Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-25783

Browse of NuGet packages from visual studio fails if user doesn't have browse privileges to all group members

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.28.1
    • Fix Version/s: 3.30.0
    • Component/s: nuget-v3
    • Labels:
    • Notability:
      3

      Description

      Set up a NuGet group repository with several member repositories, and configure it for v3 access in Visual Studio.

      Create a user that has browse and read access to the group repository, but does not have browse privileges for the group's member repositories. 

      Attempt to browse packages in Visual Studio.

      This will fail with an error response.

      To work around this it is necessary to grant browse access directly to every member repository in the group.

       

      2020-11-05 09:24:27,178-0500 WARN  [qtp1312879983-2530]  SRAJARA8 org.sonatype.nexus.repository.httpbridge.internal.ViewServlet - Failure servicing: GET /repository/nuget-group/v3/query/beta?q=&skip=0&take=26&prerelease=false&supportedFramework=.NETFramework,Version=v4.6.1&semVerLevel=2.0.0
      java.lang.NullPointerException: null
      	at com.sonatype.nexus.repository.nuget.internal.v3.NugetV3SearchFacet.search(NugetV3SearchFacet.java:143)
      	at com.sonatype.nexus.repository.nuget.internal.v3.NugetV3HostedSearchHandler.handle(NugetV3HostedSearchHandler.java:50)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at org.sonatype.nexus.repository.storage.UnitOfWorkHandler.handle(UnitOfWorkHandler.java:39)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at org.sonatype.nexus.repository.routing.internal.RoutingRuleHandler.handle(RoutingRuleHandler.java:52)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at org.sonatype.nexus.repository.security.SecurityHandler.handle(SecurityHandler.java:51)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at com.sonatype.analytics.internal.handler.AnalyticsMeteringHandler.handle(AnalyticsMeteringHandler.java:69)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at org.sonatype.nexus.repository.view.handlers.TimingHandler.handle(TimingHandler.java:58)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at com.sonatype.analytics.internal.handler.SubFormatAnalyticsHandler.handle(SubFormatAnalyticsHandler.java:41)
      	at org.sonatype.nexus.repository.view.Context.proceed(Context.java:86)
      	at org.sonatype.nexus.repository.view.Context.start(Context.java:143)
      	at org.sonatype.nexus.repository.view.Router.dispatch(Router.java:65)
      	at org.sonatype.nexus.repository.view.ConfigurableViewFacet.dispatch(ConfigurableViewFacet.java:52)
      	at org.sonatype.nexus.repository.group.GroupHandler.getFirst(GroupHandler.java:139)
      	at com.sonatype.nexus.repository.nuget.internal.v3.NugetV3GroupAbstractHandler.getFromRepository(NugetV3GroupAbstractHandler.java:132)
      	at com.sonatype.nexus.repository.nuget.internal.v3.NugetV3GroupAbstractHandler.getRepositoryPayloads(NugetV3GroupAbstractHandler.java:65)
      	at com.sonatype.nexus.repository.nuget.internal.v3.NugetV3GroupSearchHandler.doGet(NugetV3GroupSearchHandler.java:67)
      

       

      Expected

      • group repo privs are transitive, therefore the repository view permissions granted to the user for the group, should be transitive into the repository members - make nugetv3 group processing work this way
      • a checked or unchecked exception processing group members should be caught and logged at the appropriate levels, then group member processing should continue processing remaining members so that the entire group repo request DOES NOT fail full stop
      • RuntimeException is a coding problem, avoid NullPointerException

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mlukaretkyi Maksym Lukaretkyi
              Reporter:
              rseddon Rich Seddon
              Last Updated By:
              Joe Tom Joe Tom
              Team:
              NXRM - Trinity
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  tigCommentSecurity.panel-title