Page MenuHomePhabricator

Files are not deletable when uploaded by a bot user
Closed, DuplicatePublic

Description

Concern

Files which are uploaded by a bot with arc are not able to be deleted.

Reason:

  • can't login as bot user
  • arc upload sets the write permission only for uploaded user
  • arc or conduit API does not provide mechanisms to delete a file

Use Case (as asked in Q502):

  • bot user is used for CI phabricator interaction
  • i want to clean some build stuff which is really outdated or broken

Reproduce

  • upload a file using the arc credentials of a bot with
arc upload myFile
  • try to delete the file using the file dialog at <FabricatorFQDN>/F<fileID> (even the administrator can't delete the bot files)

Suggestion:

  1. As an phabricator administrator i want to manage all stuff of bot users, including their created assets (like files). So i think assets created by bots, should also be manageable by administrators.
  2. Additionally i would like to see a possibility of deleting own assets using cli commands. For example using arc or conduit calls with the bot user to delete previously uploaded files.

version information

phabricator b1449fab63ff073b771721a6da5d8c09351015f7 (Mon, Oct 17)
arcanist 2962504855413be1dce6f4bcffd6283bc657fb6f (Sun, Oct 9)
phutil 72a4c65ec9451add4df7f026f11cc9a19f301424 (Thu, Oct 13)
sprint 800a5e776027c974140daaf90383750e2e3b9bb6 (Sep 4 2016)

Event Timeline

This is working as intended, and not a bug. Administrators can not bypass policies. See the User Guide: Account Roles documentation:

Administrators are normal users with a few extra capabilities. Their primary role is to keep things running smoothly, and they are not all-powerful. In Phabricator, administrators are more like janitors.
...
Administrators are not in complete control of the system.
Administrators can not login as other users or act on behalf of other users.
...
Administrators also can not bypass object privacy policies.

I'm going to merge this into T11357. We can provide a "Delete File Data" transaction type when we implement a third-generation file.edit API.

I'm going to merge this into T11357. We can provide a "Delete File Data" transaction type when we implement a third-generation file.edit API.

Right, this would handle my use-case in a suitable way. Thanks for filing this request at the right place.