Opened 17 years ago
Closed 17 years ago
#690 closed defect (fixed)
Not allowed to read Extra value type
Reported by: | base | Owned by: | Nicklas Nordborg |
---|---|---|---|
Priority: | minor | Milestone: | BASE 2.4 |
Component: | web | Version: | |
Keywords: | permissions | Cc: |
Description (last modified by )
I've loaded an experiment as an administrator, all within a project. Then I shared all items in the project to group "Everyone" (making Everyone a member of the project did not have the desired effect [see ticket #689]). When our guest user tries to view the experiment - the Properties and Overview tabs work OK, but the Bioassay sets tab fails (blank page). Tomcat log below. I think it's because I created an extravalue for the bioassay set. The extra value thingy doesn't seem to have a "Share..." option.
thanks, Bob MacCallum
13:26:36,341 ERROR [jsp]:253 - Servlet.service() for servlet jsp threw exception net.sf.basedb.core.PermissionDeniedException: Permission denied: Not allowed to read Extra value type[id=1; name=De-logged int ensity] at net.sf.basedb.core.BasicItem.checkPermission(BasicItem.java:109) at net.sf.basedb.core.DbControl.getItem(DbControl.java:793) at net.sf.basedb.core.ExtraValue.getExtraValueType(ExtraValue.java:217) at org.apache.jsp.views.experiments.bioassaysets.analysis_005ftree_jsp.appendNode(analysis_005ftree_jsp.java:164) at org.apache.jsp.views.experiments.bioassaysets.analysis_005ftree_jsp.generateTree(analysis_005ftree_jsp.java:136) at org.apache.jsp.views.experiments.bioassaysets.analysis_005ftree_jsp.generateTree(analysis_005ftree_jsp.java:137) at org.apache.jsp.views.experiments.bioassaysets.analysis_005ftree_jsp.generateTree(analysis_005ftree_jsp.java:137) at org.apache.jsp.views.experiments.bioassaysets.analysis_005ftree_jsp._jspService(analysis_005ftree_jsp.java:668) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:334) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574) at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)
tack! Bob.
Change History (5)
comment:1 by , 17 years ago
comment:2 by , 17 years ago
Description: | modified (diff) |
---|---|
Milestone: | → BASE 2.4 |
Owner: | changed from | to
Priority: | major → minor |
Status: | new → assigned |
Hmmm... BASE by default give guests USE permission to extra value types. Maybe this has been changed by an admin some time ago... The easiest fix is to give the 'Guest' role permission read extra value types. Extra value types are global resources, much like file types, MIME types, etc. and all users should have access to them.
On the other hand, the code that is causing the exception should be more stable... this needs to be fixed. It should be simple enough to put a try-catch around the buggy line.
comment:3 by , 17 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
comment:4 by , 17 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Found a few more places where there is the same problem
comment:5 by , 17 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Forgot to say that the experiment name is "Blood-fed adult female tissues" (already public data, don't worry)