search

ome / omero-figure

An OMERO.web app for creating Figures from images in OMERO
http://figure.openmicroscopy.org
GNU Affero General Public License v3.0
15 stars 30 forks source link

Warn if save fails due to no permissions #365

Closed manics closed 3 years ago

manics commented 4 years ago

Public user

  1. Open figure as the public user
  2. Create a new figure, add a public image
  3. Click save. In the browser network console you'll see a 403 error but there's nothing in the UI to indicate it failed.

Logged in user not in public group

  1. Login as a user who is not a member of the public group
  2. Browse the public group, since you should still be able to see it
  3. Open figure
  4. Create a new figure, add a public image
  5. Click save. In the browser network console you'll see a 500 error but there's nothing in the UI to indicate it failed.

The latter is arguably a bigger problem. There is no expectation of the public user being able to save, however a user who is logged in but in the wrong group might still expect the save to work.

will-moore commented 3 years ago

The latter scenario shouldn't be possible. If you are logged-in as a user who is not a member of the public group, you won't be able to access images that are in the public group.

will-moore commented 3 years ago

The first scenario should be fixed by #415