Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-17156

Staging REST endpoint returns 401 when a user is authenticated but lacks needed privileges

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.11.0
    • Fix Version/s: 3.13.0
    • Component/s: Staging
    • Labels:
    • Story Points:
      1

      Description

      The new staging REST API returns a 401 response when a user has been successfully authenticated, but does not have the needed privileges to perform the operation.  This is incorrect, and very confusing.  It should return a 403 error when a user has been authenticated, but is not permitted.

       

      $ curl -i -u test:test -X POST http://localhost:8081/service/rest/beta/staging/move/uat?tag=stagingTestTag
      HTTP/1.1 401 Unauthorized
      Date: Mon, 21 May 2018 19:32:10 GMT
      Server: Nexus/3.11.0-01 (PRO)
      X-Content-Type-Options: nosniff
      Content-Type: application/json
      Content-Length: 115
      
      {
        "status" : 401,
        "message" : "Move from repository not permitted",
        "data" : {
          "repository" : "dev"
        }
      }
      

       

       

       

        Attachments

          Activity

            People

            Assignee:
            jbryan Jeremy Bryan
            Reporter:
            rseddon Rich Seddon
            Last Updated By:
            Peter Lynch
            Team:
            Nexus - Core
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                tigCommentSecurity.panel-title