padraic-shafer
commented
3 months ago This sounds reasonable.
Open danielballan opened 3 months ago
padraic-shafer
commented
3 months ago This sounds reasonable.
Summarizing a discussion with @dylanmcreynolds
Currently, the deletion routes require
write:metadataandwrite:dataScopes:https://github.com/bluesky/tiled/blob/addcda65680c9a93557244301f8b286b843321e7/tiled/server/router.py#L1216
Let's separate out Scopes for deletion so that Roles and Access Control Policies can enable writing but block deleting if desired. (This issue is not taking a policy on what default/common Scopes should be, only that these should be separated out now so that it is possible to distinguish them.)
Specifically:
delete:metadata--- May remove rows from the Catalog database, dropping references to externally-managed data.delete:data--- May delete actual files, internally-managed files that were written by the Tiled server and may be the canonical copy of a given dataset. (Deleting the files should also clean up the SQL entities referencing them.)We may need to add and/or rename routes:
DELETE /metadata/{path}should change from scopes["write:metadata", "write:data"]to scopes["delete:metadata"].DELETE /nodes/{path}should maybe be split intoDELETE /nodes/metadata/{path}(can delete references to externally-managed data, or empty nodes) andDELETE /nodes/assets/{path}(can delete actual data), protected by["delete:metadata"]and["delete:metadata", "delete:data"]respectively.