When the DOI service creates a fresh instance of the local transaction database, or it creates a new directory within the local transaction history, it does not ensure group-write permissions are enabled on either. This can cause issues, both when the database needs to be recreated from scratch (user/operator must remember to manually assign group-write), and when the service creates new directory entries in the local transaction_history store (transactions become "owned" by the user/operator's account, and without group-write permissions, the pds4 account cannot delete them).
๐ To Reproduce
Steps to reproduce the behavior:
Install a fresh instance of the DOI service
Submit a reserve request using any valid label or input spreadsheet
If the submission is successful, observe the permissions on the doi.db file created, as well as the permissions of the transaction_history directory and any subdirectories. None of which should have group-write permissions enabled by default.
๐ต๏ธ Expected behavior
When doi.db or transaction_history is created or written to, the resultant files/directories have group-write permission bits set.
๐ Describe the bug
When the DOI service creates a fresh instance of the local transaction database, or it creates a new directory within the local transaction history, it does not ensure group-write permissions are enabled on either. This can cause issues, both when the database needs to be recreated from scratch (user/operator must remember to manually assign group-write), and when the service creates new directory entries in the local
transaction_history
store (transactions become "owned" by the user/operator's account, and without group-write permissions, thepds4
account cannot delete them).๐ To Reproduce
Steps to reproduce the behavior:
doi.db
file created, as well as the permissions of thetransaction_history
directory and any subdirectories. None of which should have group-write permissions enabled by default.๐ต๏ธ Expected behavior
When
doi.db
ortransaction_history
is created or written to, the resultant files/directories have group-write permission bits set.๐ Version of Software Used
2.1.1
๐ฉบ Test Data / Additional context
๐Screenshots
๐ฅ System Info
๐ฆ Related requirements
โ๏ธ Engineering Details