[NEXUS-22892] Search API Forbidden for group repository - Sonatype JIRA

XML

Word

Printable

Details

Type: Bug
Status: Open
Priority: Medium
Resolution: Unresolved
Affects Version/s: 3.21.1, 3.26.1
Fix Version/s: None
Component/s: REST, Search
Labels:
- triaged

Description

We are getting a 403 Forbidden error when using REST API Search in a group repository.

We have a public group "public-acme-openshift-snap-grp" that has "read" and "browse" privilege on a private repository "acme-openshift-snapshots". When using GUI, we can access resources in the private repository through the public group. However, when using Search REST API (e.g. /service/rest/v1/search/assets/download) we can not.

We suppose the problem is that when searching for the artifact Nexus does not return correct "downloadUrl", i.e. instead of having repository value set as "public-acme-openshift-snap-grp" it returns "acme-openshift-snapshots" which is private hence the error.

Is this the expected behavior? Can we get downloadUrl populated with "repository" value from the search if a resource is found?

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

searchApi.txt
3 kB
02/28/20 02:16 PM
searchApiMaven.txt
3 kB
09/02/20 09:51 AM

Activity

People

Assignee:: Unassigned

Reporter:: Stanislav Bebej

Last Updated By:: Joe Tom

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/28/20 02:17 PM

Updated:: 09/30/20 08:16 PM

Date of First Response:: 28/Feb/20 4:31 PM

Details

Description

Attachments

Attachments

Activity

People

Dates

tigCommentSecurity.panel-title