affects OMERO versions 5.2.7 and earlier
Users even without permission could still delete official scripts even though they got an error when they tried.
The ordering of statements in the script service was such that the underlying file on the filesystem could be removed before model object permissions on the original file were checked. The fix was to move some code forward from the light admin work that adds extra permissions checking to the script service so that a "have I permission to delete this OriginalFile?" check is made before launching into anything that touches the filesystem.
OMERO.server up to and including 5.2.7.
All scripts could be removed.
All OMERO.servers should be upgraded to at least 5.2.8.