A staging move operation requires the following privileges:
- "nx-repository-view-<repo-format>-<repoId>-delete" privilege in the source repository
- "nx-repository-view-<repo-format>-<repoId>-add" privilege in the destination repository
So a user that can perform the staging operation implicitly has to have write access to the target repository. This is not desirable. It should be possible to enforce that users must use staging to move artifacts into the target repository. Without this, it is possible for users making deployments to bypass the staging workflows set up by companies.
Note that NEXUS-18917 is related to this request.