[imaging_uploader] Site&Project check with config setting and permission #9533
Conversation
|
Assigning both of you to check for redflags. |
31af8bf to
71343b5
Compare
|
Why not have a permission that allows you to have access to ALL uploads (i.e even uploads not from the user's site)? With your new permission definitions, I don't think there can be an imaging uploader super-user when |
|
@nicolasbrossard I'm not sure if you are suggesting that functionality on top of what I'm adding or instead of but I'll try to answer it either way. So yes, you are correct but my goal on CBIG is not to have anyone be superuser in fact I shy away from giving anyone any superuser or all site permissions at all. I think it boils down to the following.
I don't see the all sites usecase anywhere, I think even case #3 (closest to superuser) you would just get the sites and projects you need assigned to you instead of getting some sort of magic all sites permissions because ultimately if you need to debug anything you will also need imaging_browser all sites, access_all_profile, issue tracker all site and a bunch of other all sites... you might as well get all the sites? Plus, it doesnt even make sense anymore to have all sites because it either needs to include all projects or we need to make a separate all projects permission or an all sites and all projects... |
|
Sourcing raisinbread/RB_files/RB_ConfigSettings.sql |
2c008dd to
5bc7fa1
Compare
5bc7fa1 to
a346d7c
Compare
|
@nicolasbrossard @cmadjar One issue remains here, can someone upload a scan for a candidate not at their site/project ? |
|
Two issues--what Rida said, and it has conflicts and can't be merged |
|
All cases were tested on my VM and I could not find a bug. I did fid minor typos (see review). I could not test whether or not a user can upload a scan to a session that is not associated to either a project or a site he's not allowed to use since the imaging uploader was broken at the time of testing, so this test is still pending. |
| $projectString = implode("','", $user->getProjectIDs()); | ||
| $username = $user->getUsername(); | ||
|
|
||
| if ($user->hasPermission('imaging_uploader_nosessionid')) { |
There was a problem hiding this comment.
Nitpicking here, but the if/else could be rewritten as:
$where = " WHERE
(s.CenterID IN ('$centerString')
AND
s.ProjectID IN ('$projectString')
) OR mu.UploadedBy='$username'";
if ($user->hasPermission('imaging_uploader_nosessionid')) {
$where .= " OR s.CenterID IS NULL
OR s.ProjectID IS NULL";
}
| 3. Set the `useSiteProjectPermissions` (Use Site Project Permissions) Configuration to NO and make sure your | ||
| user does NOT have the `imaging_uploader_nosessionid` permission (do not use superuser) | ||
| [Manual Testing] | ||
| 4. Check that when accessing the Imaging Uploader page, the 'Browse' tab displays all the uploads done for all users. |
There was a problem hiding this comment.
Step 4: if the user does not have imaging_uploader_nosessionid, then he/she should not see ALL uploads done for all users (only those that have a session ID).
There was a problem hiding this comment.
@nicolasbrossard IF the useImagingSiteProjectPermissions I think the imaging_uploader_nosessionid should not block you from seeing ALL scans. thats done for backwards compatibility (or at least it should be) i.e. projects not expecting a sessionID to always be defined leave the configuration off and are unaffected by the new permissions.
Is this not the functionality you noticed?
There was a problem hiding this comment.
You are right: if useImagingSiteProjectPermissionsis not No, then you see all scans. Disregard my last comment.
| INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (130,'DownloadPath','Where files are downloaded',1,0,'text',26,'Downloads',4); | ||
| INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (131,'EEGUploadIncomingPath', 'Path to the upload directory for incoming EEG studies', 1, 0, 'text', 26, 'EEG Incoming Directory', 15); | ||
| INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (132,'useDoB','Use DoB (Date of Birth)',1,0,'boolean',1,'Use DoB',12); | ||
| INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (133,'useImagingSiteProjectPermissions','Restricts access to dat based on both sites and project. Allows access to data with no session affiliated using a special permission only',1,0,'boolean',50,'Use Advanced Site Project Permissions',5); |
There was a problem hiding this comment.
Typo:
access to dat => access to data
There was a problem hiding this comment.
I'll fix it with the rebase thanks
a346d7c to
ea174fa
Compare
|
I successfully uploaded a scan for a project/site that I am not allowed to use. Not sure this is a desirable feature... |
| ); | ||
| } | ||
| // Basic fields have been validated, check user permisions | ||
| $session = \TimePoint::singleton($candidate['SessionID']); |
There was a problem hiding this comment.
This is not going to work: TimePoint::singleton takes a SessionID as argument.
f602eb4 to
5ea200a
Compare
SQL/0000-00-02-Permission.sql
Outdated
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8; | ||
|
|
||
|
|
||
| <<<<<<< HEAD |
There was a problem hiding this comment.
Rebasing too fast maybe? :)
There was a problem hiding this comment.
AAAAAAAAAAAAAAAAA
151db25 to
1a4805f
Compare
|
With |
|
@nicolasbrossard yes intended behaviour (I tried to clarify that in the test plan) but basically the configuration option is meant to switch beteeen the current way the module works (everyone can do everything) and the institutional way where people can only operate within their sites and projects |
dbcf7e8 to
1c0899c
Compare
modules/imaging_uploader/README.md
Outdated
| The imaging uploader module uses one permission called `imaging_uploader` that | ||
| is necessary to have access to the module and gives the user the ability to | ||
| upload and browse all scans uploaded to the database. | ||
| *In the interest of backwards compatibility, permission behaviour varies slightly |
There was a problem hiding this comment.
Backward compatibility (not backward_s_). There are also other occurrences.
|
|
||
| Any of the following permissions grants access to the module. | ||
|
|
||
| `imaging_uploader_allsites`: |
There was a problem hiding this comment.
I think it would be a good idea to mention somewhere that you always have access to the scans you uploaded.
There was a problem hiding this comment.
its in the test plan... not sure where itwould fit in the readme? any sugestions ?
There was a problem hiding this comment.
I would put the comment at the very end of the Module Permission section.
Realined with dicom archive
1c0899c to
e182e80
Compare
e182e80 to
cfda90b
Compare
Brief summary of changes
These changes offer a backwards compatible way of adding Site and Project permissions to the imaging_uploader module.
Since the imaging_uploader may contain uploads which fail validation (for whatever reason) and are thus not associated to a sessionID in the mri_upload table, the files are not technically associated with a site and project. In the current implementation all users with access to the module have access to all uploads which is problematic for institutional instances like CBIG. The changes here include a config setting to enable/disable the use of site/project checking (disabled is the status quo) but also include a permission which can give a user access to only their site's/project's data + any file with no sessionID and thus no site or project. Which should cover all use cases past and future
Note: To all the config setting haters (@driusan) it was my impression from the last meeting we had that there is no near future in which all projects revert to forcing a sessionID in the imaging modules or otherwise fail the insert so I think a config setting is warranted here for other instances to not have overrides for 10+ years
Testing instructions (if applicable)
voila
Link(s) to related issue(s)