Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 3.1.0, 3.2.0, 3.2.1, 3.3.0
-
Fix Version/s: 3.3.0
-
Component/s: Browse Storage
-
Labels:
-
Story Points:3
-
Epic Link:
-
Sprint:Sprint 91
Description
Anonymous user is assigned one role with only the following:
nexus:repository-view:maven2:maven-central:browse
nexus:repository-view:maven2:maven-central:read
There is a difference in behaviour between Nexus 3.0.2 and 3.1.0.
In Nexus 3.0.2 you only see maven-central in Browse Assets/Components.
In Nexus 3.1.0 you see all the repos in Browse Assets/Components. You do not see artifacts under repositories that you do not permissions for, but the issue is that the repository should not displayed
NOTE: This does not allow users to see the repository content, just the repository names.
Attachments
Issue Links
- duplicates
-
NEXUS-11238 Repository View - Browse permission grants too much access
-
- Closed
-