New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using tickets in private repositories #1037
Comments
Hi @mliebelt thanks for reporting. I've just tested and experience the same issue. I agree if the access policy is This is also demonstrable for users who do not have permission to view non-private repositories. |
Ouch. Hard to believe I let that slip by. Thanks @mliebelt for reporting and @paulsputer for fixing! |
Fix for #1037 myTickets now honours permissions
Fixed and merged with PR #1040 |
Thank's a lot for the answers, and of course for the fix. One more reason to upgrade earlier (when it is contained in a new version). Great tool, with great support! |
We are using GitBlit 1.6.2, and have enabled tickets on one server (due to the demand of one project). We use the projects and repositories in a multi-tenant way, which means that only some groups of users are allowed to see the repositories.
I have tried now the following:
Unauthorized access for repository <PROJECT/repo>.git
(which is ok)In my opinion, tickets should behave in the same manner as the other artifacts in GitBlit. You should only have access to tickets, which are in repositories you could at least see (have view access).
The text was updated successfully, but these errors were encountered: