[12/9/2018 10:40:31 AM] User tobias.kockmann@fgcz.ethz.ch does not have permissions to upload to the Panorama folder /Functional Genomics Center Zurich - Proteomics & Protein Analysis Group/Qcloud/QEXACTIVEHF_2

support
[12/9/2018 10:40:31 AM] User tobias.kockmann@fgcz.ethz.ch does not have permissions to upload to the Panorama folder /Functional Genomics Center Zurich - Proteomics & Protein Analysis Group/Qcloud/QEXACTIVEHF_2 Tobias Kockmann  2018-12-09
 

Dear Panorama support,

our autoQC loader client reports:

[12/9/2018 10:40:31 AM]    User tobias.kockmann@fgcz.ethz.ch does not have permissions to upload to the Panorama folder /Functional Genomics Center Zurich - Proteomics & Protein Analysis Group/Qcloud/QEXACTIVEHF_2

Did somebody mess with my Panorama account? I have used it to upload data for months and now all of a sudden I am lacking permissions?

Greetings,
Tobi

 
 
Tobias Kockmann responded:  2018-12-09

I restarted one of the configs:

Name: autoQC01_HF2
Enabled: True
Panorama User: tobias.kockmann@fgcz.ethz.ch
Created: 8/18/201712:39 PM
Modified: 1/9/201811:24 AM

Main Settings
Skyline file: Z:\QEXACTIVEHF_2\autoQC01_HF2_centroided_mode_daily.sky
Folder to watch: Z:\QEXACTIVEHF_2
Include subfolders: False
Filter Type: Contains; Pattern: autoQC01
Instrument: Thermo
Results window: 31 days
Acquisition time: 5 minutes

Panorama Settings
Panorama server URL: https://panoramaweb.org/
Panorama user email: tobias.kockmann@fgcz.ethz.ch
Panorama folder: /Functional Genomics Center Zurich - Proteomics & Protein Analysis Group/Qcloud/QEXACTIVEHF_2


[12/9/2018 2:06:40 PM]    There was an error validating configuration "autoQC01_HF2"
System.ArgumentException: User tobias.kockmann@fgcz.ethz.ch does not have permissions to upload to the Panorama folder /Functional Genomics Center Zurich - Proteomics & Protein Analysis Group/Qcloud/QEXACTIVEHF_2
   at AutoQC.PanoramaSettings.ValidateSettings()
   at AutoQC.ConfigRunner.RunConfiguration(Object sender, DoWorkEventArgs e)
[12/9/2018 2:07:10 PM]    Error importing file.

 
Brendan MacLean responded:  2018-12-09

Hi Tobi,
My first guess is that this is related to Cross-Site Request Forgery "CSRF" protection that went into effect when we upgraded to version 18.3. Below, I have pasted an explanation from Josh Eckels. Sorry for not doing a better job of announcing this to PanoramaWeb.org users ahead of the upgrade.

=================================================

Short version: Please upgrade to recent versions of Skyline and AutoQC to make sure they will be compatible with new versions of LabKey Server and Panorama.

Full details:

As part of our effort to make sure that LabKey Server and Panorama protect against potential security threats, we've been gradually getting stricter about how we validate requests against an attack called Cross-Site Request Forgery (CSRF). The Skyline team has been working to make sure that it includes the required information to validate the requests it makes when uploading data to Panorama.

When you upgrade to LabKey Server version 18.3, it will automatically do more stringent checks than old versions did. You'll want to be sure you're using versions of Skyline or AutoQC that include the right information in their requests. The minimum versions that do are:

Skyline: version 4.2
Skyline-daily: version 4.1.1.18151
AutoQC Loader - version 1.1.0.18302

In version 18.3, LabKey administrators can relax the validation in a way that will be compatible with older Skyline and AutoQC releases. In 19.1, this will no longer be possible.

If you're not running with a compatible combination, you'll see errors when uploading to Panorama from Skyline, and there will be a message in the labkey.log file about suspicious request(s).

For more details, please see the documentation here:

https://www.labkey.org/Documentation/wiki-page.view?name=csrfProtection

Please let me know if you have any questions or concerns. Hopefully most everyone has already upgraded to the latest Skyline and AutoQC versions.

Thanks,
Josh

 
vsharma responded:  2018-12-09

Hi Tobi,

Brendan is right that the error is because of the CSRF protection built into LabKey Server 18.3 that we upgraded to last Thursday (Dec 6). As of today, we have relaxed that setting allow uploads from older versions of Skyline and AutoQC Loader that do not support the CSRF requirements. But this will only work until we upgrade LabKey Server on PanoramaWeb to 19.1 (expected March, 2019). I encourage you to upgrade to the latest versions as soon as possible.

We will send out an email to all PanoramaWeb users in the next few weeks announcing the need to upgrade. I apologize for the confusion.

-Vagisha

 
Tobias Kockmann responded:  2018-12-10

Hi Josh, Hi Vagisha,

thx for the information. Now the client is able to push data again. We will do the update in the first week of the new year.

Greetings,
Tobi