Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ShUp: findByIdentifier: access denied #2337

Open
michaelkain opened this issue Jul 30, 2024 · 2 comments
Open

ShUp: findByIdentifier: access denied #2337

michaelkain opened this issue Jul 30, 2024 · 2 comments
Assignees
@michaelkain
Labels
bug OFSEP ShanoirUploader subject

Comments

@michaelkain
Copy link
Contributor

michaelkain commented Jul 30, 2024
edited
Loading

An issue occurs if for the same hash a subject is part of another study already, a study where the current user does not have access. The findByIdentifier returns null, because of the Access denied on the server and ShUp considers a new subject to create. This should be fixed. Afterwards exceptions occur on multiple subjects to return in jpa repository for a single result.
@michaelkain michaelkain self-assigned this Jul 30, 2024
michaelkain added a commit to michaelkain/shanoir-ng that referenced this issue Jul 30, 2024
@michaelkain
Fix for GitHub issue fli-iam#2337
1e87966
michaelkain added a commit to michaelkain/shanoir-ng that referenced this issue Jul 31, 2024
@michaelkain
Fixes for subjectStudyTag issues (lazy-loading, cascade etc.), furthe…
22c48d5 
…r fix for GitHub issue fli-iam#2337

5 test cases: profile OFSEP, adapt dev profile for OFSEP
1) new subject not existing with hash in entire database
test: OK, new subject created, new exam
2) subject exists with hash in study-no-access
test: OK, new subject created, new exam
3) subject existing with hash in another accessible study
test: OK, existing subject used, new exam created in other study
4) subject existing with hash in importing study, new exam
test: OK, existing subject used, new exam created in same study
5) subject existing with hash in importing study, existing exam
test: OK, existing subject used, existing exam used, double amount of series
@michaelkain
Copy link
Contributor Author

  • Solution:
    -- API interface not changed, to avoid errors with existing ShUp already installed, that send only the
    identifier hash string
    -- Access denied exception avoided, as now search with identifier only in studies
    with corresponding rights, what leads to the creation of a new subject in study B,
    with the same hash, if the subject exists already in study A, but the user has no
    rights on study A.
    -- at the moment of findByIdentifier (click on import, in imports to server tab, before opening ImportDialog)
    we do not know, in which study the user wants to import into (so, I could not send a studyId anyway)
    -- Removal of rights check in service api (PostAuthorize), as only searching with allowed studies
    -- Removal of rights check (PostAuthorize) on Api as well, as only using allowed studies
    -- All 5 test cases executed for profile OFSEP locally (dev profile modified therefore)

@michaelkain
Copy link
Contributor Author

to be tested in center, where 4 subjects with the same hash have wrongly been generated, only one should now be the case; as soon as the OSIV PR is deployed in prod

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michaelkain michaelkain

Labels
bug OFSEP ShanoirUploader subject
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@michaelkain