Mismatch between TS-0001 and TS-0004 concerning Delete behaviour
TS-0001 clause 10.1.5 says that deletion of a resource also causes deletion of all its child resources
The Receiver shall verify the existence (including Filter Criteria checking, if it is given) of the requested resource and if the Originator has the appropriate privilege to delete the resource. This privilege checking follows the rules defined in table 9.6.1.3.2-1 (common attributes description). The Receiver shall also verify if the DELETE operation complies with service subscription limits... On successful verification, the Receiver shall check for child resources and delete all child resources and the associated references in parent resources and it shall remove the resource itself.
TS-0004 clause also talks about deletion of child resources but has an additional bit that (I think) is saying this is only for child resources that aren't referenced from anywhere else:
The addressed resource with all its attributes shall be deleted. Any expiration timer shall be stopped. This same procedure shall be invoked (recursively) for each child resource of the deleted resource in case the child resource is only linked to the deleted resource.
This raises a number of questions:
- Does "only linked to the deleted resource" mean what I said above, i.e. a child resource that isn't referenced from anywhere else?
- If so, why would we not have the same rule on the parent resource?
- If there is a child resource that can't be deleted because it is referenced from somewhere else, what happens to the parent? Is that still deleted leaving that child orphaned? That would seem to be what is implied, but do we have assumptions elsewhere that every resource has a parent?
There is also ambiguity in both specs about whether the delete privilege checking needs to be applied to the child resources as well as the parent, and if it does what happens if the Originator has privilege to delete the parent but not one of its children?