Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-18447

Users are allowed to overwrite the manifest.json even if they have deploy/cache permissions only

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Resolution: Done
    • Affects Version/s: 6.7.0
    • Fix Version/s: None
    • Component/s: Docker
    • Labels:
    • Severity:
      Medium

      Description

      After creating a docker registry and giving users permissions to deploy/cache only, pushing the same image twice will cause the manifest.json metadata to be changed (deployed by and last modified). This will not happen if the contents of manifest.json the user tries to push are different than what's stored in artifactory.

        Attachments

        1. Screen Shot 2019-02-13 at 9.32.57.png
          130 kB
          Shai Ben-Zvi
        2. Screen Shot 2019-02-13 at 9.43.45.png
          111 kB
          Shai Ben-Zvi
        3. Screen Shot 2019-02-13 at 9.46.18.png
          72 kB
          Shai Ben-Zvi

          Issue Links

            Activity

                People

                Assignee:
                asafz Asaf Zalcman
                Reporter:
                rafael Rafael Cunha de Almeida
                Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    Sync Status

                    Connection: RTFACT Sync
                    RTMID-18447 -
                    SYNCHRONIZED
                    • Last Sync Date: