Unable to see users on Apollo with no organisms since upgraded to Apollo 2.7.0 with security patch and Apollo 2.8.0
6 views
Skip to first unread message
Michael Thang
Mar 14, 2025, 1:18:51 AMMar 14
to apollo, j....@qcif.edu.au, m.t...@uq.edu.au
Unable to see users on Apollo with no organisms since upgraded to Apollo 2.7.0 with security patch and Apollo 2.8.0. This works before upgrade, but now only see users on Apollo with organisms already in place.
After logging into Apollo, unable to see users under the user tab or create user. The error is the followings: Failed to add the user User does not have permission for any organisms.
Looking in at tomcat log file (localhost_access_log), I can see the followings
more ...
"POST /apollo/Login?clientToken=xxxxxxxx HTTP/1.1" 200 12
"GET /apollo/annotator/index HTTP/1.1" 200 3038
"POST /apollo/annotationEditor/getSequenceSearchTools?clientToken=xxxxxxxx HTTP/1.1" 200 546
"GET /apollo/annotator/getExtraTabs?clientToken=xxxxxxxx HTTP/1.1" 200 12
"POST /apollo/sequence/getSequences/?name=&start=0&length=50&sort=length&asc=false&clientToken=xxxxxxxx HTTP/1.1" 200 115
"GET /apollo/user/checkLogin?clientToken=xxxxxxxx HTTP/1.1" 200 143
"GET /apollo/annotator/adminPanel HTTP/1.1" 200 3552
"POST /apollo/IOService/chadoExportStatus?clientToken=xxxxxxxx HTTP/1.1" 200 36
"GET /apollo/assets/application-fdb3a1e7a3dfd976904b80c2974e62d9.css HTTP/1.1" 200 25844
"POST /apollo/user/updateTrackListPreference?clientToken=xxxxxxxx HTTP/1.1" 200 60
"POST /apollo/user/loadUsers/?clientToken=xxxxxxxx HTTP/1.1" 500 71
"GET /apollo/annotator/index HTTP/1.1" 200 3038
"POST /apollo/annotationEditor/getSequenceSearchTools?clientToken=xxxxxxxx HTTP/1.1" 200 546
"GET /apollo/annotator/getExtraTabs?clientToken=xxxxxxxx HTTP/1.1" 200 12
"POST /apollo/sequence/getSequences/?name=&start=0&length=50&sort=length&asc=false&clientToken=xxxxxxxx HTTP/1.1" 200 115
"GET /apollo/user/checkLogin?clientToken=xxxxxxxx HTTP/1.1" 200 143
"GET /apollo/annotator/adminPanel HTTP/1.1" 200 3552
"POST /apollo/IOService/chadoExportStatus?clientToken=xxxxxxxx HTTP/1.1" 200 36
"GET /apollo/assets/application-fdb3a1e7a3dfd976904b80c2974e62d9.css HTTP/1.1" 200 25844
"POST /apollo/user/updateTrackListPreference?clientToken=xxxxxxxx HTTP/1.1" 200 60
"POST /apollo/user/loadUsers/?clientToken=xxxxxxxx HTTP/1.1" 500 71
Michael Thang
Mar 14, 2025, 2:21:55 AMMar 14
to apollo, Michael Thang, j....@qcif.edu.au
Hi, following up with some additional information.The administrator account on these apollos does exist and was created via database injection. The admin account has been defined in grails_user with the user defined to be an ADMIN in the grails_user_roles table.It is important that we can create users prior to adding organisms, as we build Apollo instances for researchers, and they populate their apollo instance with their own data.
Garrett Stevens
Mar 17, 2025, 3:13:09 PMMar 17
to Michael Thang, apollo, j....@qcif.edu.au
Thanks for reporting this. I've been able to reproduce this bug and am working on a fix.
In the meantime as a workaround, I think the web services should still work, so you can create new users using something like this:
curl -X POST -H 'Content-Type: application/json' -d '{"username":"ad...@example.com","password":"adminpassword","email":"new...@example.com","firstName":"New","lastName":"User","role":"USER","newPassword":"newuserpassword"}' http://localhost:8080/apollo/user/createUser
Best,
Garrett
To unsubscribe from this group and stop receiving emails from it, send an email to apollo+un...@lbl.gov.
Reply all
Reply to author
Forward
0 new messages