
        e = Exp()
        e.omeName = rstring(login)
        e.firstName = rstring(first)
        e.lastName = rstring(last)
        e.middleName = rstring(middle)
        e.email = rstring(email)
        e.institution = rstring(inst)
        admin = c.getSession().getAdminService()

        try:
            usr = admin.lookupExperimenter(login)
            if usr:
                if args.ignore_existing:
                    self.ctx.out("User exists: %s (id=%s)"
                                 % (login, usr.id.val))
                    return
                else:
                    self.ctx.die(3, "User exists: %s (id=%s)"
                                 % (login, usr.id.val))
        except omero.ApiUsageException:
            pass  # Apparently no such user exists

        groups = self.list_groups(admin, args)

        roles = admin.getSecurityRoles()
        groups.append(Grp(roles.userGroupId, False))
        if args.admin:
            groups.append(Grp(roles.systemGroupId, False))

        group = groups.pop(0)

        try:
            if args.no_password:
                id = admin.createExperimenter(e, group, groups)
                self.ctx.out("Added user %s (id=%s) without password"
                             % (login, id))
            else:
                if pasw is None:
                    self._ask_for_password(" for your new user (%s)"
                                           % login, strict=True)
                id = admin.createExperimenterWithPassword(e, rstring(pasw),
                                                          group, groups)
                self.ctx.out("Added user %s (id=%s) with password"
                             % (login, id))
        except omero.ValidationException, ve:
            # Possible, though unlikely after previous check
            if self.exc.is_constraint_violation(ve):
                self.ctx.die(66, "User already exists: %s" % login)
            else:
                self.ctx.die(67, "Unknown ValidationException: %s"
                             % ve.message)
Example #19
0
    def testThumbs(self):

        # root session is root.sf
        uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
        admin = self.root.sf.getAdminService()

        group1name = "private_%s" % uuid
        group2name = "read-only_%s" % uuid
        group3name = "collaborative_%s" % uuid
        ownerName = "owner_%s" % uuid
        user1name = "user1_%s" % uuid
        user2name = "user2_%s" % uuid

        ### create three users in 3 groups
        listOfGroups = list()
        listOfGroups.append(admin.lookupGroup(
            "user"))  # all users need to be in 'user' group to do anything!

        #group1 - private
        new_gr1 = ExperimenterGroupI()
        new_gr1.name = rstring(group1name)
        p = PermissionsI('rw----')
        new_gr1.details.permissions = p
        gid = admin.createGroup(new_gr1)
        privateGroup = admin.getGroup(gid)
        self.assertEquals('rw----', str(privateGroup.details.permissions))
        listOfGroups.append(privateGroup)

        #group2 - read-only
        new_gr2 = ExperimenterGroupI()
        new_gr2.name = rstring(group2name)
        p2 = PermissionsI('rwr---')
        new_gr2.details.permissions = p2
        gid2 = admin.createGroup(new_gr2)
        readOnlyGroup = admin.getGroup(gid2)
        self.assertEquals('rwr---', str(readOnlyGroup.details.permissions))
        listOfGroups.append(readOnlyGroup)

        #group3 - read-annotate
        new_gr3 = ExperimenterGroupI()
        new_gr3.name = rstring(group3name)
        p = PermissionsI('rwra--')
        new_gr3.details.permissions = p
        gid3 = admin.createGroup(new_gr3)
        collaborativeGroup = admin.getGroup(gid3)
        self.assertEquals('rwra--',
                          str(collaborativeGroup.details.permissions))
        listOfGroups.append(collaborativeGroup)

        #new user (group owner)
        owner = ExperimenterI()
        owner.omeName = rstring(ownerName)
        owner.firstName = rstring("Group")
        owner.lastName = rstring("Owner")
        owner.email = rstring("*****@*****.**")

        ownerId = admin.createExperimenterWithPassword(owner, rstring("ome"),
                                                       privateGroup,
                                                       listOfGroups)
        newOwner = admin.getExperimenter(ownerId)
        admin.setGroupOwner(privateGroup, newOwner)
        admin.setGroupOwner(readOnlyGroup, newOwner)
        admin.setGroupOwner(collaborativeGroup, newOwner)

        #new user1
        new_exp = ExperimenterI()
        new_exp.omeName = rstring(user1name)
        new_exp.firstName = rstring("Will")
        new_exp.lastName = rstring("Moore")
        new_exp.email = rstring("*****@*****.**")

        eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"),
                                                   privateGroup, listOfGroups)

        #new user2
        new_exp2 = ExperimenterI()
        new_exp2.omeName = rstring(user2name)
        new_exp2.firstName = rstring("User")
        new_exp2.lastName = rstring("Test2")
        new_exp2.email = rstring("*****@*****.**")

        eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"),
                                                    privateGroup, listOfGroups)

        ## get users
        user1 = admin.getExperimenter(eid)
        user2 = admin.getExperimenter(eid2)

        ## login as user1 (into their default group)
        client_share1 = self.new_client(user=user1, password="******")

        print len(client_share1.sf.activeServices())

        # create image in private group
        privateImageId = createTestImage(client_share1.sf)
        print len(client_share1.sf.activeServices())

        self.getThumbnail(
            client_share1.sf, privateImageId
        )  # if we don't get thumbnail, test fails when another user does
        print len(client_share1.sf.activeServices())

        # change user into read-only group. Use object Ids for this, NOT objects from a different context
        a = client_share1.sf.getAdminService()
        me = a.getExperimenter(a.getEventContext().userId)
        a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))

        self.set_context(client_share1, gid2)
        #print a.getEventContext()

        # create image and get thumbnail (in read-only group)
        readOnlyImageId = createTestImage(client_share1.sf)
        self.getThumbnail(client_share1.sf, readOnlyImageId)

        # change user into collaborative group. Use object Ids for this, NOT objects from a different context
        a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
        self.set_context(client_share1, gid3)

        # create image and get thumbnail (in collaborative group)
        collaborativeImageId = createTestImage(client_share1.sf)
        self.getThumbnail(client_share1.sf, collaborativeImageId)

        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None,
                          self.getThumbnail(client_share1.sf, privateImageId))
        self.assertEquals(None,
                          self.getThumbnail(client_share1.sf, readOnlyImageId))

        # now check that the 'owner' of each group can see all 3 thumbnails.
        ## login as owner (into private group)
        owner_client = self.new_client(user=newOwner, password="******")

        self.getThumbnail(owner_client.sf, privateImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None,
                          self.getThumbnail(owner_client.sf, readOnlyImageId))
        self.assertEquals(
            None, self.getThumbnail(owner_client.sf, collaborativeImageId))

        # change owner into read-only group.
        o = client_share1.sf.getAdminService()
        me = o.getExperimenter(o.getEventContext().userId)
        o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
        self.set_context(owner_client, gid2)

        self.getThumbnail(owner_client.sf, readOnlyImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None,
                          self.getThumbnail(owner_client.sf, privateImageId))
        self.assertEquals(
            None, self.getThumbnail(owner_client.sf, collaborativeImageId))

        # change owner into collaborative group.
        o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
        self.set_context(owner_client, gid3)

        self.getThumbnail(owner_client.sf, collaborativeImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None,
                          self.getThumbnail(owner_client.sf, privateImageId))
        self.assertEquals(None,
                          self.getThumbnail(owner_client.sf, readOnlyImageId))

        # now check that the 'user2' of each group can see all thumbnails except private.
        ## login as user2 (into private group)
        user2_client = self.new_client(user=user2, password="******")

        # check that we can't get thumbnails for any images in private group
        self.assertEquals(None,
                          self.getThumbnail(user2_client.sf, privateImageId))
        self.assertEquals(None,
                          self.getThumbnail(user2_client.sf, readOnlyImageId))
        self.assertEquals(
            None, self.getThumbnail(user2_client.sf, collaborativeImageId))

        # change owner into read-only group.
        u = user2_client.sf.getAdminService()
        me = u.getExperimenter(u.getEventContext().userId)
        u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
        self.set_context(user2_client, gid2)

        self.getThumbnail(user2_client.sf, readOnlyImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None,
                          self.getThumbnail(user2_client.sf, privateImageId))
        self.assertEquals(
            None, self.getThumbnail(user2_client.sf, collaborativeImageId))

        # change owner into collaborative group.
        u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
        self.set_context(user2_client, gid3)

        self.getThumbnail(user2_client.sf, collaborativeImageId)
        # check that we can't get thumbnails for images in other groups
        self.assertEquals(None,
                          self.getThumbnail(user2_client.sf, privateImageId))
        self.assertEquals(None,
                          self.getThumbnail(user2_client.sf, readOnlyImageId))
Example #20
0
    def add(self, args):
        email = args.email
        login = args.username
        first = args.firstname
        middle = args.middlename
        last = args.lastname
        inst = args.institution
        pasw = args.userpassword

        import omero
        from omero.rtypes import rstring
        from omero_model_ExperimenterI import ExperimenterI as Exp
        from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp
        c = self.ctx.conn(args)
        e = Exp()
        e.omeName = rstring(login)
        e.firstName = rstring(first)
        e.lastName = rstring(last)
        e.middleName = rstring(middle)
        e.email = rstring(email)
        e.institution = rstring(inst)
        admin = c.getSession().getAdminService()

        try:
            usr = admin.lookupExperimenter(login)
            if usr:
                if args.ignore_existing:
                    self.ctx.out("User exists: %s (id=%s)"
                                 % (login, usr.id.val))
                    return
                else:
                    self.ctx.die(3, "User exists: %s (id=%s)"
                                 % (login, usr.id.val))
        except omero.ApiUsageException:
            pass  # Apparently no such user exists

        groups = self.list_groups(admin, args)

        roles = admin.getSecurityRoles()
        groups.append(Grp(roles.userGroupId, False))
        if args.admin:
            groups.append(Grp(roles.systemGroupId, False))

        group = groups.pop(0)

        try:
            if args.no_password:
                id = admin.createExperimenter(e, group, groups)
                self.ctx.out("Added user %s (id=%s) without password"
                             % (login, id))
            else:
                if pasw is None:
                    self._ask_for_password(" for your new user (%s)"
                                           % login, strict=True)
                id = admin.createExperimenterWithPassword(e, rstring(pasw),
                                                          group, groups)
                self.ctx.out("Added user %s (id=%s) with password"
                             % (login, id))
        except omero.ValidationException, ve:
            # Possible, though unlikely after previous check
            if self.exc.is_constraint_violation(ve):
                self.ctx.die(66, "User already exists: %s" % login)
            else:
                self.ctx.die(67, "Unknown ValidationException: %s"
                             % ve.message)