Open Microscopy Environment

Hi team,

I have a few Python scripts that retrieve stuff from OMERO, some via the Python API and some via the JSON API. All works fine but now I would like to access that stuff as another user so I get their rendering settings and such. So I was looking to use something similar to the --sudo functionality in CLI.

With the Python API I connect via BlitzGateway where I don't see a sudo option. There probably is something since the various CLI commands do have a --sudo option, no?

With JSON API, I use a small section of code that originated with Will and/or Ola:

Code: Select all

def connect_to_omero(base_url: str, user: str, password: str):

    session = requests.Session()

    login_url = base_url + '/webclient/login/'
    session.get(login_url)
    token = session.cookies['csrftoken']

    if (user == None):
        user = input('OMERO Username (return for public repository): ')

    if (password == None):
        password = getpass.getpass('OMERO Password (return for public repository): ')

    # Login with username, password and server
    payload = {'username': user,
           'password': password,
           'server': 1,
           'noredirect': 1,
           'csrfmiddlewaretoken': token}
    r = session.post(login_url, data=payload, headers=dict(Referer=login_url))

    # Return session handle
    return session


Is there a "sudo" option somewhere?

Thanks,
- Damir

Dear Damir,

I can at least get you going via the Blitz API. From the service factory that you have in hand there is a method https://downloads.openmicroscopy.org/la ... ionService for getting the session service. What you do is put the name of the user to whom you want to sudo as the name of a new principal as at https://downloads.openmicroscopy.org/la ... cipal.html. As a full administrator, or at least as an administrator without the Sudo restriction as at https://docs.openmicroscopy.org/latest/ ... #term-sudo, you can pass that principal to any of the createSession* methods of your session service. The new session that you create will be in the context of the intended sudo. You can test that by using https://downloads.openmicroscopy.org/la ... entContext from that session's service factory to check its event context: its user* and sudoer* properties should be set.

One way to initialize a gateway to use this session is to connect a new OMERO client object by authenticating using as both username and password the UUID (unique key) of that session you created. Other team members may know smoother, easier ways to use the gateways for sudo but at least this login-by-UUID approach should get you started in using your new sudo session. If you run into any trouble then let us know and we'll try to fill in anything I missed. Once you are managing multiple sessions like this then be doubly careful with your code's resource management so that they do all get closed in the end.

Cheers,
Mark

Dear Damir,

In reviewing where we could improve our documentation on this topic I stumbled across https://docs.openmicroscopy.org/latest/ ... .html#sudo which provides a code example of what I was describing so that may also be of help to you.

Cheers,
Mark

Hi Mark,

Thanks much for both approaches. Indeed, creating a session UUID is one that I should have thought of myself. And the code example is perfect for a more advanced approach. These will serve me well.

And as part of future functionality of the JSON API, may I propose some kind of sudo functionality as well?

Cheers,
- Damir

Dear Damir,

Certainly! Consider it noted. We would indeed like to keep expanding the useful coverage of the JSON API.

All the best,
Mark