Project

Profile

Help

Story #8068

closed

Enable users/groups to see repositories from the catalog endpoint when they have the required permissions

Added by lmjachky almost 4 years ago. Updated over 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
GalaxyNG
Sprint:
Sprint 93
Quarter:

Description

The catalog endpoint (/v2/_catalog) is accessible only by administrators. We would like to enable users/groups to do that as well.

Possible solution:

The token server will permit everyone to access the catalog endpoint. Further checks will be necessary in CatalogView: https://github.com/pulp/pulp_container/blob/0cbe68b4a051a42203f46eb33aafabe80cbb561d/pulp_container/app/registry_api.py#L348-L358. Here, we will filter out repositories that are not viewable by an authenticated user.


Files

dynamicload.patch (1.88 KB) dynamicload.patch lmjachky, 03/02/2021 06:53 PM
guardian-hardcoded.patch (1.25 KB) guardian-hardcoded.patch lmjachky, 03/02/2021 06:53 PM
hardcoded.patch (992 Bytes) hardcoded.patch lmjachky, 03/02/2021 06:53 PM

Also available in: Atom PDF