From 4c2407ce67344542db224092a59dfc81ee5c2723 Mon Sep 17 00:00:00 2001 From: John Abrahams Date: Thu, 25 Jan 2024 10:43:04 -0500 Subject: [PATCH] Add delete permissions on File models --- .../java/org/eclipse/pass/main/security/AccessControlTest.java | 2 +- .../src/main/java/org/eclipse/pass/object/model/File.java | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/pass-core-main/src/test/java/org/eclipse/pass/main/security/AccessControlTest.java b/pass-core-main/src/test/java/org/eclipse/pass/main/security/AccessControlTest.java index 397f190d..681e6baf 100644 --- a/pass-core-main/src/test/java/org/eclipse/pass/main/security/AccessControlTest.java +++ b/pass-core-main/src/test/java/org/eclipse/pass/main/security/AccessControlTest.java @@ -386,7 +386,7 @@ public void testCreateUpdateDeleteFileAsShibUserOwningSubmission() throws IOExce Response response = client.newCall(request).execute(); - check(response, 403); + check(response, 204); } } diff --git a/pass-core-object-service/src/main/java/org/eclipse/pass/object/model/File.java b/pass-core-object-service/src/main/java/org/eclipse/pass/object/model/File.java index 328fe1f7..2b1bc603 100644 --- a/pass-core-object-service/src/main/java/org/eclipse/pass/object/model/File.java +++ b/pass-core-object-service/src/main/java/org/eclipse/pass/object/model/File.java @@ -23,6 +23,7 @@ import javax.persistence.Table; import com.yahoo.elide.annotation.CreatePermission; +import com.yahoo.elide.annotation.DeletePermission; import com.yahoo.elide.annotation.Include; import com.yahoo.elide.annotation.UpdatePermission; import org.eclipse.pass.object.converter.FileRoleToStringConverter; @@ -35,6 +36,7 @@ @CreatePermission(expression = "User is Backend OR Object part of User Submission") @UpdatePermission(expression = "User is Backend OR Object part of User Submission") +@DeletePermission(expression = "User is Backend OR Object part of User Submission") @Include @Entity @Table(name = "pass_file")