https://bugzilla.novell.com/show_bug.cgi?id=658835 https://bugzilla.novell.com/show_bug.cgi?id=658835#c0 Summary: Reader role of an LDAP user on a source access disabled package is ineffective Classification: Internal Novell Products Product: openSUSE Build Service Version: master Platform: 64bit OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: General AssignedTo: adrian@novell.com ReportedBy: senyaroy@gmail.com QAContact: adrian@novell.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.3) Gecko/20100423 Ubuntu/10.04 (lucid) Firefox/3.6.3 1. Created LDAP users ldapu1, ldapu2 and ldapu3 where ldapu3 is under the group ldapg1. 2. Created a project prj1 with package pkg1 inside it with ldapu1 as obs user. While creating the project and package inside it, checked the option 'deny access to source'. 3. Edited the 'raw config' of prj1 to give reader role for ldapg1 and ldapu2. 4. Logged in to obs webui as ldapu2 and tried to open the package. Got 'Permission denied The account that is logged into the system lacks proper permissions to perform the operation'. 5. Same is observed for ldapu3 also who is under ldapg1. 6. When the global role of ldapu2 and ldapu3 are changed from 'user' to 'admin' in user management in OBS API, got the full (maintainer) access to the project, package and source files. Reproducible: Always Steps to Reproduce: 1. Create LDAP users ldapu1, ldapu2 and ldapu3 where ldapu3 is under the group ldapg1. 2. Create a project prj1 with package pkg1 inside it with ldapu1 as obs user. While creating the project and package inside it, check the option 'deny access to source'. 3. Edit the 'raw config' of prj1 to give reader role for ldapg1 and ldapu2. 4. Log in to obs webui as ldapu2 and try to open the package. 5. Repeat step 4 for ldapu3. Actual Results: Got error as 'Permission denied The account that is logged into the system lacks proper permissions to perform the operation'. Expected Results: The users with reader role should have access to the source. When the global role of ldapu2 and ldapu3 are changed from 'user' to 'admin' in user management in OBS API, got the full (maintainer) access to the project, package and source files. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.