[codex] Fix workspace delete permission rendering#660
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f8592951d4
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| const canModifyPath = (path?: string | null) => ( | ||
| isEnterprisePath(path) ? canManageEnterpriseInfo : canManageWorkspace | ||
| ); |
There was a problem hiding this comment.
For agents where the current user has access_level: "use", this makes canModifyPath('workspace/...') false, which also suppresses the side-panel edit button via canEdit and blocks create/upload actions. The rest of the workspace UI still enables upload, newFile, newFolder, and edit for these users while gating only delete on canManage (AgentDetailPage.tsx:5792), and the write endpoint only requires check_agent_access (backend/app/api/files.py:604), so this commit removes an allowed workflow from the live side panel rather than just hiding unauthorized deletes.
Useful? React with 👍 / 👎.
2 participants
Summary
Fix
Fixes #656.
Root Cause
The main Workspace tab already gated delete actions with canManage, but the live Workspace side panel did not receive the same workspace manage permission. As a result, non-admin/non-manage users could still see delete controls in that panel even though backend deletion was blocked.
Validation
git diff --check.node/npm/pnpm/yarnare unavailable in this shell environment.