Project

General

Profile

Actions

bug #7390

closed

possible permission clash when adding basionym

Added by Andreas Kohlbecker almost 6 years ago. Updated almost 6 years ago.

Status:
Duplicate
Priority:
New
Category:
cdmlib
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Severity:
normal
Found in Version:
Tags:

Description

When a user is only having per entity grants to UPDATE TaxonNames adding a basionym to a taxonname may fail:

  • TaxonName "Beta exemplaris" for which the user has the UPDATE authority
  • TaxonName "Alpha exemplaris" for which the user is not having the update permission.

Adding "Alpha exemplaris" as basionym to "Beta exemplaris" will fail in this situation during the hibernate session flush since the new basionym name relationships will be added to both of the taxon names. This operation should be possible, though. The scientific name at the from-side (that is the basionym) of the name relation is not altered by using it as a basionym for another name.

The same issue exists also replaced synonym relations!

Possible solutions:

  • General solution:
    • Skip the permission check for name relations at the from-side for basionym and replaced-synonym relations. How about other relations? (This can be reached e.g. by removing the according Cascade)
    • Introduce a new permission concept like privileged access for updates: priviledged update? (see SAP)
  • Application specific: Temporarily grant the UPDATE authority to the user performing the operations in the client application. Grant before flushing the session and remove the grant afterwards. Use a try-catch-finally clause where the withdrawal of the temporary permission is done in the finally clause. --> #7391

see also WorkshopRightsAndRoles2017-11


Related issues

Related to EDIT - bug #7391: grant UPDATE for taxonnames temporarily when using a name as basionym RejectedAndreas Kohlbecker

Actions
Related to EDIT - bug #7392: Remove Cascade from relationsClosedAndreas Müller

Actions
Actions

Also available in: Atom PDF