Uploaded image for project: 'AppFormer'
  1. AppFormer
  2. AF-2760

Permission configured in business-central is not applied when doing git clone from outside of BC

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • None
    • 7.44.0.Final
    • Security
    • 2021 Week 31-33 (from Aug 2), 2021 Week 34-36 (from Aug 23), 2021 Week 37-39 (from Sep 13)
    • Hide
      1. login BC with admin user (e.g. rhpamAdmin)
      2. go do Admin-> Roles( security management), remove permission of Space and Project from 'developer' role ( i.e. no permission for Space and Project). see attached screenshot (permission.png)
      3. create 2 name spaces(say space1 and space2) and create 2 projects (proj1 in space1 and proj2 in space2) in these space respectively
      4. create user who has only developer role
      5. add this user as contributor to one of project (say proj1)
      6. login BC with this developer user
        => only space1/proj1 is shown ( space2/proj2 is not shown)
      7. in command terminal, try to clone these projects like the following and authenticate with this developer user
        $ git clone http://localhost:8080/business-central/git/space1/proj1
        => this works as expected.
        $ git clone http://localhost:8080/business-central/git/space2/proj2
        => This should be rejected but works even though it's not shown in business-central
      Show
      login BC with admin user (e.g. rhpamAdmin) go do Admin-> Roles( security management), remove permission of Space and Project from 'developer' role ( i.e. no permission for Space and Project). see attached screenshot (permission.png) create 2 name spaces(say space1 and space2) and create 2 projects (proj1 in space1 and proj2 in space2) in these space respectively create user who has only developer role add this user as contributor to one of project (say proj1) login BC with this developer user => only space1/proj1 is shown ( space2/proj2 is not shown) in command terminal, try to clone these projects like the following and authenticate with this developer user $ git clone http://localhost:8080/business-central/git/space1/proj1 => this works as expected. $ git clone http://localhost:8080/business-central/git/space2/proj2 => This should be rejected but works even though it's not shown in business-central
    • Undefined
    • NEW
    • NEW

      In order to restrict access to space/project, permission can be configured for the role in business central Security Manager, for instance remove all permission to Space and Project from developer role. This works fine as expected. i.e. If the user is not set as contributor to the space and the project, these space and project are not shown in business central (i.e. unable to access these).

      But when doing git clone from out side of business central, that user can clone the project even though it is not shown in Business Central due to lack of permission.

        1. permission.png
          permission.png
          58 kB

              r_anand Rishiraj Anand (Inactive)
              rhn-support-hmiura Hiroko Miura
              Srihari V Srihari V
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: