Story #18693

Deduplicate permission links

Added by Peter Amstutz 4 months ago. Updated about 17 hours ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
API
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Story points:
-

Description

It's confusing and potentially error prone to have multiple identical permission links, e.g. three link records all granting "can_read" going from the same user to the same project. For example, there's 50 users with read access to a project, but one user is listed 3 times. Someone goes it to remove that user's access, but only deletes one or two of the links, not all three.

Proposed change:

conflicting: permission link with same or lower permission (e.g. adding a write permission conflicts with an existing read permission)

  • "create" command: if there is a conflicting permission link, update the existing permission link and return that
  • "update" command: if a link is updated so it conflicts with another permission link, delete the other conflicting link
  • "delete" command: delete doesn't change because there shouldn't be multiple conflicting links
  • perform a data migration to remove any duplicated links

Related issues

Related to Arvados - Bug #19057: [controller] should not allow adding the same user to a VM more than one timeNew

History

#1 Updated by Peter Amstutz 4 months ago

  • Status changed from New to In Progress

#2 Updated by Peter Amstutz 4 months ago

  • Description updated (diff)

#3 Updated by Peter Amstutz 4 months ago

  • Status changed from In Progress to New
  • Tracker changed from Bug to Story

#5 Updated by Peter Amstutz 3 months ago

  • Category set to API

#6 Updated by Peter Amstutz 3 months ago

  • Description updated (diff)

#8 Updated by Peter Amstutz 23 days ago

  • Target version set to 2022-06-08 sprint

#9 Updated by Ward Vandewege 23 days ago

  • Related to Bug #19057: [controller] should not allow adding the same user to a VM more than one time added

#10 Updated by Peter Amstutz about 17 hours ago

  • Target version changed from 2022-06-08 sprint to 2022-06-22 Sprint

Also available in: Atom PDF