Delegations: Unable to modify properties of a delegated role

[asraa]

If a user adds a delegation with a repeated name, but with different properties (e.g. Updates it), then it will catch on this error:

go-tuf/repo.go

Lines 559 to 563 in 355e39c

	for _, r := range t.Delegations.Roles {
	if r.Name == delegatedRole.Name {
	return fmt.Errorf("role: %s is already delegated to by %s", delegatedRole.Name, r.Name)
	}
	}

@ethan-lowman-dd WDYT?

[ethan-lowman-dd]

A workaround is to call ResetTargetsDelegations and add back all delegations in the desired new state. You can see an example here https://github.com/theupdateframework/go-tuf/blob/9a41055/repo_test.go#L2158.

It would indeed be nice to have a new API for modifying though.

The spec says

The rolename MUST be unique in the delegations object: multiple roles with the same rolename are not allowed within a DELEGATIONS.
(ref)

and I think enforcing this in AddDelegatedRoleWithExpires with an error is clearer than implicitly updating. I think we should have separate UpdateDelegatedRole... functions for modification.

[rdimitrov]

Closing since the code base changed and this is no longer valid.

Thanks for raising this 👍