[RTFACT-18447] Users are allowed to overwrite the manifest.json even if they have deploy/cache permissions only Created: 04/Feb/19 Updated: 19/Jul/19
|Project:||Artifactory Binary Repository|
|Reporter:||Rafael Cunha de Almeida||Assignee:||Unassigned|
|Attachments:||Screen Shot 2019-02-13 at 9.32.57.png Screen Shot 2019-02-13 at 9.43.45.png Screen Shot 2019-02-13 at 9.46.18.png|
After creating a docker registry and giving users permissions to deploy/cache only, pushing the same image twice will cause the manifest.json metadata to be changed (deployed by and last modified). This will not happen if the contents of manifest.json the user tries to push are different than what's stored in artifactory.