def testLoginToPublicGroupTicket1940(self):
# As root create a new group
uuid = self.uuid()
g = ExperimenterGroupI()
g.name = rstring(uuid)
g.details.permissions = PermissionsI("rwrwrw")
gid = self.root.sf.getAdminService().createGroup(g)
# As a regular user, login to that group
rv = self.root.getPropertyMap()
ec = self.client.sf.getAdminService().getEventContext()
public_client = omero.client(rv)
public_client.getImplicitContext().put("omero.group", uuid)
sf = public_client.createSession(ec.userName, "foo")
ec = sf.getAdminService().getEventContext()
self.assertEquals(uuid, ec.groupName)
# But can the user write anything?
tag = TagAnnotationI()
sf.getUpdateService().saveObject(tag)
def testLoginToPublicGroupTicket1940(self):
# As root create a new group
uuid = self.uuid()
g = ExperimenterGroupI()
g.name = rstring(uuid)
g.ldap = rbool(False)
g.details.permissions = PermissionsI("rwrwrw")
self.root.sf.getAdminService().createGroup(g)
# As a regular user, login to that group
rv = self.root.getPropertyMap()
ec = self.client.sf.getAdminService().getEventContext()
public_client = omero.client(rv)
public_client.getImplicitContext().put("omero.group", uuid)
sf = public_client.createSession(ec.userName, ec.userName)
ec = sf.getAdminService().getEventContext()
assert uuid == ec.groupName
# But can the user write anything?
tag = TagAnnotationI()
tag = sf.getUpdateService().saveAndReturnObject(tag)
# And link?
# And edit? cF. READ-ONLY & READ-LINK
sf.getUpdateService().deleteObject(tag)
def testThumbs(self):
# root session is root.sf
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
admin = self.root.sf.getAdminService()
group1name = "private_%s" % uuid
group2name = "read-only_%s" % uuid
group3name = "collaborative_%s" % uuid
ownerName = "owner_%s" % uuid
user1name = "user1_%s" % uuid
user2name = "user2_%s" % uuid
### create three users in 3 groups
listOfGroups = list()
listOfGroups.append(admin.lookupGroup(
"user")) # all users need to be in 'user' group to do anything!
#group1 - private
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring(group1name)
p = PermissionsI('rw----')
new_gr1.details.permissions = p
gid = admin.createGroup(new_gr1)
privateGroup = admin.getGroup(gid)
self.assertEquals('rw----', str(privateGroup.details.permissions))
listOfGroups.append(privateGroup)
#group2 - read-only
new_gr2 = ExperimenterGroupI()
new_gr2.name = rstring(group2name)
p2 = PermissionsI('rwr---')
new_gr2.details.permissions = p2
gid2 = admin.createGroup(new_gr2)
readOnlyGroup = admin.getGroup(gid2)
self.assertEquals('rwr---', str(readOnlyGroup.details.permissions))
listOfGroups.append(readOnlyGroup)
#group3 - read-annotate
new_gr3 = ExperimenterGroupI()
new_gr3.name = rstring(group3name)
p = PermissionsI('rwra--')
new_gr3.details.permissions = p
gid3 = admin.createGroup(new_gr3)
collaborativeGroup = admin.getGroup(gid3)
self.assertEquals('rwra--',
str(collaborativeGroup.details.permissions))
listOfGroups.append(collaborativeGroup)
#new user (group owner)
owner = ExperimenterI()
owner.omeName = rstring(ownerName)
owner.firstName = rstring("Group")
owner.lastName = rstring("Owner")
owner.email = rstring("*****@*****.**")
ownerId = admin.createExperimenterWithPassword(owner, rstring("ome"),
privateGroup,
listOfGroups)
newOwner = admin.getExperimenter(ownerId)
admin.setGroupOwner(privateGroup, newOwner)
admin.setGroupOwner(readOnlyGroup, newOwner)
admin.setGroupOwner(collaborativeGroup, newOwner)
#new user1
new_exp = ExperimenterI()
new_exp.omeName = rstring(user1name)
new_exp.firstName = rstring("Will")
new_exp.lastName = rstring("Moore")
new_exp.email = rstring("*****@*****.**")
eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"),
privateGroup, listOfGroups)
#new user2
new_exp2 = ExperimenterI()
new_exp2.omeName = rstring(user2name)
new_exp2.firstName = rstring("User")
new_exp2.lastName = rstring("Test2")
new_exp2.email = rstring("*****@*****.**")
eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"),
privateGroup, listOfGroups)
## get users
user1 = admin.getExperimenter(eid)
user2 = admin.getExperimenter(eid2)
## login as user1 (into their default group)
client_share1 = self.new_client(user=user1, password="******")
print len(client_share1.sf.activeServices())
# create image in private group
privateImageId = createTestImage(client_share1.sf)
print len(client_share1.sf.activeServices())
self.getThumbnail(
client_share1.sf, privateImageId
) # if we don't get thumbnail, test fails when another user does
print len(client_share1.sf.activeServices())
# change user into read-only group. Use object Ids for this, NOT objects from a different context
a = client_share1.sf.getAdminService()
me = a.getExperimenter(a.getEventContext().userId)
a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
self.set_context(client_share1, gid2)
#print a.getEventContext()
# create image and get thumbnail (in read-only group)
readOnlyImageId = createTestImage(client_share1.sf)
self.getThumbnail(client_share1.sf, readOnlyImageId)
# change user into collaborative group. Use object Ids for this, NOT objects from a different context
a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
self.set_context(client_share1, gid3)
# create image and get thumbnail (in collaborative group)
collaborativeImageId = createTestImage(client_share1.sf)
self.getThumbnail(client_share1.sf, collaborativeImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None,
self.getThumbnail(client_share1.sf, privateImageId))
self.assertEquals(None,
self.getThumbnail(client_share1.sf, readOnlyImageId))
# now check that the 'owner' of each group can see all 3 thumbnails.
## login as owner (into private group)
owner_client = self.new_client(user=newOwner, password="******")
self.getThumbnail(owner_client.sf, privateImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None,
self.getThumbnail(owner_client.sf, readOnlyImageId))
self.assertEquals(
None, self.getThumbnail(owner_client.sf, collaborativeImageId))
# change owner into read-only group.
o = client_share1.sf.getAdminService()
me = o.getExperimenter(o.getEventContext().userId)
o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
self.set_context(owner_client, gid2)
self.getThumbnail(owner_client.sf, readOnlyImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None,
self.getThumbnail(owner_client.sf, privateImageId))
self.assertEquals(
None, self.getThumbnail(owner_client.sf, collaborativeImageId))
# change owner into collaborative group.
o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
self.set_context(owner_client, gid3)
self.getThumbnail(owner_client.sf, collaborativeImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None,
self.getThumbnail(owner_client.sf, privateImageId))
self.assertEquals(None,
self.getThumbnail(owner_client.sf, readOnlyImageId))
# now check that the 'user2' of each group can see all thumbnails except private.
## login as user2 (into private group)
user2_client = self.new_client(user=user2, password="******")
# check that we can't get thumbnails for any images in private group
self.assertEquals(None,
self.getThumbnail(user2_client.sf, privateImageId))
self.assertEquals(None,
self.getThumbnail(user2_client.sf, readOnlyImageId))
self.assertEquals(
None, self.getThumbnail(user2_client.sf, collaborativeImageId))
# change owner into read-only group.
u = user2_client.sf.getAdminService()
me = u.getExperimenter(u.getEventContext().userId)
u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
self.set_context(user2_client, gid2)
self.getThumbnail(user2_client.sf, readOnlyImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None,
self.getThumbnail(user2_client.sf, privateImageId))
self.assertEquals(
None, self.getThumbnail(user2_client.sf, collaborativeImageId))
# change owner into collaborative group.
u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
self.set_context(user2_client, gid3)
self.getThumbnail(user2_client.sf, collaborativeImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None,
self.getThumbnail(user2_client.sf, privateImageId))
self.assertEquals(None,
self.getThumbnail(user2_client.sf, readOnlyImageId))
def testGroupOwners(self):
# this is the test of creating private group and updating it
# including changes in #1434
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
query = self.root.sf.getQueryService()
update = self.root.sf.getUpdateService()
admin = self.root.sf.getAdminService()
#create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupAnnotate(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
gr1 = admin.getGroup(g1_id)
#create user1
new_exp1 = ExperimenterI()
new_exp1.omeName = rstring("user1_%s" % uuid)
new_exp1.firstName = rstring("New")
new_exp1.lastName = rstring("Test")
new_exp1.email = rstring("*****@*****.**")
uuid = self.uuid()
uuidGroup = ExperimenterGroupI()
uuidGroup.name = rstring(uuid)
uuidGroupId = admin.createGroup(uuidGroup)
uuidGroup = ExperimenterGroupI(uuidGroupId, False)
listOfGroups = list()
listOfGroups.append(admin.lookupGroup("user"))
eid1 = admin.createExperimenterWithPassword(new_exp1, rstring("ome"),
uuidGroup, listOfGroups)
exp1 = admin.getExperimenter(eid1)
#set owner of the group (user is not a member of)
admin.addGroupOwners(gr1, [exp1])
# chech if is the leader
leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
self.assertTrue(gr1.id.val in leaderOfGroups)
# remove group owner
admin.removeGroupOwners(gr1, [exp1])
# chech if no longer is the leader
leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
self.assertFalse(gr1.id.val in leaderOfGroups)
"""
def testCreatGroupAndchangePermissions(self):
# this is the test of updating group permissions
# including changes in #1434
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
query = self.root.sf.getQueryService()
update = self.root.sf.getUpdateService()
admin = self.root.sf.getAdminService()
#create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(False)
p.setGroupAnnotate(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
#increase permissions of group1 to rwr---
gr1 = admin.getGroup(g1_id)
p1 = PermissionsI()
p1.setUserRead(True)
p1.setUserWrite(True)
p1.setGroupRead(True)
p1.setGroupAnnotate(False)
p1.setGroupWrite(False)
p1.setWorldRead(False)
p1.setWorldAnnotate(False)
p1.setWorldWrite(False)
admin.changePermissions(gr1, p1)
gr2 = admin.getGroup(g1_id)
self.assertEquals('rwr---', str(gr2.details.permissions))
#increase permissions of group1 to rwra--
gr2 = admin.getGroup(g1_id)
p2 = PermissionsI()
p2.setUserRead(True)
p2.setUserWrite(True)
p2.setGroupRead(True)
p2.setGroupAnnotate(True)
p2.setGroupWrite(False)
p2.setWorldRead(False)
p2.setWorldAnnotate(False)
p2.setWorldWrite(False)
admin.changePermissions(gr2, p2)
gr3 = admin.getGroup(g1_id)
self.assertEquals('rwra--', str(gr3.details.permissions))
#increase permissions of group1 to rwrw--
gr3 = admin.getGroup(g1_id)
p3 = PermissionsI()
p3.setUserRead(True)
p3.setUserWrite(True)
p3.setGroupRead(True)
p3.setGroupWrite(True)
p3.setWorldRead(False)
p3.setWorldAnnotate(False)
p3.setWorldWrite(False)
admin.changePermissions(gr3, p3)
gr4 = admin.getGroup(g1_id)
self.assertEquals('rwrw--', str(gr4.details.permissions))
def testCreatAndUpdatePublicGroup(self):
# this is the test of creating public group and updating it
# including changes in #1434
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
query = self.root.sf.getQueryService()
update = self.root.sf.getUpdateService()
admin = self.root.sf.getAdminService()
#create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupWrite(True)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# update name of group1
gr1 = admin.getGroup(g1_id)
self.assertEquals('rwrw--', str(gr1.details.permissions))
new_name = "changed_name_group1_%s" % uuid
gr1.name = rstring(new_name)
admin.updateGroup(gr1)
gr1_u = admin.getGroup(g1_id)
self.assertEquals(new_name, gr1_u.name.val)
def testGroupOwners(self):
# this is the test of creating private group and updating it
# including changes in #1434
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
query = self.root.sf.getQueryService()
update = self.root.sf.getUpdateService()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupAnnotate(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
gr1 = admin.getGroup(g1_id)
# create user1
new_exp1 = ExperimenterI()
new_exp1.omeName = rstring("user1_%s" % uuid)
new_exp1.firstName = rstring("New")
new_exp1.lastName = rstring("Test")
new_exp1.email = rstring("*****@*****.**")
uuid = self.uuid()
uuidGroup = ExperimenterGroupI()
uuidGroup.name = rstring(uuid)
uuidGroupId = admin.createGroup(uuidGroup)
uuidGroup = ExperimenterGroupI(uuidGroupId, False)
listOfGroups = list()
listOfGroups.append(admin.lookupGroup("user"))
eid1 = admin.createExperimenterWithPassword(new_exp1, rstring("ome"), uuidGroup, listOfGroups)
exp1 = admin.getExperimenter(eid1)
# set owner of the group (user is not a member of)
admin.addGroupOwners(gr1, [exp1])
# chech if is the leader
leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
self.assertTrue(gr1.id.val in leaderOfGroups)
# remove group owner
admin.removeGroupOwners(gr1, [exp1])
# chech if no longer is the leader
leaderOfGroups = admin.getLeaderOfGroupIds(exp1)
self.assertFalse(gr1.id.val in leaderOfGroups)
"""
def testCreatGroupAndchangePermissions(self):
# this is the test of updating group permissions
# including changes in #1434
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
query = self.root.sf.getQueryService()
update = self.root.sf.getUpdateService()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(False)
p.setGroupAnnotate(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# increase permissions of group1 to rwr---
gr1 = admin.getGroup(g1_id)
p1 = PermissionsI()
p1.setUserRead(True)
p1.setUserWrite(True)
p1.setGroupRead(True)
p1.setGroupAnnotate(False)
p1.setGroupWrite(False)
p1.setWorldRead(False)
p1.setWorldAnnotate(False)
p1.setWorldWrite(False)
admin.changePermissions(gr1, p1)
gr2 = admin.getGroup(g1_id)
self.assertEquals("rwr---", str(gr2.details.permissions))
# increase permissions of group1 to rwra--
gr2 = admin.getGroup(g1_id)
p2 = PermissionsI()
p2.setUserRead(True)
p2.setUserWrite(True)
p2.setGroupRead(True)
p2.setGroupAnnotate(True)
p2.setGroupWrite(False)
p2.setWorldRead(False)
p2.setWorldAnnotate(False)
p2.setWorldWrite(False)
admin.changePermissions(gr2, p2)
gr3 = admin.getGroup(g1_id)
self.assertEquals("rwra--", str(gr3.details.permissions))
# increase permissions of group1 to rwrw--
gr3 = admin.getGroup(g1_id)
p3 = PermissionsI()
p3.setUserRead(True)
p3.setUserWrite(True)
p3.setGroupRead(True)
p3.setGroupWrite(True)
p3.setWorldRead(False)
p3.setWorldAnnotate(False)
p3.setWorldWrite(False)
admin.changePermissions(gr3, p3)
gr4 = admin.getGroup(g1_id)
self.assertEquals("rwrw--", str(gr4.details.permissions))
def testCreatAndUpdatePublicGroup(self):
# this is the test of creating public group and updating it
# including changes in #1434
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
query = self.root.sf.getQueryService()
update = self.root.sf.getUpdateService()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupWrite(True)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# update name of group1
gr1 = admin.getGroup(g1_id)
self.assertEquals("rwrw--", str(gr1.details.permissions))
new_name = "changed_name_group1_%s" % uuid
gr1.name = rstring(new_name)
admin.updateGroup(gr1)
gr1_u = admin.getGroup(g1_id)
self.assertEquals(new_name, gr1_u.name.val)
def testCreatGroupAndchangePermissions(self):
# this is the test of updating group permissions
# including changes in #1434
uuid = self.uuid()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
new_gr1.ldap = rbool(False)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(False)
p.setGroupAnnotate(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# increase permissions of group1 to rwr---
p1 = PermissionsI()
p1.setUserRead(True)
p1.setUserWrite(True)
p1.setGroupRead(True)
p1.setGroupAnnotate(False)
p1.setGroupWrite(False)
p1.setWorldRead(False)
p1.setWorldAnnotate(False)
p1.setWorldWrite(False)
self.change_permissions(g1_id, str(p1), self.root)
gr2 = admin.getGroup(g1_id)
assert 'rwr---' == str(gr2.details.permissions)
# increase permissions of group1 to rwra--
gr2 = admin.getGroup(g1_id)
p2 = PermissionsI()
p2.setUserRead(True)
p2.setUserWrite(True)
p2.setGroupRead(True)
p2.setGroupAnnotate(True)
p2.setGroupWrite(False)
p2.setWorldRead(False)
p2.setWorldAnnotate(False)
p2.setWorldWrite(False)
self.change_permissions(g1_id, str(p2), self.root)
gr3 = admin.getGroup(g1_id)
assert 'rwra--' == str(gr3.details.permissions)
# increase permissions of group1 to rwrw--
gr3 = admin.getGroup(g1_id)
p3 = PermissionsI()
p3.setUserRead(True)
p3.setUserWrite(True)
p3.setGroupRead(True)
p3.setGroupWrite(True)
p3.setWorldRead(False)
p3.setWorldAnnotate(False)
p3.setWorldWrite(False)
self.change_permissions(g1_id, str(p3), self.root)
gr4 = admin.getGroup(g1_id)
assert 'rwrw--' == str(gr4.details.permissions)
def testCreatAndUpdatePublicGroup(self):
# this is the test of creating public group and updating it
# including changes in #1434
uuid = self.uuid()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
new_gr1.ldap = rbool(False)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupWrite(True)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# update name of group1
gr1 = admin.getGroup(g1_id)
assert 'rwrw--' == str(gr1.details.permissions)
new_name = "changed_name_group1_%s" % uuid
gr1.name = rstring(new_name)
admin.updateGroup(gr1)
gr1_u = admin.getGroup(g1_id)
assert new_name == gr1_u.name.val
def testCreatGroupAndchangePermissions(self):
# this is the test of updating group permissions
# including changes in #1434
uuid = self.uuid()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
new_gr1.ldap = rbool(False)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(False)
p.setGroupAnnotate(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# increase permissions of group1 to rwr---
p1 = PermissionsI()
p1.setUserRead(True)
p1.setUserWrite(True)
p1.setGroupRead(True)
p1.setGroupAnnotate(False)
p1.setGroupWrite(False)
p1.setWorldRead(False)
p1.setWorldAnnotate(False)
p1.setWorldWrite(False)
self.change_permissions(g1_id, str(p1), self.root)
gr2 = admin.getGroup(g1_id)
assert 'rwr---' == str(gr2.details.permissions)
# increase permissions of group1 to rwra--
gr2 = admin.getGroup(g1_id)
p2 = PermissionsI()
p2.setUserRead(True)
p2.setUserWrite(True)
p2.setGroupRead(True)
p2.setGroupAnnotate(True)
p2.setGroupWrite(False)
p2.setWorldRead(False)
p2.setWorldAnnotate(False)
p2.setWorldWrite(False)
self.change_permissions(g1_id, str(p2), self.root)
gr3 = admin.getGroup(g1_id)
assert 'rwra--' == str(gr3.details.permissions)
# increase permissions of group1 to rwrw--
gr3 = admin.getGroup(g1_id)
p3 = PermissionsI()
p3.setUserRead(True)
p3.setUserWrite(True)
p3.setGroupRead(True)
p3.setGroupWrite(True)
p3.setWorldRead(False)
p3.setWorldAnnotate(False)
p3.setWorldWrite(False)
self.change_permissions(g1_id, str(p3), self.root)
gr4 = admin.getGroup(g1_id)
assert 'rwrw--' == str(gr4.details.permissions)
def testCreatAndUpdatePublicGroup(self):
# this is the test of creating public group and updating it
# including changes in #1434
uuid = self.uuid()
admin = self.root.sf.getAdminService()
# create group1
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring("group1_%s" % uuid)
new_gr1.ldap = rbool(False)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupWrite(True)
p.setWorldRead(False)
p.setWorldAnnotate(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
g1_id = admin.createGroup(new_gr1)
# update name of group1
gr1 = admin.getGroup(g1_id)
assert 'rwrw--' == str(gr1.details.permissions)
new_name = "changed_name_group1_%s" % uuid
gr1.name = rstring(new_name)
admin.updateGroup(gr1)
gr1_u = admin.getGroup(g1_id)
assert new_name == gr1_u.name.val
def testThumbs(self):
# root session is root.sf
uuid = self.root.sf.getAdminService().getEventContext().sessionUuid
admin = self.root.sf.getAdminService()
group1name = "private_%s" % uuid
group2name = "read-only_%s" % uuid
group3name = "collaborative_%s" % uuid
ownerName = "owner_%s" % uuid
user1name = "user1_%s" % uuid
user2name = "user2_%s" % uuid
### create three users in 3 groups
listOfGroups = list()
listOfGroups.append(admin.lookupGroup("user")) # all users need to be in 'user' group to do anything!
#group1 - private
new_gr1 = ExperimenterGroupI()
new_gr1.name = rstring(group1name)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(False)
p.setGroupWrite(False)
p.setWorldRead(False)
p.setWorldWrite(False)
new_gr1.details.permissions = p
gid = admin.createGroup(new_gr1)
privateGroup = admin.getGroup(gid)
self.assertEquals('rw----', str(privateGroup.details.permissions))
listOfGroups.append(privateGroup)
#group2 - read-only
new_gr2 = ExperimenterGroupI()
new_gr2.name = rstring(group2name)
p2 = PermissionsI()
p2.setUserRead(True)
p2.setUserWrite(True)
p2.setGroupRead(True)
p2.setGroupWrite(False)
p2.setWorldRead(False)
p2.setWorldWrite(False)
new_gr2.details.permissions = p2
gid2 = admin.createGroup(new_gr2)
readOnlyGroup = admin.getGroup(gid2)
self.assertEquals('rwr---', str(readOnlyGroup.details.permissions))
listOfGroups.append(readOnlyGroup)
#group3 - collaborative
new_gr3 = ExperimenterGroupI()
new_gr3.name = rstring(group3name)
p = PermissionsI()
p.setUserRead(True)
p.setUserWrite(True)
p.setGroupRead(True)
p.setGroupWrite(True)
p.setWorldRead(False)
p.setWorldWrite(False)
new_gr3.details.permissions = p
gid3 = admin.createGroup(new_gr3)
collaborativeGroup = admin.getGroup(gid3)
self.assertEquals('rwrw--', str(collaborativeGroup.details.permissions))
listOfGroups.append(collaborativeGroup)
#new user (group owner)
owner = ExperimenterI()
owner.omeName = rstring(ownerName)
owner.firstName = rstring("Group")
owner.lastName = rstring("Owner")
owner.email = rstring("*****@*****.**")
ownerId = admin.createExperimenterWithPassword(owner, rstring("ome"), privateGroup, listOfGroups)
newOwner = admin.getExperimenter(ownerId)
admin.setGroupOwner(privateGroup, newOwner)
admin.setGroupOwner(readOnlyGroup, newOwner)
admin.setGroupOwner(collaborativeGroup, newOwner)
#new user1
new_exp = ExperimenterI()
new_exp.omeName = rstring(user1name)
new_exp.firstName = rstring("Will")
new_exp.lastName = rstring("Moore")
new_exp.email = rstring("*****@*****.**")
eid = admin.createExperimenterWithPassword(new_exp, rstring("ome"), privateGroup, listOfGroups)
#new user2
new_exp2 = ExperimenterI()
new_exp2.omeName = rstring(user2name)
new_exp2.firstName = rstring("User")
new_exp2.lastName = rstring("Test2")
new_exp2.email = rstring("*****@*****.**")
eid2 = admin.createExperimenterWithPassword(new_exp2, rstring("ome"), privateGroup, listOfGroups)
## get users
user1 = admin.getExperimenter(eid)
user2 = admin.getExperimenter(eid2)
## login as user1 (into their default group)
client_share1 = omero.client()
client_share1.createSession(user1.omeName.val,"ome")
print len(client_share1.sf.activeServices())
# create image in private group
privateImageId = createTestImage(client_share1.sf)
print len(client_share1.sf.activeServices())
self.getThumbnail(client_share1.sf, privateImageId) # if we don't get thumbnail, test fails when another user does
print len(client_share1.sf.activeServices())
# change user into read-only group. Use object Ids for this, NOT objects from a different context
a = client_share1.sf.getAdminService()
me = a.getExperimenter(a.getEventContext().userId)
a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
self.set_context(client_share1, gid2)
#print a.getEventContext()
# create image and get thumbnail (in read-only group)
readOnlyImageId = createTestImage(client_share1.sf)
self.getThumbnail(client_share1.sf, readOnlyImageId)
# change user into collaborative group. Use object Ids for this, NOT objects from a different context
a.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
self.set_context(client_share1, gid3)
# create image and get thumbnail (in collaborative group)
collaborativeImageId = createTestImage(client_share1.sf)
self.getThumbnail(client_share1.sf, collaborativeImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None, self.getThumbnail(client_share1.sf, privateImageId))
self.assertEquals(None, self.getThumbnail(client_share1.sf, readOnlyImageId))
# now check that the 'owner' of each group can see all 3 thumbnails.
## login as owner (into private group)
owner_client = omero.client()
owner_client.createSession(newOwner.omeName.val,"ome")
self.getThumbnail(owner_client.sf, privateImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId))
self.assertEquals(None, self.getThumbnail(owner_client.sf, collaborativeImageId))
# change owner into read-only group.
o = client_share1.sf.getAdminService()
me = o.getExperimenter(o.getEventContext().userId)
o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
self.set_context(owner_client, gid2)
self.getThumbnail(owner_client.sf, readOnlyImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId))
self.assertEquals(None, self.getThumbnail(owner_client.sf, collaborativeImageId))
# change owner into collaborative group.
o.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
self.set_context(owner_client, gid3)
self.getThumbnail(owner_client.sf, collaborativeImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None, self.getThumbnail(owner_client.sf, privateImageId))
self.assertEquals(None, self.getThumbnail(owner_client.sf, readOnlyImageId))
# now check that the 'user2' of each group can see all thumbnails except private.
## login as user2 (into private group)
user2_client = omero.client()
user2_client.createSession(user2.omeName.val,"ome")
# check that we can't get thumbnails for any images in private group
self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId))
self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId))
self.assertEquals(None, self.getThumbnail(user2_client.sf, collaborativeImageId))
# change owner into read-only group.
u = user2_client.sf.getAdminService()
me = u.getExperimenter(u.getEventContext().userId)
u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid2, False))
self.set_context(user2_client, gid2)
self.getThumbnail(user2_client.sf, readOnlyImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId))
self.assertEquals(None, self.getThumbnail(user2_client.sf, collaborativeImageId))
# change owner into collaborative group.
u.setDefaultGroup(me, omero.model.ExperimenterGroupI(gid3, False))
self.set_context(user2_client, gid3)
self.getThumbnail(user2_client.sf, collaborativeImageId)
# check that we can't get thumbnails for images in other groups
self.assertEquals(None, self.getThumbnail(user2_client.sf, privateImageId))
self.assertEquals(None, self.getThumbnail(user2_client.sf, readOnlyImageId))