metalnx-web
metalnx-web copied to clipboard
irods-contrib
Permissions of collection object
Hello, I am testing the latest version of metalnx and I get a permissions discrepancy between what I see on the server via icommands and what it is displayed by metalnx. For instance
# ils -A ../baaa/Data -d
/Zone/home/baaa/Data:
ACL - baaa#Zone:own ks#Zone:read_object
Inheritance - Disabled
and
Is this the desired behavior? Thanks in advance.
That looks like a bug.
What version of iRODS are you running Metalnx against?
I bet this is because metalnx hasn't yet learned about the change from 'read object' to 'read_object' in 4.3.0.
And probably also 'modify object' -> 'modify_object'.
@trel That makes sense.
In fact my iRODS server logs report
"request_release_version": "rods3.2"
upon initiating a connection.
PS: how does metalnx use the following credentials in metalnx.properties? Are there any background admin ops that the app performs? Are there any docs about? Thanks.
irods.admin.user=xxx
irods.admin.password=xxx
I'm not sure, but my guess is that there may be background processes running within the Metalnx server that require admin level privileges. Some operations offered by Metalnx may also require temporary escalation of privileges as well.
NFSRODS does a similar thing, so it isn't uncommon to find admin credentials in iRODS software.
I am just wondering..clearly many admin ops can also be performed if an admin logs in via the web interface..
yes, metalnx caches many things in its own database and does so via admin credentials. there is also a background 'jobs' process - you can find it in the metalnx.properties file - also requires rodsadmin.
we are planning to remove the database (#214) as part of 3.0.0 - and therefore may metalnx a pure client, no admin requirements.
I have the same issue with the permissions displayed in metalnx not matching the icommands ils -A results for collections. Except for the owners, metalnx always displays "NONE" for the other users while in fact permissions can be write or read. Good thing: if you modify the permission in metalnx, the change does matter and you can see the change using the ils -A icommands. Each time you refresh the metalnx web page, the permission of users (except for the owners) retruns to "NONE". Seems like a "reading permission" issue for the read and write only. Note that it works well for objects, I only see the issue with collections.
Any lead on a solution ? Thanks in advance :)
I am using iRODS 4.3.1, and I don't know my metalnx version (how/where can I get it ?).
We're currently preparing for our annual UGM and working on the release of iRODS 4.3.2.
At the very least, there won't be a fix for this until after 4.3.2 is released.