Open Microscopy Environment

The OME community
https://www.openmicroscopy.org/community/

Editing root user issues

https://www.openmicroscopy.org/community/viewtopic.php?f=5&t=8385

Page 1 of 1

Editing root user issues

PostPosted: Sat Oct 21, 2017 3:45 am
by mayav
Hi,

When i try to update the root user details in the omero we received this error log.


Code: Select all
Traceback (most recent call last):

  File "/usr/lib/python2.7/site-packages/django/core/handlers/base.py", line 132, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omeroweb/decorators.py", line 476, in wrapped
    retval = f(request, *args, **kwargs)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omeroweb/decorators.py", line 528, in wrapper
    context = f(request, *args, **kwargs)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omeroweb/webadmin/views.py", line 602, in manage_experimenter
    conn.updateAdminPrivileges(experimenter.id, to_add, to_remove)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omero/gateway/__init__.py", line 2316, in updateAdminPrivileges
    admin.setAdminPrivileges(exp, to_set)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omero/gateway/__init__.py", line 4601, in __call__
    return self.handle_exception(e, *args, **kwargs)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omeroweb/webclient/webclient_gateway.py", line 2099, in handle_exception
    e, *args, **kwargs)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omero/gateway/__init__.py", line 4598, in __call__
    return self.f(*args, **kwargs)

  File "/home/omero/OMERO.server-5.4.0-ice36-b74/lib/python/omero_api_IAdmin_ice.py", line 2372, in setAdminPrivileges
    return _M_omero.api.IAdmin._op_setAdminPrivileges.invoke(self, ((user, privileges), _ctx))

ApiUsageException: exception ::omero::ApiUsageException
{
    serverStackTrace = ome.conditions.ApiUsageException: cannot remove light administrator privileges from the root user
   at ome.logic.AdminImpl.setAdminPrivileges(AdminImpl.java:1335)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.lang.reflect.Method.invoke(Method.java:498)
   at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
   at ome.security.basic.EventHandler.invoke(EventHandler.java:153)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:249)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:121)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
   at com.sun.proxy.$Proxy89.setAdminPrivileges(Unknown Source)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.lang.reflect.Method.invoke(Method.java:498)
   at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
   at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:93)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
   at com.sun.proxy.$Proxy89.setAdminPrivileges(Unknown Source)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.lang.reflect.Method.invoke(Method.java:498)
   at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:172)
   at ome.services.throttling.Callback.run(Callback.java:56)
   at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56)
   at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:140)
   at ome.services.blitz.impl.AdminI.setAdminPrivileges_async(AdminI.java:435)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
   at java.lang.reflect.Method.invoke(Method.java:498)
   at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
   at omero.cmd.CallContext.invoke(CallContext.java:78)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
   at com.sun.proxy.$Proxy90.setAdminPrivileges_async(Unknown Source)
   at omero.api._IAdminTie.setAdminPrivileges_async(_IAdminTie.java:326)
   at omero.api._IAdminDisp.___setAdminPrivileges(_IAdminDisp.java:1923)
   at omero.api._IAdminDisp.__dispatch(_IAdminDisp.java:2382)
   at IceInternal.Incoming.invoke(Incoming.java:221)
   at Ice.ConnectionI.invokeAll(ConnectionI.java:2536)
   at Ice.ConnectionI.dispatch(ConnectionI.java:1145)
   at Ice.ConnectionI.message(ConnectionI.java:1056)
   at IceInternal.ThreadPool.run(ThreadPool.java:395)
   at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
   at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
   at java.lang.Thread.run(Thread.java:748)

    serverExceptionClass = ome.conditions.ApiUsageException
    message = cannot remove light administrator privileges from the root user
}


<WSGIRequest
path:/webadmin/experimenter/save/0/,
GET:<QueryDict: {}>,
POST:<QueryDict: {u'ModifyGroup': [u'on'], u'first_name': [u'Root'], u'last_name': [u'User'], u'middle_name': [u'r'], u'ModifyUser': [u'on'], u'Sudo': [u'on'], u'ModifyGroupMembership': [u'on'], u'default_group': [u'0'], u'institution': [u''], u'Write': [u'on'], u'other_groups': [u'0'], u'Chown': [u'on'], u'omename': [u'root'], u'csrfmiddlewaretoken': [u'ZN2a2dwV9vYImZN8dlyfoWv05h16Iq78'], u'Chgrp': [u'on'], u'Script': [u'on'], u'email': [u'super@gmail.com'], u'Delete': [u'on']}>,
COOKIES:{'csrftoken': 'ZN2a2dwV9vYImZN8dlyfoWv05h16Iq78',
'sessionid': 'eqrn3pnqaucvz02xi6rapfdmmlq0rp5k'},
META:{'CONTENT_LENGTH': '308',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
u'CSRF_COOKIE': u'ZN2a2dwV9vYImZN8dlyfoWv05h16Iq78',
'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate',
'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.8',
'HTTP_CACHE_CONTROL': 'max-age=0',
'HTTP_CONNECTION': 'close',
'HTTP_COOKIE': 'sessionid=eqrn3pnqaucvz02xi6rapfdmmlq0rp5k; csrftoken=ZN2a2dwV9vYImZN8dlyfoWv05h16Iq78',
'HTTP_HOST': 'my_ip_address',
'HTTP_ORIGIN': 'http://my_ip_address',
'HTTP_REFERER': 'http://my_ip_address/webadmin/experimenter/edit/0/',
'HTTP_UPGRADE_INSECURE_REQUESTS': '1',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36',
'HTTP_X_FORWARDED_FOR': 'my browser ip',
'HTTP_X_FORWARDED_PROTO': 'http',
'PATH_INFO': u'/webadmin/experimenter/save/0/',
'QUERY_STRING': '',
'RAW_URI': '/webadmin/experimenter/save/0/',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_PORT': '46258',
'REQUEST_METHOD': 'POST',
'SCRIPT_NAME': u'',
'SERVER_NAME': '127.0.0.1',
'SERVER_PORT': '4080',
'SERVER_PROTOCOL': 'HTTP/1.0',
'SERVER_SOFTWARE': 'gunicorn/19.7.1',
'gunicorn.socket': <socket._socketobject object at 0x65a51a0>,
'wsgi.errors': <gunicorn.http.wsgi.WSGIErrorsWrapper object at 0x6847ad0>,
'wsgi.file_wrapper': <class 'gunicorn.http.wsgi.FileWrapper'>,
'wsgi.input': <gunicorn.http.body.Body object at 0x68477d0>,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}>

Re: Editing root user issues

PostPosted: Sat Oct 21, 2017 10:30 am
by kennethgillen
Hi Mayav,

Thanks for the stacktrace - I'm sure the OMERO.web team will be better able to handle that situation better now we've seen the crash.

Can I ask what you changes were you trying to make to the root user?

Many thanks,

Kenny

Re: Editing root user issues

PostPosted: Mon Oct 23, 2017 10:11 am
by jmoore
Hi Mayav,

just touching base that I reproduced this error and have filed it under https://trello.com/c/oJPTE5vq/95-bug-edit-root-user.

Thanks for letting us know!
~Josh

Re: Editing root user issues

PostPosted: Wed Oct 25, 2017 8:59 am
by mayav
Hi,

Any fix or patch's for this issue ?

Thanks

Re: Editing root user issues

PostPosted: Wed Oct 25, 2017 1:18 pm
by jmoore
Hi mayav,

not yet. Depending on what you are trying to do, there is aworkaround though: you can use the CLI for updating the user in the meantime:

Code: Select all
$ bin/omero -q user info
id | login | first name | last name | email | active | ldap  | admin | member of        | owner of
----+-------+------------+-----------+-------+--------+-------+-------+------------------+----------
0  | root  | Root       | root      |       | Yes    | False | Yes   | 3,4,5,10,117,6,7 |
(1 row)


$ bin/omero -q obj update Experimenter:0 lastName=User
Experimenter:0


$ bin/omero -q user info
id | login | first name | last name | email | active | ldap  | admin | member of        | owner of
----+-------+------------+-----------+-------+--------+-------+-------+------------------+----------
0  | root  | Root       | User      |       | Yes    | False | Yes   | 3,4,5,10,117,6,7 |
(1 row)


~Josh

Re: Editing root user issues

PostPosted: Wed Oct 25, 2017 4:20 pm
by wmoore
Another option if you're logged in as root is to use the "User Settings" (top-right menu in webclient) /webadmin/myaccount/ to edit your details.

Regards,

Will.

Re: Editing root user issues

PostPosted: Thu Oct 26, 2017 4:12 am
by mayav
Thanks wmoore & jmoore , Let me try this any one
All times are UTC
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/