Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-4702

Normal user be able to create organization by image pushing after FEATURE_RESTRICTED_USERS enabled

XMLWordPrintable

    • False
    • None
    • False
    • Quay Enterprise

      Description of problem:

      Normal user be able to create organization by image pushing after FEATURE_RESTRICTED_USERS enabled

      Version-Release number of selected component (if applicable):

      'registry-proxy.engineering.redhat.com/rh-osbs/quay-quay-rhel8@sha256:d33899d766e7289ab898cb3e63ebb0b5e027e929d5489871745e36fb8ebf0bdd',
      'registry-proxy.engineering.redhat.com/rh-osbs/quay-quay-rhel8:v3.8.0-86'

      How reproducible:

      Always

      Steps to Reproduce:
      1. Enable FEATURE_RESTRICTED_USERS

      2. Login quay UI, create a normal excluded in whitelist

      3. Push image to non-existing org, like:

      $ skopeo copy --dest-creds=quay:password --dest-tls-verify=false docker://quay.io/projectquay/clair:4.4.4 docker://10.0.78.224:8443/quayio/clair:4.4.4

      Actual results:

      Pushing is failed, but succeed in creating org in UI

      Expected results:

      Shouldn't create org in UI

      Additional info:

      config.yaml:

      AUTHENTICATION_TYPE: Database
CREATE_NAMESPACE_ON_PUSH: true
FEATURE_RESTRICTED_USERS: true
RESTRICTED_USERS_WHITELIST:
  - user1

       

              sleesinc Kenny Lee Sin Cheong
              rhn-support-dyan Dongbo Yan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: