Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-18135

Unable to determine priviliges given to LDAP users

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Unresolved
    • Major
    • None
    • 3.13.0
    • LDAP, UI

    Description

      In Nexus 3 it is not possible to see which permissions have been granted to individual LDAP user.

      Pre-Conditions

      • LDAP connection is seup

      Reproduction Steps

      1. Navigate to admin > security > users
      2. Select Source = "LDAP"
      3. enter and ldap user in the field "Filter for user id"
      4. Doubleclick user
      5. Assign a role e.g. ng-admin and save changes

      Expected Result

      1. Under Manage Users I would see the individual users and the roles that have been assigned directly
      2. In de respective role under admin > security > roles (e.g. nx-admin) I would see which users have been assigned the role

      Actual Result

      1. Only local users are shown
      2. There are on individual users shown

      This is a huge security risk as one might not see or be aware of individual users who have to much permission (e.g. nx-admin role)

      Attachments

        Issue Links

          relates

          Bug - A problem which impairs or prevents the functions of the product. NEXUS-7996 Users: Changing dropdown does not show list until refresh

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Unassigned Unassigned
              papanito Papanito
              Peter Lynch Peter Lynch
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                tigCommentSecurity.panel-title