Project

Profile

Help

Story #8068

Enable users/groups to see repositories from the catalog endpoint when they have the required permissions

Added by lmjachky 13 days ago. Updated 10 days ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

The catalog endpoint (/v2/_catalog) is accessible only by administrators. We would like to enable users/groups to do that as well.

Possible solution:

The token server will permit everyone to access the catalog endpoint. Further checks will be necessary in CatalogView: https://github.com/pulp/pulp_container/blob/0cbe68b4a051a42203f46eb33aafabe80cbb561d/pulp_container/app/registry_api.py#L348-L358. Here, we will filter out repositories that are not viewable by an authenticated user.

History

#1 Updated by ipanova@redhat.com 10 days ago

  • Sprint/Milestone changed from 2.3.0 to post-mvp-rbac

#2 Updated by ipanova@redhat.com 10 days ago

  1. The content of this endpoint should not be viewable by Anonymous user
  2. Authed users will see only the repos they have perms for
  3. Admin user will see all registry repos

Please register to edit this issue

Also available in: Atom PDF