Page MenuHomePhabricator
Create Task
Maniphest T7592

Administrators should be able to change visibility/delete any file
Closed, WontfixPublic
Actions

Description

Currently, it appears as if only the uploader of a file can change the view permissions of or delete a file; it does not appear that an even an administrator has the ability to do this.

If a user inadvertently or maliciously uploads something they shouldn't have, and either promptly goes on vacation (in the former case) or ignores my request to remove the file (in the latter case), my only recourse appears to locate where the file is physically stored and remove it by hand, which is exceptionally inconvenient.

Related Objects

Event Timeline

wotte created this task.Mar 16 2015, 11:48 PM
wotte raised the priority of this task from to Needs Triage.
wotte updated the task description. (Show Details)
wotte added a project: Files.
wotte added a subscriber: wotte.
epriestley closed this task as Wontfix.Mar 16 2015, 11:52 PM
epriestley claimed this task.
epriestley added a subscriber: epriestley.

We intentionally do not provide this capability from the web UI. For rationale, see:

https://secure.phabricator.com/book/phabricator/article/users/#administrators

You can use bin/policy unlock F123 or bin/remove destroy F123 from the CLI to open policies on or destroy a file, respectively. Both commands work for most objects.

wotte mentioned this in T7593: Allow administrators to disable files to prevent "l33t w4r3z" abuse cases.Mar 17 2015, 12:30 AM
Phabricator · Built by Phacility