Story #8068: Enable users/groups to see repositories from the catalog endpoint when they have the required permissions - Container Support - Pulp

Send by e-mail

Story #8068

Enable users/groups to see repositories from the catalog endpoint when they have the required permissions

Added by lmjachky 13 days ago. Updated 10 days ago.

Status:

NEW

Priority:

Normal

Assignee:

-

Sprint/Milestone:

Start date:

Due date:

% Done:

0%

Estimated time:

Platform Release:

Groomed:

No

Sprint Candidate:

No

Tags:

Sprint:

Quarter:

Description

The catalog endpoint (/v2/_catalog) is accessible only by administrators. We would like to enable users/groups to do that as well.

Possible solution:

The token server will permit everyone to access the catalog endpoint. Further checks will be necessary in CatalogView: https://github.com/pulp/pulp_container/blob/0cbe68b4a051a42203f46eb33aafabe80cbb561d/pulp_container/app/registry_api.py#L348-L358. Here, we will filter out repositories that are not viewable by an authenticated user.

History

#1 Updated by ipanova@redhat.com 10 days ago

Sprint/Milestone changed from 2.3.0 to post-mvp-rbac

#2 Updated by ipanova@redhat.com 10 days ago

The content of this endpoint should not be viewable by Anonymous user
Authed users will see only the repos they have perms for
Admin user will see all registry repos

Please register to edit this issue

Send by e-mail

Also available in: Atom PDF