Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-17787

Virtual Rubygem repositories fail deploys without full access to all repos

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.12.0
    • Component/s: RubyGems
    • Labels:

      Description

      Symptoms: Users with Deploy access to a local Gems repository are able to push directly to the local, but cannot push through a virtual Gems repository.

      Steps to reproduce:

      1. Have a virtual "gems" repository with two proxied repositories:
           "gems-local" and "gems-remote"
           "gems-local" is the default deployment repository
      1. Set 2 permission targets for a non-admin user:
          Read + Write + Delete on gems-local
          Read only on gems-remote
      1.  Attempt to push a gems package via the gem client:
        jfrog@jfrog:~/development/rubygems/hola$ gem push hola-0.0.1.gem --host http://localhost:8081/artifactory/api/gems/gems
        Pushing gem to http://localhost:8081/artifactory/api/gems/gems...
        {
        "errors" : [ { "status" : 403, "message" : "Forbidden" }

        ]
        }

      2. Grant "write" access on the remote repository
      3. Push again, and get a success message

      It looks like the virtual is requiring deploy access to all repositories before it allows the user to make a "gem push" action. This is not the case for other virtual repository types, and shouldn't be required. 

        Attachments

          Activity

            People

            Assignee:
            rotemk Rotem Kfir
            Reporter:
            patrickr Patrick Russell
            Votes:
            2 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: