allow children to be deleted without remove_child on parent

broadinstitute · Feb 5, 2021 · 99f5b3a · 99f5b3a
1 parent 87df68e
commit 99f5b3a
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 18 deletions.
diff --git a/src/main/scala/org/broadinstitute/dsde/workbench/sam/api/ResourceRoutes.scala b/src/main/scala/org/broadinstitute/dsde/workbench/sam/api/ResourceRoutes.scala
@@ -270,9 +270,7 @@ trait ResourceRoutes extends UserInfoDirectives with SecurityDirectives with Sam
   def deleteResource(resource: FullyQualifiedResourceId, userInfo: UserInfo, samRequestContext: SamRequestContext): server.Route =
     delete {
       requireAction(resource, SamResourceActions.delete, userInfo.userId, samRequestContext) {
-        requireParentAction(resource, None, SamResourceActions.removeChild, userInfo.userId, samRequestContext) {
-          complete(resourceService.deleteResource(resource, samRequestContext).map(_ => StatusCodes.NoContent))
-        }
+        complete(resourceService.deleteResource(resource, samRequestContext).map(_ => StatusCodes.NoContent))
       }
     }
 

diff --git a/src/test/scala/org/broadinstitute/dsde/workbench/sam/api/ResourceRoutesV2Spec.scala b/src/test/scala/org/broadinstitute/dsde/workbench/sam/api/ResourceRoutesV2Spec.scala
@@ -1413,21 +1413,6 @@ class ResourceRoutesV2Spec extends AnyFlatSpec with Matchers with TestSupport wi
     }
   }
 
-  it should "403 if user is missing remove_child on parent resource if it exists" in {
-    val childResource = FullyQualifiedResourceId(defaultResourceType.name, ResourceId("child"))
-    val currentParentResource = FullyQualifiedResourceId(defaultResourceType.name, ResourceId("currentParent"))
-    val samRoutes = createSamRoutes(Map(defaultResourceType.name -> defaultResourceType))
-
-    setupParentRoutes(samRoutes, childResource,
-      currentParentOpt = Option(currentParentResource),
-      actionsOnChild = Set(SamResourceActions.setParent, SamResourceActions.delete),
-      actionsOnCurrentParent = Set(SamResourceActions.readPolicies))
-
-    Delete(s"/api/resources/v2/${defaultResourceType.name}/${childResource.resourceId.value}") ~> samRoutes.route ~> check {
-      status shouldEqual StatusCodes.Forbidden
-    }
-  }
-
   "GET /api/resources/v2/{resourceType}/{resourceId}/policies/{policyName}" should "200 on existing policy of a resource with read_policies" in {
     val members = AccessPolicyMembership(Set(defaultUserInfo.userEmail), Set.empty, Set.empty, None)
     val resource = FullyQualifiedResourceId(defaultResourceType.name, ResourceId("resource"))