Uploaded image for project: 'AppFormer'
  1. AppFormer
  2. AF-2760

Permission configured in business-central is not applied when doing git clone from outside of BC

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • None
    • 7.44.0.Final
    • Security
    • 2021 Week 31-33 (from Aug 2), 2021 Week 34-36 (from Aug 23), 2021 Week 37-39 (from Sep 13)
    • Hide
      1. login BC with admin user (e.g. rhpamAdmin)
      2. go do Admin-> Roles( security management), remove permission of Space and Project from 'developer' role ( i.e. no permission for Space and Project). see attached screenshot (permission.png)
      3. create 2 name spaces(say space1 and space2) and create 2 projects (proj1 in space1 and proj2 in space2) in these space respectively
      4. create user who has only developer role
      5. add this user as contributor to one of project (say proj1)
      6. login BC with this developer user
        => only space1/proj1 is shown ( space2/proj2 is not shown)
      7. in command terminal, try to clone these projects like the following and authenticate with this developer user
        $ git clone http://localhost:8080/business-central/git/space1/proj1
        => this works as expected.
        $ git clone http://localhost:8080/business-central/git/space2/proj2
        => This should be rejected but works even though it's not shown in business-central
      Show
      login BC with admin user (e.g. rhpamAdmin) go do Admin-> Roles( security management), remove permission of Space and Project from 'developer' role ( i.e. no permission for Space and Project). see attached screenshot (permission.png) create 2 name spaces(say space1 and space2) and create 2 projects (proj1 in space1 and proj2 in space2) in these space respectively create user who has only developer role add this user as contributor to one of project (say proj1) login BC with this developer user => only space1/proj1 is shown ( space2/proj2 is not shown) in command terminal, try to clone these projects like the following and authenticate with this developer user $ git clone http://localhost:8080/business-central/git/space1/proj1 => this works as expected. $ git clone http://localhost:8080/business-central/git/space2/proj2 => This should be rejected but works even though it's not shown in business-central
    • Undefined
    • NEW
    • NEW

    Description

      In order to restrict access to space/project, permission can be configured for the role in business central Security Manager, for instance remove all permission to Space and Project from developer role. This works fine as expected. i.e. If the user is not set as contributor to the space and the project, these space and project are not shown in business central (i.e. unable to access these).

      But when doing git clone from out side of business central, that user can clone the project even though it is not shown in Business Central due to lack of permission.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. RHPAM-3375 permission configured in business-central is not applied when doing git clone from outside of BC

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              r_anand Rishiraj Anand (Inactive)
              rhn-support-hmiura Hiroko Miura
              Srihari V Srihari V
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: