Secure code reviews
Right now there is no mechanism to prevent users from deleting code reviews (unless I've missed something obvious), which is a problem for what we're trying to do. If nothing else it would be nice to have a "before-rmreview" trigger that we can hook into
![](https://secure.gravatar.com/avatar/7607dc9eed1ffd2edaccdbcf0a504006?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)
-
Diego H. Bustamante commented
can the plastic repo ACL permissions be added for this so they can be controlled through that mechanism?
-
Ryan commented
Currently we're doing this with a trigger on the SQL backend to prevent developers from deleting code reviews in progress. It sure seems like an obvious thing to secure, so I'm surprised it's not.
-
Darcy commented
It's possible that this could be controlled using permissions on a larger scale... Once a review is created, maybe only the repo admin can remove it (for scenarios where traceability is required)