Admins / collaborators can overwrite pin data with same name

[kmasiello]

Related to #253 In testing with v 1.0.0 the following behavior was observed:

• RSC Board has a deployed pin named "kevin/iris" that is a 150 x 5 pinned data frame
• I have a 6 x 5 data frame called iris.

As an admin but not designated collaborator on "kevin/iris", if I attempt pin_write(board, iris) I will receive an error message that says You don't have permission to change this item however I will have unknowingly modified the existing pin such that it's name on Connect will now read "iris: a pinned 6 x 5 data frame". Additionally, if I specify a description argument in pin_write that will also populate in the description field of "kevin/iris", even though I was informed that I don't have permission to change the item.

If I am a collaborator on "kevin/iris" and if I attemptpin_write(board, iris), I will (unknowingly) overwrite "kevin/iris" entirely and it will be renamed "katie/iris"

Was not able to repeat test of the above scenarios when I'm a publisher only, not admin. I suspect the latter scenario of overwriting will still occur.

[hadley]

This feels like a problem on the RSC side, but I can take a look when I next work on pins.

[hadley]

I'm pretty sure this is an RSC problem – it's weird that you can modify the metadata for an item if you don't have permission to publish an item itself. And I really don't understand how naming works so that kevin/iris becomes katie/iris.

[github-actions[bot]]

This issue has been automatically locked. If you believe you have found a related problem, please file a new issue (with a reprex: https://reprex.tidyverse.org) and link to this issue.