Mailinglist Archive: opensuse-buildservice (96 mails)

< Previous Next >
Re: [opensuse-buildservice] Denying source access?
Adrian,


Em 14/10/16 04:44, "Adrian Schröter" <adrian@xxxxxxx> escreveu:

First of all, I would like to remind the reason, why this check is there at
all.
We can not guarantee that you can't reach the source, because other
mechanics, eg
links pointing to that package can circumvant this check.

We know a persistent person will find a way around it, but this should defend
from the daily casual user ☺

Admins might ignore this, but you need to know the OBS internals to understand
if you are safe or not.

The reason I need to restrict access to the source of one specific Project is
because the customer is compiling some proprietary code from a hardware
supplier. They didn’t like the fact that the SRPMS were published automatically
on the their repository server. Instead of messing with the Publisher, I
thought using the sourceaccess tag would be more elegant.
Unfortunately, they only asked for this after the Project was already created
and populated with a few dozen packages.

Is there any place or API I could use to change this permission?

However, I saw that this code check indeed broke in 2.7 branch due to some
refactoring. The fix is here for git master:

https://github.com/openSUSE/open-build-service/pull/2232

Thanks for looking into this!

--
— Erico Mendonça
Dedicated Support Engineer
SUSE
Em 04/10/16 15:51, "Adrian Schröter" <adrian@xxxxxxx> escreveu:
On Dienstag, 4. Oktober 2016, 18:48:12 CEST wrote Erico Mendonca:
The check is actually in

app/controllers/source_controller.rb

def update_package_meta

at least when you see the change_package_protection_level error.
So, better double-check that your used user has really the Admin role:

osc api /person/$used_user


--

Adrian Schroeter
email: adrian@xxxxxxx

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284
(AG Nürnberg)
Maxfeldstraße 5                        
90409 Nürnberg
Germany





< Previous Next >