Mailinglist Archive: opensuse-buildservice (96 mails)

< Previous Next >
Re: [opensuse-buildservice] Denying source access?
On Donnerstag, 13. Oktober 2016, 16:27:07 CEST wrote Erico Mendonca:
Adrian,

I checked and tried with two different users, both with Admin role. One of
them was actually the Admin user ☺

First of all, I would like to remind the reason, why this check is there at all.
We can not guarantee that you can't reach the source, because other mechanics,
eg
links pointing to that package can circumvant this check.

So our recommendation is still that you add these tags only on creation
time of the package or project.

Admins might ignore this, but you need to know the OBS internals to understand
if you are safe or not.

Is there any place or API I could use to change this permission?

However, I saw that this code check indeed broke in 2.7 branch due to some
refactoring. The fix is here for git master:

https://github.com/openSUSE/open-build-service/pull/2232

I will backport it to 2.7 branch once it got merged.

However, still not a good idea to use that :)

hope this helps anyway
adrian

--
— Erico Mendonça
Dedicated Support Engineer
SUSE

Em 04/10/16 15:51, "Adrian Schröter" <adrian@xxxxxxx> escreveu:

On Dienstag, 4. Oktober 2016, 18:48:12 CEST wrote Erico Mendonca:
The check is actually in

app/controllers/source_controller.rb

def update_package_meta

at least when you see the change_package_protection_level error.
So, better double-check that your used user has really the Admin role:

osc api /person/$used_user






--

Adrian Schroeter
email: adrian@xxxxxxx

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284
(AG Nürnberg)

Maxfeldstraße 5
90409 Nürnberg
Germany


--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups