phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2025-12-03 09:53:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
llama-stack-mirror/llama_stack/providers/utils
History
Derek Higgins 4610c29d1e fix(files): Enforce DELETE action permission for file deletion (#4275) 
Previously, file deletion only checked READ permission via the
_lookup_file_id() method. This meant any user with READ access to a file
could also delete it, making it impossible to configure read-only file
access.

This change adds an 'action' parameter to fetch_all() and fetch_one() in
AuthorizedSqlStore, defaulting to Action.READ for backward
compatibility. The openai_delete_file() method now passes Action.DELETE,
ensuring proper RBAC enforcement.

With this fix, access policies can now distinguish between Users who can
read/list files but not delete them

Closes: #4274

Signed-off-by: Derek Higgins <derekh@redhat.com>
(cherry picked from commit 4ff0c25c52)

# Conflicts:
#	llama_stack/providers/inline/files/localfs/files.py
#	llama_stack/providers/remote/files/s3/files.py
#	src/llama_stack/providers/remote/files/openai/files.py
2025-12-02 19:08:54 +00:00
..
bedrock feat: use SecretStr for inference provider auth credentials (#3724) 2025-10-10 07:32:50 -07:00
common chore(rename): move llama_stack.distribution to llama_stack.core (#2975) 2025-07-30 23:30:53 -07:00
datasetio chore(misc): make tests and starter faster (#3042) 2025-08-05 14:55:05 -07:00
files fix(expires_after): make sure multipart/form-data is properly parsed (#3612) 2025-09-30 16:14:03 -04:00
inference fix: enforce allowed_models during inference requests (backport #4197) (#4228) 2025-11-24 11:31:36 -08:00
kvstore feat(stores)!: use backend storage references instead of configs (#3697) 2025-10-20 13:20:09 -07:00
memory fix: remove consistency checks (#3881) 2025-10-21 14:40:14 -07:00
responses fix: uninitialised enable_write_queue (#4264) 2025-12-02 09:37:21 -05:00
scoring chore: enable pyupgrade fixes (#1806) 2025-05-01 14:23:50 -07:00
sqlstore fix(files): Enforce DELETE action permission for file deletion (#4275) 2025-12-02 19:08:54 +00:00
telemetry test(telemetry): Telemetry Tests (#3805) 2025-10-17 10:43:33 -07:00
tools feat(tools)!: substantial clean up of "Tool" related datatypes (#3627) 2025-10-02 15:12:03 -07:00
vector_io feat: migrate to FIPS-validated cryptographic algorithms (#3423) 2025-09-12 11:18:19 +02:00
__init__.py API Updates (#73) 2024-09-17 19:51:35 -07:00
pagination.py chore(refact): move paginate_records fn outside of datasetio (#2137) 2025-05-12 10:56:14 -07:00
scheduler.py refactor(logging): rename llama_stack logger categories (#3065) 2025-08-21 17:31:04 -07:00