phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2025-12-03 01:48:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
llama-stack-mirror/llama_stack
History
Derek Higgins 4610c29d1e fix(files): Enforce DELETE action permission for file deletion (#4275) 
Previously, file deletion only checked READ permission via the
_lookup_file_id() method. This meant any user with READ access to a file
could also delete it, making it impossible to configure read-only file
access.

This change adds an 'action' parameter to fetch_all() and fetch_one() in
AuthorizedSqlStore, defaulting to Action.READ for backward
compatibility. The openai_delete_file() method now passes Action.DELETE,
ensuring proper RBAC enforcement.

With this fix, access policies can now distinguish between Users who can
read/list files but not delete them

Closes: #4274

Signed-off-by: Derek Higgins <derekh@redhat.com>
(cherry picked from commit 4ff0c25c52)

# Conflicts:
#	llama_stack/providers/inline/files/localfs/files.py
#	llama_stack/providers/remote/files/s3/files.py
#	src/llama_stack/providers/remote/files/openai/files.py
2025-12-02 19:08:54 +00:00
..
apis revert: "chore(cleanup)!: remove tool_runtime.rag_tool" (#3877) 2025-10-21 11:22:06 -07:00
cli fix: print help for list-deps if no args (backport #4078) (#4083) 2025-11-05 14:58:47 -08:00
core fix(inference): enable routing of models with provider_data alone (backport #3928) (#4142) 2025-11-12 13:41:27 -08:00
distributions fix: harden storage semantics (backport #4118) (#4138) 2025-11-12 13:01:21 -08:00
models chore: remove dead code (#3729) 2025-10-07 20:26:02 -07:00
providers fix(files): Enforce DELETE action permission for file deletion (#4275) 2025-12-02 19:08:54 +00:00
strong_typing chore: refactor (chat)completions endpoints to use shared params struct (#3761) 2025-10-10 15:46:34 -07:00
testing feat(ci): add support for docker:distro in tests (#3832) 2025-10-16 19:33:13 -07:00
ui build: Bump version to 0.3.3 2025-11-24 21:12:52 +00:00
__init__.py chore(rename): move llama_stack.distribution to llama_stack.core (#2975) 2025-07-30 23:30:53 -07:00
env.py refactor(test): move tools, evals, datasetio, scoring and post training tests (#1401) 2025-03-04 14:53:47 -08:00
log.py fix(logs): restore uvicorn and llama_stack logger settings 2025-10-21 15:47:55 -07:00
schema_utils.py fix(auth): allow unauthenticated access to health and version endpoints (#3736) 2025-10-10 13:41:43 -07:00