Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Admin user can't restore other user spaces #5872

Closed
amrita-shrestha opened this issue Mar 20, 2023 · 8 comments
Closed

Admin user can't restore other user spaces #5872

amrita-shrestha opened this issue Mar 20, 2023 · 8 comments
Assignees
@kobergj
Labels
Priority:p2-high Escalation, on top of current planning, release blocker Type:Bug

Comments

@amrita-shrestha
Copy link
Contributor

Describe the bug

Admin user tries to restore other user disabled spaces.
Admin users can disable and delete other user spaces

Steps to reproduce

Steps to reproduce the behavior:

  1. create user Aria with Space Admin role
  2. Aria create space QA team
  3. Admin user with admin role disable space QA team
  4. Admin user tries to restore space using api request
curl --location --request PATCH 'https://localhost:9200/graph/v1.0/drives/2406b4ec-3469-4183-9a17-59d23cf2d067%240a6865f0-c82a-4367-8f87-375a34fcd03c' \
--header 'Restore: T' \
--data '{"name":"amy"}'

Expected behavior

If admins are allowed to disable and delete other spaces than they should also be allowed to restore other spaces

Actual behavior

Admin user can disable and delete other spaces but can't restore other spaces
@amrita-shrestha
Copy link
Contributor Author

@ScharfViktor @micbar

@kobergj
Copy link
Collaborator

kobergj commented Mar 20, 2023

Needs clarification:

  • Should an admin be allowed to enable/disable spaces or only a spaceadmin?
  • Should a spaceadmin be allowed to delete project spaces?
  • Should an admin be allowed to delete project spaces?

cc @micbar @tbsbdr

@ScharfViktor
Copy link
Contributor

ScharfViktor commented Mar 20, 2023
edited by amrita-shrestha
Loading

@micbar
Copy link
Contributor

micbar commented Mar 23, 2023

@kobergj
I think we have a bit of a dirty state on permissions in the settings service.

We discussed it already, we need to do a small refactoring.

@micbar micbar added the Priority:p2-high Escalation, on top of current planning, release blocker label Mar 23, 2023
@kobergj
Copy link
Collaborator

kobergj commented Mar 23, 2023

@micbar fine for me. Did we write down somewhere what we decided?

@micbar
Copy link
Contributor

micbar commented Mar 23, 2023

We should do at 13:30 today in the grooming.

@micbar micbar moved this from Qualification to Prio 2 in Infinite Scale Team Board May 15, 2023
@micbar
Copy link
Contributor

micbar commented May 15, 2023
edited
Loading

Outcome

General

We will use drives.ReadWriteEnabled for the disable/enable actions

We will use delete-all-spaces only for the final deletion on the storage

Web

  • Show the delete button on a disabled space when delete-all-spaces is present
  • Show/hide space edit actions for name and description depending on Drive.ReadWrite
  • Show/hide "enable/disable" actions depending on drives.ReadWriteEnabled

oCIS

  • Refactor the delete-all-spaces permission.

@micbar micbar mentioned this issue May 15, 2023
Merged
9 tasks
@micbar
Copy link
Contributor

micbar commented May 16, 2023

@kobergj I updated the default roles in #6310

But the issue with the delete-all-spaces permission still exists.

@kobergj kobergj mentioned this issue May 16, 2023
Merged
@kobergj kobergj moved this from Prio 2 to In progress in Infinite Scale Team Board May 17, 2023
@kobergj kobergj moved this from In progress to Done in Infinite Scale Team Board May 17, 2023
@kobergj kobergj closed this as completed May 25, 2023
This was referenced May 30, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kobergj kobergj

Labels
Priority:p2-high Escalation, on top of current planning, release blocker Type:Bug
Projects
Infinite Scale Team Board
Archived in project
Milestone
No milestone
Development

No branches or pull requests
4 participants
@micbar @kobergj @amrita-shrestha @ScharfViktor