Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-19583

Make it possible to enforce that only staging operations can promote release artifacts

    XMLWordPrintable

    Details

    • Notability:
      3

      Description

      A staging move operation requires the following privileges:

      • "nx-repository-view-<repo-format>-<repoId>-delete" privilege in the source repository
      • "nx-repository-view-<repo-format>-<repoId>-add" privilege in the destination repository

      So a user that can perform the staging operation implicitly has to have write access to the target repository.  This is not desirable.  It should be possible to enforce that users must use staging to move artifacts into the target repository.  Without this, it is possible for users making deployments to bypass the staging workflows set up by companies.

      Note that NEXUS-18917 is related to this request.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              rseddon Rich Seddon
              Last Updated By:
              Michael Worthington
              Votes:
              5 Vote for this issue
              Watchers:
              9 Start watching this issue

                Dates

                Created:
                Updated:
                Date of First Response:

                  tigCommentSecurity.panel-title