[ome-users] Having a user that (initially) cannot upload data possible? + omero admin sessionlist not working anymore

Sascha Neinert sascha.neinert at uni-koeln.de
Thu Nov 16 15:24:16 GMT 2017 

Hi Josh,


> Am 15.11.2017 um 16:27 schrieb Josh Moore <josh at glencoesoftware.com>:
> 
> On Wed, Nov 15, 2017 at 11:18 AM, Sascha Neinert
> <sascha.neinert at uni-koeln.de> wrote:
>> Dear all,
> 
> Hi Sascha,
> 
> 
>> we were wondering if it is possible to create a configuration where specific users can only view some data, but not perform any upload. ...
> 
> 
> Unfortunately, at the moment, it's not possible to have multiple users
> who are not permitted to upload:
> 
>  https://trello.com/c/XGQH3LEN/299-rfe-non-writeable-users
> 
> You _can_ have a single global user in OMERO.web that can only view
> data. See https://docs.openmicroscopy.org/omero/5.4.0/sysadmins/public.html
> for more information.
> 
> If that doesn't work for your situation, perhaps you could explain
> more about what else the non-upload users should be able to do?

We use LDAP for authentication, so we do not add yet another account/password for the users. But we do not have groups in our LDAP, so currently omero.ldap.new_user_group is just „default“. Even if we would get to have groups in our organisational LDAP at some point in the future, we would have quite some users from neighbouring institutions that would have no groups, or maybe just one very big group that would not be very useful. So our users should login for the first time, notify us to be moved into their lab groups, and then start using OMERO. But they also can login for the first time and directly start to upload data, which would then end up in „default“.

If an admin takes the new user and puts him/her into the correct groups, and takes him/her out of „default“ - hm, i do not yet fully understand what happens to any remaining data in „default“ yet. Anyhow, we would like to avoid a situation where data ends up somewhere and nobody feels responsible for it anymore, so we thought if we could maybe set „default“ to „nobody can store anything inside“-mode. We could treat „default“ as some kind of „temp“ or „scratch“ maybe.

> 
> 
>> Some issue i also noticed is that „omero admin sessionlist“ does not work anymore since the 5.4 update, it stops with an exception. But the other admin commands such as omero admin diagnostices work fine.
> 
> 
> Thanks for letting us know; I've noted the issue:
> 
>  https://trello.com/c/vcM2a41a/298-bug-bin-omero-admin-sessionlist
> 
> Could you try the newer:
> 
>  bin/omero sessions who
> 
> and let us know if that works for you?

Yes, that works fine. Thanks!

Best regards, Sascha

> 
> 
>> Thank you! Best regards,
>> Sascha
> 
> All the best,
> ~Josh
> _______________________________________________
> ome-users mailing list
> ome-users at lists.openmicroscopy.org.uk
> http://lists.openmicroscopy.org.uk/mailman/listinfo/ome-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4937 bytes
Desc: not available
URL: <http://lists.openmicroscopy.org.uk/pipermail/ome-users/attachments/20171116/0f927485/attachment.p7s>

More information about the ome-users mailing list