fix: allow bypassing ownership check when admin role user tries to de…

…lete folder (#2055) Co-authored-by: Sanghun Lee <sanghun@lablup.com>
lablup · Apr 23, 2024 · 1d82df0 · 1d82df0
1 parent 4f39048
commit 1d82df0
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/changes/2055.fix.md b/changes/2055.fix.md
@@ -0,0 +1 @@
+Fix a buggy restriction on VFolder deletion due to wrong query condition
diff --git a/src/ai/backend/manager/api/vfolder.py b/src/ai/backend/manager/api/vfolder.py
@@ -2195,6 +2195,7 @@ async def _delete(
         entries = await query_accessible_vfolders(
             conn,
             user_uuid,
+            allow_privileged_access=True,
             user_role=user_role,
             domain_name=domain_name,
             allowed_vfolder_types=allowed_vfolder_types,
@@ -2425,6 +2426,7 @@ async def delete_from_trash_bin(
         entries = await query_accessible_vfolders(
             conn,
             user_uuid,
+            allow_privileged_access=True,
             user_role=user_role,
             domain_name=domain_name,
             allowed_vfolder_types=allowed_vfolder_types,
@@ -2495,6 +2497,7 @@ async def purge(request: web.Request, params: PurgeRequestModel) -> web.Response
         entries = await query_accessible_vfolders(
             conn,
             user_uuid,
+            allow_privileged_access=True,
             user_role=user_role,
             domain_name=domain_name,
             allowed_vfolder_types=allowed_vfolder_types,
@@ -2556,6 +2559,7 @@ async def restore(request: web.Request, params: RestoreRequestModel) -> web.Resp
         restore_targets = await query_accessible_vfolders(
             conn,
             user_uuid,
+            allow_privileged_access=True,
             user_role=user_role,
             domain_name=domain_name,
             allowed_vfolder_types=allowed_vfolder_types,