Diana Atanasova

[feature] Add authorization to all functions in ReportServer

7

### Feature Area There are two API-server endpoints that still miss authorization - [ReportWorkflow](https://github.com/kubeflow/pipelines/blob/d48776fb2d9752ca48af14ea6256791d2b167a71/backend/src/apiserver/server/report_server.go#L32) and [ReportScheduledWorkflow](https://github.com/kubeflow/pipelines/blob/d48776fb2d9752ca48af14ea6256791d2b167a71/backend/src/apiserver/server/report_server.go#L45). This is a security issue. Each endpoint should validate that the user has permission...

[backend] DeleteExperiment does not clean up all relevant children objects from the DB

2

### Steps to reproduce When [deleteExperiment](https://github.com/kubeflow/pipelines/blob/127dab4d4671849d596c455f4619ea807d22f6ea/backend/src/apiserver/server/experiment_server.go#L173) is called, not all children objects ( like Runs/ resource_references) are deleted from MySQL. DeleteExperiment cannot be called from the front-end/GUI, but the user...

[feature] Add an endpoint that restore experiment and its runs at once

2

### Feature Area /area backend ### What feature would you like to see? Add an endpoint that restores Experiment and all of its Runs at once ```/apis/v1beta1/experiments/{id}/runs:unarchive``` ### What is...