def testGroupOwners(self): # this is the test of creating private group and updating it # including changes in #1434 uuid = self.root.sf.getAdminService().getEventContext().sessionUuid query = self.root.sf.getQueryService() update = self.root.sf.getUpdateService() admin = self.root.sf.getAdminService() # create group1 new_gr1 = ExperimenterGroupI() new_gr1.name = rstring("group1_%s" % uuid) p = PermissionsI() p.setUserRead(True) p.setUserWrite(True) p.setGroupRead(True) p.setGroupAnnotate(False) p.setGroupWrite(False) p.setWorldRead(False) p.setWorldAnnotate(False) p.setWorldWrite(False) new_gr1.details.permissions = p g1_id = admin.createGroup(new_gr1) gr1 = admin.getGroup(g1_id) # create user1 new_exp1 = ExperimenterI() new_exp1.omeName = rstring("user1_%s" % uuid) new_exp1.firstName = rstring("New") new_exp1.lastName = rstring("Test") new_exp1.email = rstring("*****@*****.**") uuid = self.uuid() uuidGroup = ExperimenterGroupI() uuidGroup.name = rstring(uuid) uuidGroupId = admin.createGroup(uuidGroup) uuidGroup = ExperimenterGroupI(uuidGroupId, False) listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) eid1 = admin.createExperimenterWithPassword(new_exp1, rstring("ome"), uuidGroup, listOfGroups) exp1 = admin.getExperimenter(eid1) # set owner of the group (user is not a member of) admin.addGroupOwners(gr1, [exp1]) # chech if is the leader leaderOfGroups = admin.getLeaderOfGroupIds(exp1) self.assertTrue(gr1.id.val in leaderOfGroups) # remove group owner admin.removeGroupOwners(gr1, [exp1]) # chech if no longer is the leader leaderOfGroups = admin.getLeaderOfGroupIds(exp1) self.assertFalse(gr1.id.val in leaderOfGroups) """
def test1109(self): uuid = self.uuid() admin = self.root.sf.getAdminService() # Replace defaultGroup with something new defaultGroup = self.new_group() # create data #group1 new_gr1 = ExperimenterGroupI() new_gr1.name = rstring("group1_%s" % uuid) gid = admin.createGroup(new_gr1) #new user1 new_exp = ExperimenterI() new_exp.omeName = rstring("user_%s" % uuid) new_exp.firstName = rstring("New") new_exp.lastName = rstring("Test") new_exp.email = rstring("*****@*****.**") listOfGroups = list() # defaultGroup = admin.lookupGroup("default") Removed in 4.2 listOfGroups.append(admin.getGroup(gid)) listOfGroups.append(admin.lookupGroup("user")) eid = admin.createExperimenter(new_exp, defaultGroup, listOfGroups) #test exp = admin.getExperimenter(eid) #print "exp: ", exp.id.val, " his default group is: ", admin.getDefaultGroup(exp.id.val).id.val gr1 = admin.getGroup(2) indefault = admin.containedExperimenters(gr1.id.val) # print "members of group %s %i" % (gr1.name.val, gr1.id.val) for m in indefault: if m.id.val == exp.id.val: assert m.copyGroupExperimenterMap()[0].parent.id.val == admin.getDefaultGroup(exp.id.val).id.val # print "exp: id=", m.id.val, "; GEM[0]: ", type(m.copyGroupExperimenterMap()[0].parent), m.copyGroupExperimenterMap()[0].parent.id.val gr2 = admin.getGroup(gid) members2 = admin.containedExperimenters(gr2.id.val) # print "members of group %s %i" % (gr2.name.val, gr2.id.val) for m in members2: if m.id.val == exp.id.val: copied_id = m.copyGroupExperimenterMap()[0].parent.id.val got_id = admin.getDefaultGroup(exp.id.val).id.val contained = admin.containedGroups(m.id.val) assert copied_id == got_id,\ """ %s != %s. Groups for experimenter %s = %s (graph) or %s (contained) """ % ( copied_id, got_id, exp.id.val, [ x.parent.id.val for x in m.copyGroupExperimenterMap() ], [ y.id.val for y in contained ] )
def testLinkGroupAndUser(self): user = ExperimenterI() group = ExperimenterGroupI() link = GroupExperimenterMapI() link.id = rlong(1) link.link(group, user) user.addGroupExperimenterMap(link, False) group.addGroupExperimenterMap(link, False) count = 0 for i in user.iterateGroupExperimenterMap(): count += 1 self.assert_(count == 1)
def testLinkViaLink(self): user = ExperimenterI() user.setFirstName(rstring("test")) user.setLastName(rstring("user")) user.setOmeName(rstring("UUID")) user.setLdap(rbool(False)) # possibly setOmeName() and setOmeName(string) ?? # and then don't need omero/types.h group = ExperimenterGroupI() # TODOuser.linkExperimenterGroup(group) link = GroupExperimenterMapI() link.parent = group link.child = user
def testLinkGroupAndUser(self): user = ExperimenterI() group = ExperimenterGroupI() link = GroupExperimenterMapI() link.id = rlong(1) link.link(group, user) user.addGroupExperimenterMap(link, False) group.addGroupExperimenterMap(link, False) count = 0 for i in user.iterateGroupExperimenterMap(): count += 1 assert count == 1
def testGetAttrSetAttrDetails(self): d = DetailsI() assert None == d.owner d.owner = ExperimenterI() assert d.owner d.owner = None assert None == d.owner d.ice_preMarshal()
def testGetAttrSetAttrDetails(self): d = DetailsI() self.assert_(None == d.owner) d.owner = ExperimenterI() self.assert_(d.owner) d.owner = None self.assert_(None == d.owner) d.ice_preMarshal()
def add(self, args): email = args.email login = args.username first = args.firstname middle = args.middlename last = args.lastname inst = args.institution pasw = args.userpassword import omero from omero.rtypes import rstring from omero_model_ExperimenterI import ExperimenterI as Exp from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp c = self.ctx.conn(args) p = c.ic.getProperties() e = Exp() e.omeName = rstring(login) e.firstName = rstring(first) e.lastName = rstring(last) e.middleName = rstring(middle) e.email = rstring(email) e.institution = rstring(inst) admin = c.getSession().getAdminService() try: usr = admin.lookupExperimenter(login) if usr: if args.ignore_existing: self.ctx.out("User exists: %s (id=%s)" % (login, usr.id.val)) return else: self.ctx.die(3, "User exists: %s (id=%s)" % (login, usr.id.val)) except omero.ApiUsageException, aue: pass # Apparently no such user exists
def testGroupOwners(self): # this is the test of creating private group and updating it # including changes in #1434 uuid = self.uuid() admin = self.root.sf.getAdminService() # create group1 new_gr1 = ExperimenterGroupI() new_gr1.name = rstring("group1_%s" % uuid) new_gr1.ldap = rbool(False) p = PermissionsI() p.setUserRead(True) p.setUserWrite(True) p.setGroupRead(True) p.setGroupAnnotate(False) p.setGroupWrite(False) p.setWorldRead(False) p.setWorldAnnotate(False) p.setWorldWrite(False) new_gr1.details.permissions = p g1_id = admin.createGroup(new_gr1) gr1 = admin.getGroup(g1_id) # create user1 new_exp1 = ExperimenterI() new_exp1.omeName = rstring("user1_%s" % uuid) new_exp1.firstName = rstring("New") new_exp1.lastName = rstring("Test") new_exp1.ldap = rbool(False) new_exp1.email = rstring("*****@*****.**") uuid = self.uuid() uuidGroup = ExperimenterGroupI() uuidGroup.name = rstring(uuid) uuidGroup.ldap = rbool(False) uuidGroupId = admin.createGroup(uuidGroup) uuidGroup = ExperimenterGroupI(uuidGroupId, False) listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) eid1 = admin.createExperimenterWithPassword(new_exp1, rstring("ome"), uuidGroup, listOfGroups) exp1 = admin.getExperimenter(eid1) # set owner of the group (user is not a member of) admin.addGroupOwners(gr1, [exp1]) # chech if is the leader leaderOfGroups = admin.getLeaderOfGroupIds(exp1) assert gr1.id.val in leaderOfGroups # remove group owner admin.removeGroupOwners(gr1, [exp1]) # chech if no longer is the leader leaderOfGroups = admin.getLeaderOfGroupIds(exp1) assert gr1.id.val not in leaderOfGroups """
def test1109(self): uuid = self.uuid() admin = self.root.sf.getAdminService() # Replace defaultGroup with something new defaultGroup = self.new_group() # create data #group1 new_gr1 = ExperimenterGroupI() new_gr1.name = rstring("group1_%s" % uuid) gid = admin.createGroup(new_gr1) #new user1 new_exp = ExperimenterI() new_exp.omeName = rstring("user_%s" % uuid) new_exp.firstName = rstring("New") new_exp.lastName = rstring("Test") new_exp.email = rstring("*****@*****.**") listOfGroups = list() # defaultGroup = admin.lookupGroup("default") Removed in 4.2 listOfGroups.append(admin.getGroup(gid)) listOfGroups.append(admin.lookupGroup("user")) eid = admin.createExperimenter(new_exp, defaultGroup, listOfGroups) #test exp = admin.getExperimenter(eid) #print "exp: ", exp.id.val, " his default group is: ", admin.getDefaultGroup(exp.id.val).id.val gr1 = admin.getGroup(2) indefault = admin.containedExperimenters(gr1.id.val) # print "members of group %s %i" % (gr1.name.val, gr1.id.val) for m in indefault: if m.id.val == exp.id.val: self.assert_(m.copyGroupExperimenterMap()[0].parent.id.val == admin.getDefaultGroup(exp.id.val).id.val) # print "exp: id=", m.id.val, "; GEM[0]: ", type(m.copyGroupExperimenterMap()[0].parent), m.copyGroupExperimenterMap()[0].parent.id.val gr2 = admin.getGroup(gid) members2 = admin.containedExperimenters(gr2.id.val) # print "members of group %s %i" % (gr2.name.val, gr2.id.val) for m in members2: if m.id.val == exp.id.val: copied_id = m.copyGroupExperimenterMap()[0].parent.id.val got_id = admin.getDefaultGroup(exp.id.val).id.val contained = admin.containedGroups(m.id.val) self.assertEquals(copied_id, got_id,\ """ %s != %s. Groups for experimenter %s = %s (graph) or %s (contained) """ % ( copied_id, got_id, exp.id.val, [ x.parent.id.val for x in m.copyGroupExperimenterMap() ], [ y.id.val for y in contained ] ))
def add(self, args): email = args.email login = args.username first = args.firstname middle = args.middlename last = args.lastname inst = args.institution pasw = args.userpassword import omero from omero.rtypes import rstring from omero_model_ExperimenterI import ExperimenterI as Exp from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp c = self.ctx.conn(args) p = c.ic.getProperties() e = Exp() e.omeName = rstring(login) e.firstName = rstring(first) e.lastName = rstring(last) e.middleName = rstring(middle) e.email = rstring(email) e.institution = rstring(inst) admin = c.getSession().getAdminService() try: usr = admin.lookupExperimenter(login) if usr: if args.ignore_existing: self.ctx.out("User exists: %s (id=%s)" % (login, usr.id.val)) return else: self.ctx.die( 3, "User exists: %s (id=%s)" % (login, usr.id.val)) except omero.ApiUsageException, aue: pass # Apparently no such user exists
def testFindAndCountAnnotationsForSharedData(self): uuid = self.root.sf.getAdminService().getEventContext().sessionUuid query = self.root.sf.getQueryService() update = self.root.sf.getUpdateService() admin = self.root.sf.getAdminService() ipojo = self.root.sf.getContainerService() ### create new users #group1 new_gr1 = ExperimenterGroupI() new_gr1.name = rstring("group1_%s" % uuid) gid = admin.createGroup(new_gr1) #new user1 new_exp = ExperimenterI() new_exp.omeName = rstring("user1_%s" % uuid) new_exp.firstName = rstring("New") new_exp.lastName = rstring("Test") defaultGroup = admin.getGroup(gid) listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), defaultGroup, listOfGroups) #new user2 new_exp2 = ExperimenterI() new_exp2.omeName = rstring("user2_%s" % uuid) new_exp2.firstName = rstring("New2") new_exp2.lastName = rstring("Test2") defaultGroup = admin.getGroup(gid) listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), defaultGroup, listOfGroups) ## get users user1 = admin.getExperimenter(eid) user2 = admin.getExperimenter(eid2) ## login as user1 cl1 = self.new_client(user=user1, password="******") update1 = cl1.sf.getUpdateService() ipojo1 = cl1.sf.getContainerService() # create image img = ImageI() img.setName(rstring('test1154-img-%s' % (uuid))) img.setAcquisitionDate(rtime(0)) # default permission 'rw----': img = update1.saveAndReturnObject(img) img.unload() ann1 = CommentAnnotationI() ann1.textValue = rstring("user comment - %s" % uuid) l_ann1 = ImageAnnotationLinkI() l_ann1.setParent(img) l_ann1.setChild(ann1) update1.saveObject(l_ann1) #user retrives the annotations for image coll_count = ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) self.assertEquals(1, coll_count.get(img.id.val, [])) #self.assertEquals(1, len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []))) ## login as user2 cl2 = self.new_client(user=user2, password="******") update2 = cl1.sf.getUpdateService() ann = CommentAnnotationI() ann.textValue = rstring("user2 comment - %s" % uuid) l_ann = ImageAnnotationLinkI() l_ann.setParent(img) l_ann.setChild(ann) update2.saveObject(l_ann) #do they see the same vals? #print ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) #print ipojo.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) #print len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])) #print len(ipojo.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])) coll_count = ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) self.assertEquals(2, coll_count.get(img.id.val, [])) #anns = ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []) #self.assertEquals(2, len(anns)) #self.assert_(anns[0].details.permissions == 'rw----') #self.assert_(anns[1].details.permissions == 'rw----') cl1.sf.closeOnDestroy() cl2.sf.closeOnDestroy()
def testFindAndCountAnnotationsForSharedData(self): uuid = self.root.sf.getAdminService().getEventContext().sessionUuid query = self.root.sf.getQueryService() update = self.root.sf.getUpdateService() admin = self.root.sf.getAdminService() ipojo = self.root.sf.getContainerService() ### create new users #group1 new_gr1 = ExperimenterGroupI() new_gr1.name = rstring("group1_%s" % uuid) gid = admin.createGroup(new_gr1) #new user1 new_exp = ExperimenterI() new_exp.omeName = rstring("user1_%s" % uuid) new_exp.firstName = rstring("New") new_exp.lastName = rstring("Test") defaultGroup = admin.getGroup(gid) listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), defaultGroup, listOfGroups) #new user2 new_exp2 = ExperimenterI() new_exp2.omeName = rstring("user2_%s" % uuid) new_exp2.firstName = rstring("New2") new_exp2.lastName = rstring("Test2") defaultGroup = admin.getGroup(gid) listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), defaultGroup, listOfGroups) ## get users user1 = admin.getExperimenter(eid) user2 = admin.getExperimenter(eid2) ## login as user1 cl1 = self.new_client(user=user1, password="******") update1 = cl1.sf.getUpdateService() ipojo1 = cl1.sf.getContainerService() # create image img = ImageI() img.setName(rstring('test1154-img-%s' % (uuid))) img.setAcquisitionDate(rtime(0)) # default permission 'rw----': img = update1.saveAndReturnObject(img) img.unload() ann1 = CommentAnnotationI() ann1.textValue = rstring("user comment - %s" % uuid) l_ann1 = ImageAnnotationLinkI() l_ann1.setParent(img) l_ann1.setChild(ann1) update1.saveObject(l_ann1) #user retrives the annotations for image coll_count = ipojo1.getCollectionCount( "Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) self.assertEquals(1, coll_count.get(img.id.val, [])) #self.assertEquals(1, len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []))) ## login as user2 cl2 = self.new_client(user=user2, password="******") update2 = cl1.sf.getUpdateService() ann = CommentAnnotationI() ann.textValue = rstring("user2 comment - %s" % uuid) l_ann = ImageAnnotationLinkI() l_ann.setParent(img) l_ann.setChild(ann) update2.saveObject(l_ann) #do they see the same vals? #print ipojo1.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) #print ipojo.getCollectionCount("Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) #print len(ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])) #print len(ipojo.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, [])) coll_count = ipojo1.getCollectionCount( "Image", "ome.model.containers.Image_annotationLinks", [img.id.val], None) self.assertEquals(2, coll_count.get(img.id.val, [])) #anns = ipojo1.findAnnotations("Image", [img.id.val], None, None).get(img.id.val, []) #self.assertEquals(2, len(anns)) #self.assert_(anns[0].details.permissions == 'rw----') #self.assert_(anns[1].details.permissions == 'rw----') cl1.sf.closeOnDestroy() cl2.sf.closeOnDestroy()
def add(self, args): email = args.email login = args.username first = args.firstname middle = args.middlename last = args.lastname inst = args.institution pasw = args.userpassword import omero from omero.rtypes import rstring from omero_model_ExperimenterI import ExperimenterI as Exp from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp c = self.ctx.conn(args) e = Exp() e.omeName = rstring(login) e.firstName = rstring(first) e.lastName = rstring(last) e.middleName = rstring(middle) e.email = rstring(email) e.institution = rstring(inst) # Fail-fast if a non-admin runs this command isAdmin = self.ctx._event_context.isAdmin if not isAdmin: self.error_admin_only(fatal=True) # Fail-fast if no-password is passed and the server does not accept # empty passwords configService = c.getSession().getConfigService() password_required = configService.getConfigValue( "omero.security.password_required").lower() if args.no_password and password_required != 'false': self.ctx.die(502, "Server does not allow user creation with empty" " passwords") # Check user existence admin = c.getSession().getAdminService() try: usr = admin.lookupExperimenter(login) if usr: if args.ignore_existing: self.ctx.out("User exists: %s (id=%s)" % (login, usr.id.val)) return else: self.ctx.die(3, "User exists: %s (id=%s)" % (login, usr.id.val)) except omero.ApiUsageException: pass # Apparently no such user exists groups = self.list_groups(admin, args) roles = admin.getSecurityRoles() groups.append(Grp(roles.userGroupId, False)) if args.admin: groups.append(Grp(roles.systemGroupId, False)) group = groups.pop(0) try: if args.no_password: id = admin.createExperimenter(e, group, groups) self.ctx.out("Added user %s (id=%s) without password" % (login, id)) else: if pasw is None: pasw = self._ask_for_password(" for your new user (%s)" % login, strict=True) id = admin.createExperimenterWithPassword(e, rstring(pasw), group, groups) self.ctx.out("Added user %s (id=%s) with password" % (login, id)) except omero.ValidationException, ve: # Possible, though unlikely after previous check if self.exc.is_constraint_violation(ve): self.ctx.die(66, "User already exists: %s" % login) else: self.ctx.die(67, "Unknown ValidationException: %s" % ve.message)
def testThumbs(self): # root session is root.sf uuid = self.root.sf.getAdminService().getEventContext().sessionUuid admin = self.root.sf.getAdminService() group1name = "private_%s" % uuid group2name = "read-only_%s" % uuid group3name = "collaborative_%s" % uuid ownerName = "owner_%s" % uuid user1name = "user1_%s" % uuid user2name = "user2_%s" % uuid ### create three users in 3 groups listOfGroups = list() listOfGroups.append(admin.lookupGroup("user")) # all users need to be in 'user' group to do anything! #group1 - private new_gr1 = ExperimenterGroupI() new_gr1.name = rstring(group1name) p = PermissionsI('rw----') new_gr1.details.permissions = p gid = admin.createGroup(new_gr1) privateGroup = admin.getGroup(gid) self.assertEquals('rw----', str(privateGroup.details.permissions)) listOfGroups.append(privateGroup) #group2 - read-only new_gr2 = ExperimenterGroupI() new_gr2.name = rstring(group2name) p2 = PermissionsI('rwr---') new_gr2.details.permissions = p2 gid2 = admin.createGroup(new_gr2) readOnlyGroup = admin.getGroup(gid2) self.assertEquals('rwr---', str(readOnlyGroup.details.permissions)) listOfGroups.append(readOnlyGroup) #group3 - read-annotate new_gr3 = ExperimenterGroupI() new_gr3.name = rstring(group3name) p = PermissionsI('rwra--') new_gr3.details.permissions = p gid3 = admin.createGroup(new_gr3) collaborativeGroup = admin.getGroup(gid3) self.assertEquals('rwra--', str(collaborativeGroup.details.permissions)) listOfGroups.append(collaborativeGroup) #new user (group owner) owner = ExperimenterI() owner.omeName = rstring(ownerName) owner.firstName = rstring("Group") owner.lastName = rstring("Owner") owner.email = rstring("*****@*****.**") ownerId = admin.createExperimenterWithPassword(owner, rstring("ome"), privateGroup, listOfGroups) newOwner = admin.getExperimenter(ownerId) admin.setGroupOwner(privateGroup, newOwner) admin.setGroupOwner(readOnlyGroup, newOwner) admin.setGroupOwner(collaborativeGroup, newOwner) #new user1 new_exp = ExperimenterI() new_exp.omeName = rstring(user1name) new_exp.firstName = rstring("Will") new_exp.lastName = rstring("Moore") new_exp.email = rstring("*****@*****.**") eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), privateGroup, listOfGroups) #new user2 new_exp2 = ExperimenterI() new_exp2.omeName = rstring(user2name) new_exp2.firstName = rstring("User") new_exp2.lastName = rstring("Test2") new_exp2.email = rstring("*****@*****.**") eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), privateGroup, listOfGroups) ## get users user1 = admin.getExperimenter(eid) user2 = admin.getExperimenter(eid2) ## login as user1 (into their default group) client_share1 = self.new_client(user=user1, password="******") print len(client_share1.sf.activeServices()) # create image in private group privateImageId = createTestImage(client_share1.sf) print len(client_share1.sf.activeServices()) self.getThumbnail(client_share1.sf, privateImageId) # if we don't get thumbnail, test fails when another user does print len(client_share1.sf.activeServices()) # change user into read-only group. Use object Ids for this, NOT objects from a different context a = client_share1.sf.getAdminService() me = a.getExperimenter(a.getEventContext().userId) a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False)) self.set_context(client_share1, gid2) #print a.getEventContext() # create image and get thumbnail (in read-only group) readOnlyImageId = createTestImage(client_share1.sf) self.getThumbnail(client_share1.sf, readOnlyImageId) # change user into collaborative group. Use object Ids for this, NOT objects from a different context a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False)) self.set_context(client_share1, gid3) # create image and get thumbnail (in collaborative group) collaborativeImageId = createTestImage(client_share1.sf) self.getThumbnail(client_share1.sf, collaborativeImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(client_share1.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(client_share1.sf, readOnlyImageId)) # now check that the 'owner' of each group can see all 3 thumbnails. ## login as owner (into private group) owner_client = self.new_client(user=newOwner, password="******") self.getThumbnail(owner_client.sf, privateImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId)) self.assertEquals(None, self.getThumbnail(owner_client.sf, collaborativeImageId)) # change owner into read-only group. o = client_share1.sf.getAdminService() me = o.getExperimenter(o.getEventContext().userId) o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False)) self.set_context(owner_client, gid2) self.getThumbnail(owner_client.sf, readOnlyImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(owner_client.sf, collaborativeImageId)) # change owner into collaborative group. o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False)) self.set_context(owner_client, gid3) self.getThumbnail(owner_client.sf, collaborativeImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId)) # now check that the 'user2' of each group can see all thumbnails except private. ## login as user2 (into private group) user2_client = self.new_client(user=user2, password="******") # check that we can't get thumbnails for any images in private group self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId)) self.assertEquals(None, self.getThumbnail(user2_client.sf, collaborativeImageId)) # change owner into read-only group. u = user2_client.sf.getAdminService() me = u.getExperimenter(u.getEventContext().userId) u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False)) self.set_context(user2_client, gid2) self.getThumbnail(user2_client.sf, readOnlyImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(user2_client.sf, collaborativeImageId)) # change owner into collaborative group. u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False)) self.set_context(user2_client, gid3) self.getThumbnail(user2_client.sf, collaborativeImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId))
def add(self, args): email = args.email login = args.username first = args.firstname middle = args.middlename last = args.lastname inst = args.institution pasw = args.userpassword import omero from omero.rtypes import rbool, rstring from omero_model_ExperimenterI import ExperimenterI as Exp from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp c = self.ctx.conn(args) e = Exp() e.omeName = rstring(login) e.firstName = rstring(first) e.lastName = rstring(last) e.middleName = rstring(middle) e.email = rstring(email) e.institution = rstring(inst) e.ldap = rbool(False) # Fail-fast if no-password is passed and the server does not accept # empty passwords configService = c.getSession().getConfigService() password_required = configService.getConfigValue( "omero.security.password_required").lower() if args.no_password and password_required != 'false': self.ctx.die( 502, "Server does not allow user creation with empty" " passwords") # Check user existence admin = c.getSession().getAdminService() try: usr = admin.lookupExperimenter(login) if usr: if args.ignore_existing: self.ctx.out("User exists: %s (id=%s)" % (login, usr.id.val)) return else: self.ctx.die( 3, "User exists: %s (id=%s)" % (login, usr.id.val)) except omero.ApiUsageException: pass # Apparently no such user exists [gid, groups] = self.list_groups(admin, args, use_context=False) roles = admin.getSecurityRoles() groups.append(Grp(roles.userGroupId, False)) if args.admin: groups.append(Grp(roles.systemGroupId, False)) group = groups.pop(0) try: if args.no_password: id = admin.createExperimenter(e, group, groups) self.ctx.out("Added user %s (id=%s) without password" % (login, id)) else: if pasw is None: pasw = self._ask_for_password(" for your new user (%s)" % login, strict=True) id = admin.createExperimenterWithPassword( e, rstring(pasw), group, groups) self.ctx.out("Added user %s (id=%s) with password" % (login, id)) except omero.ValidationException as ve: # Possible, though unlikely after previous check if self.exc.is_constraint_violation(ve): self.ctx.die(66, "User already exists: %s" % login) else: self.ctx.die(67, "Unknown ValidationException: %s" % ve.message) except omero.SecurityViolation as se: self.ctx.die(68, "Security violation: %s" % se.message)
#!/usr/bin/env python # -*- coding: utf-8 -*- from omero_model_EventI import EventI from omero_model_ExperimenterI import ExperimenterI from omero_model_GroupExperimenterMapI import GroupExperimenterMapI assert (not EventI().isMutable()) assert ExperimenterI().isMutable() assert ExperimenterI().isGlobal() assert ExperimenterI().isAnnotated() assert GroupExperimenterMapI().isLink()
def add(self, args): email = args.email login = args.username first = args.firstname middle = args.middlename last = args.lastname inst = args.institution pasw = args.userpassword import omero from omero.rtypes import rstring from omero_model_ExperimenterI import ExperimenterI as Exp from omero_model_ExperimenterGroupI import ExperimenterGroupI as Grp c = self.ctx.conn(args) e = Exp() e.omeName = rstring(login) e.firstName = rstring(first) e.lastName = rstring(last) e.middleName = rstring(middle) e.email = rstring(email) e.institution = rstring(inst) admin = c.getSession().getAdminService() try: usr = admin.lookupExperimenter(login) if usr: if args.ignore_existing: self.ctx.out("User exists: %s (id=%s)" % (login, usr.id.val)) return else: self.ctx.die(3, "User exists: %s (id=%s)" % (login, usr.id.val)) except omero.ApiUsageException: pass # Apparently no such user exists groups = self.list_groups(admin, args) roles = admin.getSecurityRoles() groups.append(Grp(roles.userGroupId, False)) if args.admin: groups.append(Grp(roles.systemGroupId, False)) group = groups.pop(0) try: if args.no_password: id = admin.createExperimenter(e, group, groups) self.ctx.out("Added user %s (id=%s) without password" % (login, id)) else: if pasw is None: self._ask_for_password(" for your new user (%s)" % login, strict=True) id = admin.createExperimenterWithPassword(e, rstring(pasw), group, groups) self.ctx.out("Added user %s (id=%s) with password" % (login, id)) except omero.ValidationException, ve: # Possible, though unlikely after previous check if self.exc.is_constraint_violation(ve): self.ctx.die(66, "User already exists: %s" % login) else: self.ctx.die(67, "Unknown ValidationException: %s" % ve.message)
def testThumbs(self): # root session is root.sf uuid = self.root.sf.getAdminService().getEventContext().sessionUuid admin = self.root.sf.getAdminService() group1name = "private_%s" % uuid group2name = "read-only_%s" % uuid group3name = "collaborative_%s" % uuid ownerName = "owner_%s" % uuid user1name = "user1_%s" % uuid user2name = "user2_%s" % uuid ### create three users in 3 groups listOfGroups = list() listOfGroups.append(admin.lookupGroup( "user")) # all users need to be in 'user' group to do anything! #group1 - private new_gr1 = ExperimenterGroupI() new_gr1.name = rstring(group1name) p = PermissionsI('rw----') new_gr1.details.permissions = p gid = admin.createGroup(new_gr1) privateGroup = admin.getGroup(gid) self.assertEquals('rw----', str(privateGroup.details.permissions)) listOfGroups.append(privateGroup) #group2 - read-only new_gr2 = ExperimenterGroupI() new_gr2.name = rstring(group2name) p2 = PermissionsI('rwr---') new_gr2.details.permissions = p2 gid2 = admin.createGroup(new_gr2) readOnlyGroup = admin.getGroup(gid2) self.assertEquals('rwr---', str(readOnlyGroup.details.permissions)) listOfGroups.append(readOnlyGroup) #group3 - read-annotate new_gr3 = ExperimenterGroupI() new_gr3.name = rstring(group3name) p = PermissionsI('rwra--') new_gr3.details.permissions = p gid3 = admin.createGroup(new_gr3) collaborativeGroup = admin.getGroup(gid3) self.assertEquals('rwra--', str(collaborativeGroup.details.permissions)) listOfGroups.append(collaborativeGroup) #new user (group owner) owner = ExperimenterI() owner.omeName = rstring(ownerName) owner.firstName = rstring("Group") owner.lastName = rstring("Owner") owner.email = rstring("*****@*****.**") ownerId = admin.createExperimenterWithPassword(owner, rstring("ome"), privateGroup, listOfGroups) newOwner = admin.getExperimenter(ownerId) admin.setGroupOwner(privateGroup, newOwner) admin.setGroupOwner(readOnlyGroup, newOwner) admin.setGroupOwner(collaborativeGroup, newOwner) #new user1 new_exp = ExperimenterI() new_exp.omeName = rstring(user1name) new_exp.firstName = rstring("Will") new_exp.lastName = rstring("Moore") new_exp.email = rstring("*****@*****.**") eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), privateGroup, listOfGroups) #new user2 new_exp2 = ExperimenterI() new_exp2.omeName = rstring(user2name) new_exp2.firstName = rstring("User") new_exp2.lastName = rstring("Test2") new_exp2.email = rstring("*****@*****.**") eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), privateGroup, listOfGroups) ## get users user1 = admin.getExperimenter(eid) user2 = admin.getExperimenter(eid2) ## login as user1 (into their default group) client_share1 = self.new_client(user=user1, password="******") print len(client_share1.sf.activeServices()) # create image in private group privateImageId = createTestImage(client_share1.sf) print len(client_share1.sf.activeServices()) self.getThumbnail( client_share1.sf, privateImageId ) # if we don't get thumbnail, test fails when another user does print len(client_share1.sf.activeServices()) # change user into read-only group. Use object Ids for this, NOT objects from a different context a = client_share1.sf.getAdminService() me = a.getExperimenter(a.getEventContext().userId) a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False)) self.set_context(client_share1, gid2) #print a.getEventContext() # create image and get thumbnail (in read-only group) readOnlyImageId = createTestImage(client_share1.sf) self.getThumbnail(client_share1.sf, readOnlyImageId) # change user into collaborative group. Use object Ids for this, NOT objects from a different context a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False)) self.set_context(client_share1, gid3) # create image and get thumbnail (in collaborative group) collaborativeImageId = createTestImage(client_share1.sf) self.getThumbnail(client_share1.sf, collaborativeImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(client_share1.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(client_share1.sf, readOnlyImageId)) # now check that the 'owner' of each group can see all 3 thumbnails. ## login as owner (into private group) owner_client = self.new_client(user=newOwner, password="******") self.getThumbnail(owner_client.sf, privateImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId)) self.assertEquals( None, self.getThumbnail(owner_client.sf, collaborativeImageId)) # change owner into read-only group. o = client_share1.sf.getAdminService() me = o.getExperimenter(o.getEventContext().userId) o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False)) self.set_context(owner_client, gid2) self.getThumbnail(owner_client.sf, readOnlyImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId)) self.assertEquals( None, self.getThumbnail(owner_client.sf, collaborativeImageId)) # change owner into collaborative group. o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False)) self.set_context(owner_client, gid3) self.getThumbnail(owner_client.sf, collaborativeImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId)) # now check that the 'user2' of each group can see all thumbnails except private. ## login as user2 (into private group) user2_client = self.new_client(user=user2, password="******") # check that we can't get thumbnails for any images in private group self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId)) self.assertEquals( None, self.getThumbnail(user2_client.sf, collaborativeImageId)) # change owner into read-only group. u = user2_client.sf.getAdminService() me = u.getExperimenter(u.getEventContext().userId) u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False)) self.set_context(user2_client, gid2) self.getThumbnail(user2_client.sf, readOnlyImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId)) self.assertEquals( None, self.getThumbnail(user2_client.sf, collaborativeImageId)) # change owner into collaborative group. u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False)) self.set_context(user2_client, gid3) self.getThumbnail(user2_client.sf, collaborativeImageId) # check that we can't get thumbnails for images in other groups self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId)) self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId))