Currently, each HTTP method requires a specific storage.* scope:
- HEAD, OPTIONS, PROPFIND, GET require storage.read scope
- PATCH, DELETE require storage.modify scope
- PUT, MKCOL require storage.create scope if resource doesn't exist
- PUT, MKCOL require storage.modify scope if resource exists
We need to review this logic in order to consider also the latency status of the resource (is it online or nearline?)
- relates to
-
STOR-1600 WLCG scope "storage.modify" must grant stat permission
-
- Open
-