[
https://issues.apache.org/jira/browse/UIMA-5800?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16584136#comment-16584136
]
Lou DeGenaro commented on UIMA-5800:
------------------------------------
> add new python script to admin directory: db_access_check.py
usage: db_access_check.py [-h] --owner OWNER --looker LOOKER [--debug]
Determine if LOOKER can view OWNER database data through examination of
db.access file in security directory, typically ~/.ducc. Return 1 if
authorized, 0 otherwise. Rules: 1. Authorized if OWNER == LOOKER or 2.
Authorized if OWNER db.access file is readable by all or 3. Authorized if
LOOKER groups contains the OWNER db.access file group
optional arguments:
-h, --help show this help message and exit
--owner OWNER, -o OWNER
the user who owns the data
--looker LOOKER, -l LOOKER
the user who views the data
--debug, -d display debugging messages
> employ script in WS org.apache.uima.ducc.ws.utils.HandlersHelper
> isServiceFileAccessForRead
> DUCC Web Server (WS) does not honor db.access permissions when changed?
> -----------------------------------------------------------------------
>
> Key: UIMA-5800
> URL: https://issues.apache.org/jira/browse/UIMA-5800
> Project: UIMA
> Issue Type: Bug
> Components: DUCC
> Reporter: Lou DeGenaro
> Assignee: Lou DeGenaro
> Priority: Major
> Fix For: 2.2.3-Ducc
>
>
> user is trying to use ducc-mon to view another user's data which is stored in
> DB. File db.access owning user's permissions were rw - -. When changed to
> rw r r, the alien user still cannot see data coming from DB.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
