DOI Service does not assign adequate permissions to transaction database/history

[collinss-jpl]

🐛 Describe the bug

When the DOI service creates a fresh instance of the local transaction database, or it creates a new directory within the local transaction history, it does not ensure group-write permissions are enabled on either. This can cause issues, both when the database needs to be recreated from scratch (user/operator must remember to manually assign group-write), and when the service creates new directory entries in the local transaction_history store (transactions become "owned" by the user/operator's account, and without group-write permissions, the pds4 account cannot delete them).

📜 To Reproduce

Steps to reproduce the behavior:

1. Install a fresh instance of the DOI service
2. Submit a reserve request using any valid label or input spreadsheet
3. If the submission is successful, observe the permissions on the doi.db file created, as well as the permissions of the transaction_history directory and any subdirectories. None of which should have group-write permissions enabled by default.

🕵️ Expected behavior

When doi.db or transaction_history is created or written to, the resultant files/directories have group-write permission bits set.

📚 Version of Software Used

2.1.1

🩺 Test Data / Additional context

🏞Screenshots

🖥 System Info

• OS: [e.g. iOS]
• Browser [e.g. chrome, safari]
• Version [e.g. 22]

---

🦄 Related requirements

⚙️ Engineering Details