use the session key as the username/password to authenticate using OMERO.web
got to the My Account view i.e. click on the user profile then User settings
Without this PR, the Save and Change my password button should be active. Clicking on Save should launch the 500 error page with a server SecurityViolation of type Current user is not admin for the given user(s). Clicking on Change my password will ask for the current user password which is not known in this workflow since the session was created using the principal password.
Fixes #445
Summary of changes
To test this PR, follow the authentication workflow described in https://github.com/ome/omero-web/issues/445#issuecomment-1525079385 i.e.
--sudo
via the CLIUser settings
Without this PR, the
Save
andChange my password
button should be active. Clicking onSave
should launch the 500 error page with a serverSecurityViolation
of typeCurrent user is not admin for the given user(s)
. Clicking onChange my password
will ask for the current user password which is not known in this workflow since the session was created using the principal password.With this PR, both buttons should be hidden.