Skip to content

Add created_by: user_id to "Asset blobs"  #333

New issue
New issue
Open
Open
Add created_by: user_id to "Asset blobs" #333
Labels
enhancementNew feature or requestmetadataIssues of dandiset/asset metadata handling
Milestone
Dandiset lifecycle
@yarikoptic

Description

@yarikoptic
yarikoptic
opened on Jun 14, 2021

Establishing full accounting/provenance for changes in the archive would probably require a substantial work. To be able to track down and mitigate uploads by malicious users, we could at least quickly add accounting for the blobs uploads. It would IMHO be very much sufficient to be able to quickly

  • traceback all content uploaded by a malicious user
  • Dandisets records have history enabled, so we can trace down which dandisets were created by the user and remove them
  • double-check if that content was not somehow used in other (legit) dandisets to not remove it. (use case: attacker upload 5% of bad content with 95% of legit, where legit stuff was reused in other dandisets later since we deduplicate).

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestmetadataIssues of dandiset/asset metadata handling

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions