llama-stack-mirror

mirror of https://github.com/meta-llama/llama-stack.git synced 2025-12-03 09:53:45 +00:00

History

Derek Higgins 4610c29d1e fix(files): Enforce DELETE action permission for file deletion (#4275 ) Previously, file deletion only checked READ permission via the _lookup_file_id() method. This meant any user with READ access to a file could also delete it, making it impossible to configure read-only file access. This change adds an 'action' parameter to fetch_all() and fetch_one() in AuthorizedSqlStore, defaulting to Action.READ for backward compatibility. The openai_delete_file() method now passes Action.DELETE, ensuring proper RBAC enforcement. With this fix, access policies can now distinguish between Users who can read/list files but not delete them Closes: #4274 Signed-off-by: Derek Higgins <derekh@redhat.com> (cherry picked from commit `4ff0c25c52`) # Conflicts: # llama_stack/providers/inline/files/localfs/files.py # llama_stack/providers/remote/files/s3/files.py # src/llama_stack/providers/remote/files/openai/files.py		2025-12-02 19:08:54 +00:00
..
__init__.py	ci: add python package build test (#2457 )	2025-06-19 18:57:32 +05:30
api.py	feat: Add OpenAI Conversations API (#3429 )	2025-10-03 08:47:18 -07:00
authorized_sqlstore.py	fix(files): Enforce DELETE action permission for file deletion (#4275 )	2025-12-02 19:08:54 +00:00
sqlalchemy_sqlstore.py	fix: enable SQLite WAL mode to prevent database locking errors (backport #4048 ) (#4226 )	2025-11-24 11:30:57 -08:00
sqlstore.py	feat(stores)!: use backend storage references instead of configs (#3697 )	2025-10-20 13:20:09 -07:00