[ome-devel] SessionService
Josh Moore
josh at glencoesoftware.com
Wed May 7 11:18:10 BST 2014
On May 6, 2014, at 4:21 PM, Mark Woodbridge wrote:
> Hi,
Hi Mark,
> We would like to schedule an overnight script that batch-converts some raw images into OME-TIFF and then uploads them to OMERO whist retaining their original ownership. All the users owning the images are in the same group.
>
> In the past I have used the SessionService to run scripts on behalf of other users, and it works fine but requires the OMERO superuser password. Is there any way to create a superuser just for this group and restrict the users that it can impersonate?
Not yet, no. As a part of the "import-as" facility, we'd like to allow group owners and possibly other users the ability to perform such actions for someone else. This won't be ready for 5.0.2 though.
> Or another means of using the Command Line Importer without sharing the main admin user's (or individual users') password(s)?
As a workaround until the above is done, you could use a very long-lived session per user, similar to an OAuth token:
s.createSessionWithTimeouts(
omero.sys.Principal("someuser", "user", "Task"),
31 * 24 * 60 * 60 * 1000, 0) # Usable for 1 month.
These would have to be manually renewed using the root password. Happy to help come up with a script to do that if you'd like.
> OMERO.dropbox is maybe another option but we're using a network drive for our OMERO filesystem.
We're also looking into to making a "manual dropbox" which you could launch periodically, especially for network drives. But again, not ready for 5.0.2.
> Mark.
All the best,
~Josh.
More information about the ome-devel
mailing list