Make deleting safer
The delete function was brought in without its own permission, so anyone who can archive a list can also delete a list. This means a lot of staff here now have the delete option, because they need the archive option.
If a list is deleted, there is no trace of it whatsoever, even to sysadmins and Support, and there is no way of having any notifications when lists are deleted. This introduces substantial risk.
We would prefer not to have to remove archive permission from most users, therefore we request that:
- the delete permission is a separate permission so sites can assign it as desired
- if possible, deleted lists/delete actions are also reportable (but this should be covered by the full auditing request in http://ideas.talisaspire.com/forums/189041-talis-aspire-ideas-2013/suggestions/3611090-activity-audit-knowing-who-s-done-what-)
this was released today