You may be able to compose these to get the desired result or at least close to it. For instance, create is really a composition of insert + read + write. Upload without delete/replace means you do not have delete privileges. Unfortunately, there is no distinction on overwrite. But the operation should fail anyway because the intention is to create the file but only if it does not exist and that is a file system operation not an authorization issue. The same is true for rename, the file system does not allow a rename to clobber an existing file and the client has to do than manually and have the correct privileges' to do so. So, I think the issue here is a bit of confusion of what should be expressed via authorization scheme and how the file system coposes those operations to effect the desired result. In general, file system operations are conservative and do not allow you to mistakenly delete files. To do so, you need to perform the steps in sequence and there the privileges you have will indicate whether you can actually perform those steps.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1655#issuecomment-1097000210", "url": "https://github.com/xrootd/xrootd/issues/1655#issuecomment-1097000210", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1