Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP statuscode while MOVE between cross-spaces with Viewer role #8315

Closed
saw-jan opened this issue Jan 30, 2024 · 5 comments
Closed

HTTP statuscode while MOVE between cross-spaces with Viewer role #8315

saw-jan opened this issue Jan 30, 2024 · 5 comments
Labels
Type:Bug Type:Discussion

Comments

@saw-jan
Copy link
Member

saw-jan commented Jan 30, 2024
edited
Loading

Q: What should be the status code while moving between cross-spaces with Viewer role?

Currently, most cases return 403 which seems reasonable (because viewer role is not permitted to do so).
But MOVE to/from shares space returns 502 regardless of the role.

Should they return 502 as mentioned in #8063 (comment) or 403 is the correct one for Viewer role.

Here are test cases:

  1. ❗ Using path
from to result
project (manager/editor) project (viewer) 403 ❓
project (viewer) project (manager/editor/viewer) 403 ❓
project (viewer) personal 403 ❓
personal project (viewer) 403 ❓
  1. ❗ Using file-id
from to result
project (manager/editor) project (viewer) 403 ❓
project (viewer) project (manager/editor/viewer) 403 ❓
project (viewer) personal 403 ❓
personal project (viewer) 403 ❓
shares (read) personal 403 ❓
shares (read) project (manager/editor/viewer) 403 ❓
shares (editor/uploader) project (viewer) 403 ❓

✔️ Working as expected

from to result
project (viewer) shares (all/change/read) 502 👍
personal shares (read) 502 👍
shares (read) personal 502 👍
shares (read) project (manager/editor/viewer) 502 👍
shares (read) shares (all/change/read) 502 👍
@saw-jan
Copy link
Member Author

saw-jan commented Jan 30, 2024

CC @ScharfViktor @micbar

@ScharfViktor
Copy link
Contributor

CC @ScharfViktor @micbar

403 is fine IMHO. if it isn't important for client I'd leave it as it is

@saw-jan
Copy link
Member Author

saw-jan commented Jan 30, 2024

403 seems correct for viewer role but MOVE from/to Shares space returns 502 so that's confusing.
If 502 is expected for shares space then we can close this one

@saw-jan saw-jan mentioned this issue Feb 15, 2024
Closed
@saw-jan
Copy link
Member Author

saw-jan commented Aug 2, 2024

@micbar I would like to close this issue if 403 is the expected code for the above cases.

@micbar
Copy link
Contributor

micbar commented Aug 2, 2024

That is ok.

@micbar micbar closed this as completed Aug 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type:Bug Type:Discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@micbar @saw-jan @ScharfViktor