Mailinglist Archive: opensuse-buildservice (206 mails)

< Previous Next >
Re: [opensuse-buildservice] ACL errors

These flags (access / sourceaccess / binarydownload ) need to be set right
from the creation of the project and are not meant to be added lateron to an
open project. This is not supported currently.

Create the project with the webui and check the boxes to activate them upon


Am Dienstag, 22. Februar 2011, 10:55:51 schrieb Neil McGovern:
Hi all,

I'm having a little bit of trouble implementing ACLs in a 2.1. When
trying to insert (into the project config):
<group groupid="Amino" role="maintainer"/>

osc complains that:
Sending meta data...
BuildService API error: change_project_protection_level (403)
admin rights are required to raise the source protection level of a
Try again? ([y/N]):

This also seems to occur with the webui.

Interestingly, api/app/controllers/source_controller.rb contains the
following snippet:
p =, :name => project_name)
if @project and not @project.disabled_for?('sourceaccess', nil, nil)
if p.disabled_for? :sourceaccess
render_error :status => 403, :errorcode =>

:message => "admin rights are required to raise the source
:protection level of a project"


This doesn't seem to check for if a user is an admin or not, but (if I'm
reading the code right) simply checks to see if the sourceaccess flag is
being added at all.

So... commenting out section allows me to add the flag, but then more
interesting problems occur. It doesn't seem to matter what 'group'
you're actually in, you can view the spec file via the webui, the
download links (for the source) fail with access denied errors, but the
source can be downloaded via osc!

As you're maintainer/involved in the project , you can access the files.

I'm hoping some basic understanding is missing here, and I'm not going
completely insane. Does anyone have any thoughts about what could be
causing this?
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >