When using buckets, collaborative workspaces, and projects, there are two users involved: the currently authenticated user, and the user who owns the bucket, workspace, or project. Right now, those two users are imperfectly separated throughout the stack, and it's unclear which type of user is given which capabilities.
Examples of operations where the auth user is correct:
Signing in and out
Changing a password
Enable sharing for a workspace (if privileges are correct)
Delete a bucket or project
Patreon subscriptions
Examples of operations where the workspace owner is correct:
When using buckets, collaborative workspaces, and projects, there are two users involved: the currently authenticated user, and the user who owns the bucket, workspace, or project. Right now, those two users are imperfectly separated throughout the stack, and it's unclear which type of user is given which capabilities.
Examples of operations where the auth user is correct:
Examples of operations where the workspace owner is correct: