OHDSI Home | Forums | Wiki | Github

Unable to save concept set in atlas

atlas

(MB) #1

Hi all,

We just set up atlas.

When I try to create concept set, I keep getting ‘Unable to save concept set’ error. I used active directory ldap to log in. My ldap id is in the admin, atlas users, and concept set creator role according to the SEC_USER_ROLE table. So I should have permission to create and save concept set.

Our OMOP CDM version : 5.3 and Atlas version is 2.7.4.

Thanks,
MB


(MB) #2

I found the following error in the tomcat log for my userid xxxxxx. Anyone know what is this personal role for and what may have caused the issue?

ERROR https-jsse-nio-8443-exec-6 org.ohdsi.webapi.shiro.filters.ProcessResponseContentFilterImpl - - Failed to add permissions to concept set with id = 92
java.lang.Exception: There is no personal role for user xxxxxx
at org.ohdsi.webapi.shiro.PermissionManager.getCurrentUserPersonalRole(PermissionManager.java:354)

Thanks,
MB


(MB) #3

After I created a role in sec_role table with my userid, I am able to save the concept_set. I guess we need to do this for all IDs that need to create new concept or cochort according to the part below. This is probably considered personal role.

ADDING NEW USER

When user logs in firts time, record is created in SEC_USER table. Now user is registered and can be associated with roles.

There are two special roles - public role and personal role. Both are assigned to every newly registred users.

One personal role is created for each new user. The name of personal role is the same as user’s login.

This role is intended to hold permissions which are specific to certain user. For example, when user creates new entity, it may be usefull to restrict access to methods which affect the entity, so that only author can change or delete it.

This workflow works when user creates Concept Set, Cohort or Role. Methods which affect these entities are protected. When entity is created, entity-level permissions required for these methods are created as well and then are assigned to creator’s personal role.

Thanks,
MB


t