@bbockelm Many thanks, that was fast!
I rebuilt out test instance from your PR. Indeed, I can confirm that an upload with storage.create is now prevented if it would clobber an existing file. It also does not allow clobbering a file by renaming (MOVEing to an already existing file. So I think the major part is done 👍 .

I think my tests covered everything the WLCG JWT acceptance tests cover (I replicated things with curl manually). However, I found one detail of the WLCG JWT specification which is not honoured yet (the acceptance tests do not seem to test it) — the spec says:`

note the server implementation MUST NOT automatically create directories for a client

However, this currently happens (both with create or modify) when using PUT. Arguably, this is not so much an authorization thing, since of course create and modify should to create directories, but the spec seems to ask for PUT, MOVE and other operations not creating directories automatically.


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <xrootd/xrootd/issues/1655/1114283585@github.com>

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/issues/1655#issuecomment-1114283585", "url": "https://github.com/xrootd/xrootd/issues/1655#issuecomment-1114283585", "name": "View Issue" }, "description": "View this Issue on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1