You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We need to improve the security of our application by implementing stricter controls on state changing operations and file deletion. The following enhancements are proposed:
State Changing Operations: We need to strictly lock down all state changing operations (POST, PUT, PATCH, DELETE). We should clearly define what attributes users can update or create or delete.
Worker Role: Operators and admins should not be able to change paths and other attributes on the dataset. Only a worker should have this capability. We need to create a worker role to enforce this restriction.
Human in the Loop for File Deletion: To prevent accidental or malicious deletion of files on SDA, we should implement a "human in the loop" mechanism. This means that a human must manually approve any SDA file deletion operations.
Acceptance Criteria:
State changing operations are locked down and only allow users to update or create specific attributes.
A worker role is created and only workers can change paths and other attributes on the dataset.
A "human in the loop" mechanism is implemented for file deletion on SDA.
The text was updated successfully, but these errors were encountered:
We need to improve the security of our application by implementing stricter controls on state changing operations and file deletion. The following enhancements are proposed:
State Changing Operations: We need to strictly lock down all state changing operations (POST, PUT, PATCH, DELETE). We should clearly define what attributes users can update or create or delete.
Worker Role: Operators and admins should not be able to change paths and other attributes on the dataset. Only a worker should have this capability. We need to create a worker role to enforce this restriction.
Human in the Loop for File Deletion: To prevent accidental or malicious deletion of files on SDA, we should implement a "human in the loop" mechanism. This means that a human must manually approve any SDA file deletion operations.
Acceptance Criteria:
The text was updated successfully, but these errors were encountered: