Skip to content

Writing tables to private groups#35

Merged
emilroz merged 1 commit intoglencoesoftware:mainfrom
muhanadz:private_group_fix
Jun 10, 2025
Merged

Writing tables to private groups#35
emilroz merged 1 commit intoglencoesoftware:mainfrom
muhanadz:private_group_fix

Conversation

@muhanadz
Copy link
Member

@muhanadz muhanadz commented Jun 4, 2025

This PR addresses an issue where an OriginalFile object created during table registration may incorrectly reference an ExternalInfo object owned by another user, rather than the active OMERO user. This generally goes unnoticed in shared groups (Read-Only, Read-Annotate, Read-Write), as read access is permitted across users. However, it leads to a SecurityViolation in private groups, where cross-user access is restricted.

import omero2pandas
db_path = omero2pandas.upload_table("example.csv", "testing", parent_id=123, parent_type="Image")

To resolve this, the change introduces a shallow copy of the OriginalFile using a newly constructed OriginalFileI object. This ensures that ownership and related metadata are correctly set to match the current user context at creation time.

@muhanadz muhanadz changed the title Writing tables to private groups. Writing tables to private groups Jun 4, 2025
@DavidStirling DavidStirling self-requested a review June 5, 2025 08:13
Copy link
Contributor

@DavidStirling DavidStirling left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change is sensible and fixes the problem case in question.

@emilroz emilroz merged commit c5da9d1 into glencoesoftware:main Jun 10, 2025
1 check passed
@muhanadz muhanadz deleted the private_group_fix branch June 10, 2025 14:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants