Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The plugin does not respect the user-group-permission target association. #24

Open
swarnendukayal opened this issue Sep 11, 2021 · 0 comments
Labels
bug Something isn't working

Comments

@swarnendukayal
Copy link

swarnendukayal commented Sep 11, 2021

Description:

The plugin does not respect the user-group-permission target association. A permission target is created, which has the Read, Annotate and Deploy/Cache permission for the associated groups. However, it does not have the "Delete/Overwrite" permission for the groups. In that case, when we try to deploy using "mvn clean deploy" for the second time, it should be throwing 403. However, it is not complaining about it and deploying it without any issues.

To Reproduce

  1. Create a SAML user or an internal user - for example - "abc@jfrog.com"

  2. Add that user manually to two groups "readers" and "remote-cache".

  3. Now these two groups "readers" and "remote-cache" are part of a permission target "testoverwrite" and the groups have "Read", "Annotate" and "Deploy/Cache" permission in this permission target for the repositories (libs-release-local, libs-snapshots-local) and as well as for the builds.

  4. Create a folder and paste the attached "pom.xml" file into that folder.

  5. Configure the "settings.xml" from the "Set Me Button" and change the username and password section with the created one.

  6. Run the "mvn clean install" from that folder to build it.

  7. Run the "mvn clean deploy" two times and the deploy will be successful

Expected behavior
If we run the "mvn clean deploy" for the second time without changing anything, it should throw a "403 Forbidden" error as the same file is being tried to be deployed to the repository. The expected behavior can be seen when we use "distributionManagement" in the "pom.xml" file.

Screenshots
The required files are attached with this issue.

Versions

  • Artifactory Maven plugin version: 3.2.3
  • Artifactory version: 7.24.4
  • Maven version:
    Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
    Maven home: /usr/local/Cellar/maven/3.6.3_1/libexec
    Java version: 1.8.0_222, vendor: AdoptOpenJDK, runtime: /Library/Java/JavaVirtualMachines/adoptopenjdk-8.jdk/Contents/Home/jre
    Default locale: en_IN, platform encoding: UTF-8
    OS name: "mac os x", version: "10.16", arch: "x86_64", family: "mac"

Attachments:
pom.xml_use_case_reproduced_internal_user.txt
pom.xml_useCase_reproduced_SAML_user.txt
pom.xml_with_expected_behavior.txt

@swarnendukayal swarnendukayal added the bug Something isn't working label Sep 11, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant