armada icon indicating copy to clipboard operation
armada copied to clipboard
verified publisher icon armadaproject

UpdateQueue should require the user to have a queue-specific permission

Open andrewpcone opened this issue 3 years ago • 1 comments

Right now, all a user needs in order to update a queue is permissions.CreateQueue:

https://github.com/G-Research/armada/blob/1476c18bec337b77434c038ec8dea6458ba253ff/internal/armada/server/submit.go#L158-L172

This seems wrong. If I can update a queue, I can change who owns it and who has what permissions, or its resource limits so it can't do useful work. All that seems well beyond the scope of a permission called CreateQueue, which I'd say should allow you only to create queues, not to mess with existing queues.

I propose:

  • adding a queue-specific queue.PermissionVerb called queue.PermissionVerbUpdate
  • renaming global permission permissions.DeleteQueue to permissions.ModifyQueue
  • changing submit.UpdateQueue() to require both queue.PermissionVerbUpdate and permissions.ModifyQueue (but not permissions.CreateQueue

andrewpcone avatar Jun 11 '22 09:06 andrewpcone

I think this sounds good but should we also keep permissions for deleting.

kannon92 avatar Jun 11 '22 16:06 kannon92

Closing, no activity.

richscott avatar Oct 05 '23 19:10 richscott