Skip to content

Disabling and deleting Spaces with API when UI for disabling and deleting space is not shown in context menu #1799

Closed
Bug
opencloud-eu/reva
#672
Closed
Disabling and deleting Spaces with API when UI for disabling and deleting space is not shown in context menu#1799
Bug
opencloud-eu/reva
#672
Assignees
aduffeck
Labels
Priority:p2-highHigh priorityType:Bug
@christophwolff

Description

@christophwolff
christophwolff
opened on Nov 6, 2025

Describe the bug

You can delete a Space via API even when the WebUI does not show the menu items to delete a space.

OpenCloud 3.4.0
OpenCloud Web UI 3.2.0

Steps to reproduce deleting via UI without reloading the browser

  1. Create a space
  2. Disable the space via context menu
  3. Delete the space via context menu

Steps to reproduce deleting via API

  1. Create a space
  2. Disable the space
  3. Reload the Browser (otherwise the context menu to disable and delete the space is still there)
  4. After reloading the contextmenu items are gone. And it seems the permissions are missing. Are they?
  5. Copy a deletion API request. Put in disabled Space ID. Run CURL in the terminal
  6. Space deleted even when the UI was disabled.

Here is our custom role setup:
(This is the normal user. we just changed the Drives.Create constraint
from
"constraint": "CONSTRAINT_OWN"
to
"constraint": "CONSTRAINT_ALL"

Extension:

      {
        "id": "79e13b30-3e22-11eb-bc51-0b9f0bad9a58",
        "name": "Drives.Create",
        "displayName": "Create Space",
        "description": "This permission allows creating new spaces.",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_ALL"
        },
        "resource": {
          "type": "TYPE_SYSTEM"
        }
      },

{
    "id": "b05e4935-0d1f-4c4c-9ba1-4aa48beb1a21",
    "name": "spaceoperator",
    "type": "TYPE_ROLE",
    "extension": "opencloud-roles",
    "displayName": "Space Operator",
    "settings": [
      {
        "id": "4e41363c-a058-40a5-aec8-958897511209",
        "name": "AutoAcceptShares.ReadWriteDisabled",
        "displayName": "enable/disable auto accept shares",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "ec3ed4a3-3946-4efc-8f9f-76d38b12d3a9"
        }
      },
      {
        "id": "11516bbd-7157-49e1-b6ac-d00c820f980b",
        "name": "PublicLink.Write",
        "displayName": "Write publiclink",
        "description": "This permission allows creating public links.",
        "permissionValue": {
          "operation": "OPERATION_WRITE",
          "constraint": "CONSTRAINT_ALL"
        },
        "resource": {
          "type": "TYPE_SHARE"
        }
      },
      {
        "id": "069c08b1-e31f-4799-9ed6-194b310e7244",
        "name": "Shares.Write",
        "displayName": "Write share",
        "description": "This permission allows creating shares.",
        "permissionValue": {
          "operation": "OPERATION_WRITE",
          "constraint": "CONSTRAINT_ALL"
        },
        "resource": {
          "type": "TYPE_SHARE"
        }
      },
      {
        "id": "79e13b30-3e22-11eb-bc51-0b9f0bad9a58",
        "name": "Drives.Create",
        "displayName": "Create Space",
        "description": "This permission allows creating new spaces.",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_ALL"
        },
        "resource": {
          "type": "TYPE_SYSTEM"
        }
      },
      {
        "id": "ad5bb5e5-dc13-4cd3-9304-09a424564ea8",
        "name": "EmailNotifications.ReadWriteDisabled",
        "displayName": "Disable Email Notifications",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "33ffb5d6-cd07-4dc0-afb0-84f7559ae438"
        }
      },
      {
        "id": "7dc204ee-799a-43b6-b85d-425fb3b1fa5a",
        "name": "EmailSendingInterval.ReadWrite",
        "displayName": "Email Sending Interval",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "08dec2fe-3f97-42a9-9d1b-500855e92f25"
        }
      },
      {
        "id": "8a50540c-1cdd-481f-b85f-44654393c8f0",
        "name": "Event.ShareCreated.ReadWrite",
        "displayName": "Event Share Created",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "872d8ef6-6f2a-42ab-af7d-f53cc81d7046"
        }
      },
      {
        "id": "5ef55465-8e39-4a6c-ba97-1d19f5b07116",
        "name": "Event.ShareRemoved.ReadWrite",
        "displayName": "Event Share Removed",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "d7484394-8321-4c84-9677-741ba71e1f80"
        }
      },
      {
        "id": "7d4f961b-d471-451b-b1fd-ac6a9d59ce88",
        "name": "Event.ShareExpired.ReadWrite",
        "displayName": "Event Share Expired",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "e1aa0b7c-1b0f-4072-9325-c643c89fee4e"
        }
      },
      {
        "id": "feb16d2c-614c-4f79-ac37-755a028f5616",
        "name": "Event.SpaceShared.ReadWrite",
        "displayName": "Event Space Shared",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "694d5ee1-a41c-448c-8d14-396b95d2a918"
        }
      },
      {
        "id": "4f979732-631b-4f27-9be7-a89fb223a6d2",
        "name": "Event.SpaceUnshared.ReadWrite",
        "displayName": "Event Space Unshared",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "26c20e0e-98df-4483-8a77-759b3a766af0"
        }
      },
      {
        "id": "a3cc45bf-9720-4e08-b403-b9133fe33f0b",
        "name": "Event.SpaceMembershipExpired.ReadWrite",
        "displayName": "Event Space Membership Expired",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "7275921e-b737-4074-ba91-3c2983be3edd"
        }
      },
      {
        "id": "896194c2-5055-4ea3-94a3-0a1419187a00",
        "name": "Event.SpaceDisabled.ReadWrite",
        "displayName": "Event Space Disabled",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "eb5c716e-03be-42c6-9ed1-1105d24e109f"
        }
      },
      {
        "id": "2083c280-b140-4b73-a931-9a4af2931531",
        "name": "Event.SpaceDeleted.ReadWrite",
        "displayName": "Event Space Deleted",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "094ceca9-5a00-40ba-bb1a-bbc7bccd39ee"
        }
      },
      {
        "id": "27ba8e97-0bdf-4b18-97d4-df44c9568cda",
        "name": "Event.PostprocessingStepFinished.ReadWrite",
        "displayName": "Event Postprocessing Step Finished",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "fe0a3011-d886-49c8-b797-33d02fa426ef"
        }
      },
      {
        "id": "7d81f103-0488-4853-bce5-98dcce36d649",
        "name": "Language.ReadWrite",
        "displayName": "Permission to read and set the language",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SETTING",
          "id": "aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f"
        }
      },
      {
        "id": "4ebaa725-bfaa-43c5-9817-78bc9994bde4",
        "name": "Favorites.List",
        "displayName": "List Favorites",
        "description": "This permission allows listing favorites.",
        "permissionValue": {
          "operation": "OPERATION_READ",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_SYSTEM"
        }
      },
      {
        "id": "e03070e9-4362-4cc6-a872-1c7cb2eb2b8e",
        "name": "Self.ReadWrite",
        "displayName": "Self Management",
        "description": "This permission gives access to self management.",
        "permissionValue": {
          "operation": "OPERATION_READWRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_USER",
          "id": "me"
        }
      },
      {
        "id": "a54778fd-1c45-47f0-892d-655caf5236f2",
        "name": "Favorites.Write",
        "displayName": "Write Favorites",
        "description": "This permission allows marking files as favorites.",
        "permissionValue": {
          "operation": "OPERATION_WRITE",
          "constraint": "CONSTRAINT_OWN"
        },
        "resource": {
          "type": "TYPE_FILE"
        }
      }
    ],
    "resource": {
      "type": "TYPE_SYSTEM"
    }
  }

Metadata

Metadata

Assignees

Labels

Priority:p2-highHigh priorityType:Bug

Type

Bug

Fields

No fields configured for Bug.

Projects

OpenCloud Team Board
Status
Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions