Secure code reviews
Right now there is no mechanism to prevent users from deleting code reviews (unless I've missed something obvious), which is a problem for what we're trying to do. If nothing else it would be nice to have a "before-rmreview" trigger that we can hook into
-
Diego H. Bustamante commented
can the plastic repo ACL permissions be added for this so they can be controlled through that mechanism?
-
Ryan commented
Currently we're doing this with a trigger on the SQL backend to prevent developers from deleting code reviews in progress. It sure seems like an obvious thing to secure, so I'm surprised it's not.
-
Darcy commented
It's possible that this could be controlled using permissions on a larger scale... Once a review is created, maybe only the repo admin can remove it (for scenarios where traceability is required)