Admin cannot get and delete another user's space #4194
Comments
|
I think the behavior is mostly as designed. Admins should not be able to access/delete personal spaces of other users. Instead, deleting a user should also delete their personal space. For project spaces we still need a permission that can be assigned to an administrative role to allow certain people to manage e.g., orphaned spaces. |
|
oC10 has the ability to disable a user - that allows an organisation to keep a user's storage intact for a while when they leave, and some time later decide to actually delete the user (which deletes their personal storage also). Is that sort of feature/workflow to be available? |
Thank you for the clarification. Then I'll restate the issue as: #4195 and #4196 I close issue. I think Phil's question can be answered in this closed task or create new topic |
After deleting a user, the user's personal and project spaces still exist.
Of course the user can delete all his data before leaving the company (for example).
But what to do with the data when the user is deleted?
here is two way:
GET personal and project space another user:
curl -vk 'https://localhost:9200/graph/v1.0/drives/personalSpaceDeletedUserUUID' -u admin:admin -vk404 not found2022-07-13T15:17:56+02:00 ERR failed to list storage spaces error="error: permission denied: user admin is not allowed to Stat the space 534bb038-6f9d-4093-946f-133be61fa4e7" filters=[{"Term":{"Id":{"opaque_id":"1284d238-aa92-42ce-bdc4-0b0000009157$534bb038-6f9d-4093-946f-133be61fa4e7!534bb038-6f9d-4093-946f-133be61fa4e7"}},"type":2},{"Term":{"SpaceType":"+grant"},"type":4}] pkg=rgrpc service=storage-users status={"code":8,"message":"permission denied","trace":"00000000000000000000000000000000"} traceid=00000000000000000000000000000000 2022-07-13T15:17:56+02:00 ERR no space found driveID=1284d238-aa92-42ce-bdc4-0b0000009157$534bb038-6f9d-4093-946f-133be61fa4e7 service=graphDELETE personal/project space:
curl -vk -XDELETE 'https://localhost:9200/graph/v1.0/drives/personalSpaceDeletedUserUUID' -u admin:admin -vk4032022-07-13T15:27:49+02:00 ERR failed to delete storage space error="error: permission denied: user is not allowed to delete spaces 534bb038-6f9d-4093-946f-133be61fa4e7" pkg=rgrpc service=storage-users status={"code":8,"message":"permission denied","trace":"00000000000000000000000000000000"} storage_space_id={"opaque_id":"1284d238-aa92-42ce-bdc4-0b0000009157$534bb038-6f9d-4093-946f-133be61fa4e7"} traceid=00000000000000000000000000000000@micbar @individual-it @pmaier1 what do you think?
The text was updated successfully, but these errors were encountered: