Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-18898

repository-content-selector privileges using paths do not get applied to /tags/associate

    XMLWordPrintable

    Details

    • Story Points:
      1
    • Notability:
      4

      Description

      1. Create a content selector named "test-selector"

      format == "maven2" && ( path =~ "^/+com/example/.*" || path =~ "/|/com/|/example/.*" )
      

      2. Create a Content selector privilege:
      Name: test-priv
      Selector: test-selector
      Repository: maven-releases
      Actions: *

      3. Create a test-role, that has the following privs:

      nx-tags-associate
      test-priv

      4. Create a test user that has the test-role

      5. Create a test-tag as the test user - it works as expected

      curl -u test:admin123 -X POST --header curl -u admin:admin123 -X POST --header "Content-Type: application/json" -d '{"name":"test-tag"}' http://127.0.0.1:8081/service/rest/v1/tags
      {
        "name" : "test-tag",
        "attributes" : { },
        "firstCreated" : "2019-01-17T21:51:01.430+0000",
        "lastUpdated" : "2019-01-17T21:51:01.430+0000"
      }
      

      6. Upload a component to maven-releases hosted maven 2 repository
      groupId: com.example
      artifactId: example
      version 1.0.0
      Create POM? yes, packaging: jar

      7. Try to associate the test-tag to the example components as the test user - it doesn't work

       curl -u test:admin123 -X POST "http://localhost:8081/service/rest/v1/tags/associate/test-tag?repository=maven-releases&group=com.example&name=example&version=1.0.0" -v
      *   Trying ::1...
      * TCP_NODELAY set
      * Connection failed
      * connect to ::1 port 8081 failed: Connection refused
      *   Trying 127.0.0.1...
      * TCP_NODELAY set
      * Connected to localhost (127.0.0.1) port 8081 (#0)
      * Server auth using Basic with user 'test'
      > POST /service/rest/v1/tags/associate/test-tag?repository=maven-releases&group=com.example&name=example&version=1.0.0 HTTP/1.1
      > Host: localhost:8081
      > Authorization: Basic dGVzdDphZG1pbjEyMw==
      > User-Agent: curl/7.61.1
      > Accept: */*
      > 
      < HTTP/1.1 404 Not Found
      < Date: Thu, 17 Jan 2019 21:57:46 GMT
      < Server: Nexus/3.15.0-01 (PRO)
      < X-Content-Type-Options: nosniff
      < Content-Type: application/json
      < X-Siesta-FaultId: 363e4d2d-ba33-4274-b503-0688f3892501
      < Content-Length: 57
      < 
      {
        "status" : 404,
        "message" : "No components found"
      * Connection #0 to host localhost left intact
      }
      

      Expected

      Given the content selector path matches the path of the components, and the user has the required permissions, the components should be found and tagged.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              plynch Peter Lynch
              Last Updated By:
              Peter Lynch
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title