With CSEL, Nexus administrators can't allow users to browse only particular directories/files.
1) Create a row-hosted repository
2) Upload some file (aaaa.txt) under /test/test2/test3/
3) Upload another file (bbbb.txt) under /test/test2
4) Create a test user.
5) Create a CSEL with format == "raw" and path =^ "/test/test2/test3" (tried path =~ "/test/test2/test3/.*" and path =~ ".*/test3.*" as well)
6) Create a new privilege with above CSEL, then add into a new role, then assign this new role to this test user.
7) Login as the test user and browse the row-hosted repository.
Below lines do above steps:
My expectation is the test user should see /test/test2/test3/aaaa.txt, but should not see "/test/test2/bbbb.txt.
The reason I expect this is it seems the code checks the CSEL when no repository level permission is set.
This test user can't see any directories/files but just permission error, until the admin adds "nx-repository-view-raw-raw-hosted-browse" privilege.
Also, after adding above privilege, the test user can see all objects under the raw-hosted repo (the "browse" action is not working at all).
The getByPath() uses path = "/" which eventually generates the SQL like blow:
So I'm guessing because the asset's parent_path is not "/", having " ... and parent_path='/'" would not work?