Proposal: Admin moderation for published workflows (take down and restore a public workflow) #6246
yangzhang75
started this conversation in
Ideas
Replies: 1 comment
-
|
This feature was suggested based on the experience in a few education programs using Texera deployments. Workflows created by students and instructors were left as "Public," even though the workflows are no longer needed. They make the platform harder to use by other users. Currently only the owner of each workflow can un-publish it, and admins cannot do so. This discussion is about workflows. Later we should do something similar for datasets and possibly other resources can can be made public. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
This builds on #6242 (Report a Public Workflow), which lets admins Unpublish a reported workflow. This proposal adds the two things that report-driven flow leaves open: acting without waiting for a report, and making a take-down stick.
The gap
In #6242, an admin resolves a report by Unpublishing, which sets the workflow back to private. But that reuses the ordinary public/private toggle, so the author can immediately re-publish it — the take-down doesn't hold. And admins can only act on workflows that users have already reported; there's no way to proactively pull a workflow an admin finds themselves.
What this adds
workflow_moderation(wid, blocked_by, reason, blocked_at)table). While a block exists, the author'smakePublicis refused (Forbidden, with the reason), so they can't silently re-publish.The block is the shared enforcement piece: #6242's report-driven Unpublish can write the same block, so both paths — report-driven and admin-initiated — produce a take-down that actually holds.
How it works
Take-down sets
is_public = falseand inserts a block row. The Hub queries, the public detail page, and the guest direct-link (GET /workflow/publicised/{wid}) all already gate onis_public = true, so it leaves every public surface automatically. The only new enforcement is one check inWorkflowResource.makePublicthat refuses while a block row exists. Take-down never deletes anything and never touches the author's private copy or existing clones.Authorization reuses the existing
@RolesAllowed(Array("ADMIN"))+UserRoleAuthorizer, same as the other admin resources. New surface: one admin endpoint pair (e.g.PUT /admin/workflow/{wid}/blockand/unblock) plus the one guard inmakePublic.Open questions
Feedback welcome, and happy to fold this into #6242 if the group prefers one thread.
Beta Was this translation helpful? Give feedback.
All reactions