Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 3.2.1
-
Fix Version/s: 3.8.0
-
Labels:
-
Story Points:1
Description
If a user has read privileges to a bower group, but not the underlying bower proxy, then the "bower install <package>" will fail for any package that is not locally cached.
Steps to reproduce:
- Setup a bower group bower-group that has a bower proxy bower-proxy as a member
- Setup a user (boweruser) that only has view access to bower-group (i.e. nx-repository-view-bower-bower-group-*)
- Try to install a bower package that is not locally cached in proxy bower-proxy
- Configure .bowerrc to use the boweruser user:
{ "registry" : "http://localhost:8081/repository/bower-group" , "resolvers" : [ "bower-nexus3-resolver" ], "nexus" : { "username" : "boweruser", "password" : "boweruser" } }
The bower install command will fail like the following:
% bower install mongoose bower mongoose#* not-cached nexus+http://localhost:8081/repository/bower-group/mongoose#* bower mongoose#* resolve nexus+http://localhost:8081/repository/bower-group/mongoose#* bower mongoose#* error http://boweruser:boweruser@localhost:8081/repository/bower-group/mongoose/versions.json (HTTP 403) Stack trace: Error: http://boweruser:boweruser@localhost:8081/repository/bower-group/mongoose/versions.json (HTTP 403) at Request._callback (/usr/local/lib/node_modules/bower-nexus3-resolver/src/index.js:214:20) at Request.self.callback (/usr/local/lib/node_modules/bower-nexus3-resolver/node_modules/request/request.js:198:22) at emitTwo (events.js:106:13) at Request.emit (events.js:192:7) at Request.<anonymous> (/usr/local/lib/node_modules/bower-nexus3-resolver/node_modules/request/request.js:1035:10) at emitOne (events.js:101:20) at Request.emit (events.js:189:7) at IncomingMessage.<anonymous> (/usr/local/lib/node_modules/bower-nexus3-resolver/node_modules/request/request.js:962:12) at emitNone (events.js:91:20) at IncomingMessage.emit (events.js:186:7) Console trace: Error at StandardRenderer.error (/usr/local/lib/node_modules/bower/lib/renderers/StandardRenderer.js:81:37) at Logger.<anonymous> (/usr/local/lib/node_modules/bower/lib/bin/bower.js:110:26) at emitOne (events.js:96:13) at Logger.emit (events.js:189:7) at Logger.emit (/usr/local/lib/node_modules/bower/lib/node_modules/bower-logger/lib/Logger.js:29:39) at /usr/local/lib/node_modules/bower/lib/commands/index.js:48:20 at _rejected (/usr/local/lib/node_modules/bower/lib/node_modules/q/q.js:844:24) at /usr/local/lib/node_modules/bower/lib/node_modules/q/q.js:870:30 at Promise.when (/usr/local/lib/node_modules/bower/lib/node_modules/q/q.js:1122:31) at Promise.promise.promiseDispatch (/usr/local/lib/node_modules/bower/lib/node_modules/q/q.js:788:41) System info: Bower version: 1.8.0 Node version: 7.6.0 OS: Darwin 16.4.0 x64
Attachments
Issue Links
- discovered while testing
-
NEXUS-11965 npm install fails with 500 error when user has Group level privileges
-
- Closed
-