Details
Description
The new staging REST API returns a 401 response when a user has been successfully authenticated, but does not have the needed privileges to perform the operation. This is incorrect, and very confusing. It should return a 403 error when a user has been authenticated, but is not permitted.
$ curl -i -u test:test -X POST http://localhost:8081/service/rest/beta/staging/move/uat?tag=stagingTestTag HTTP/1.1 401 Unauthorized Date: Mon, 21 May 2018 19:32:10 GMT Server: Nexus/3.11.0-01 (PRO) X-Content-Type-Options: nosniff Content-Type: application/json Content-Length: 115 { "status" : 401, "message" : "Move from repository not permitted", "data" : { "repository" : "dev" } }