Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.2
-
None
-
None
-
Repository on Unix
Description
It would definitely be a must to add a role for "delete artifact" and not encapsulate in the Repository Manager role, maybe a Read-Write-Delete-Upload? permission style.
Here is my use case:
Here is the use case:
With Archiva 2.1, there is now the "Delete Artifact" possibility in the UI, as long as you are a "Repository Manager", you have access to it. In the past, we used the "guest" logon for everyone which was "Repository manager" for our snapshots and development repositories, hence no username/password in the settings.xml file. And everyone could deploy to those repositories, and from the command-line (mvn deploy or mvn deploy:deploy-file) .
Now we don't want everyone to go to the UI and have the possibility to delete artifacts from those repositories, so we can't give "guest" the "Repository manager" role for those repositories anymore, because if we do the "delete Artifact" functionality is enabled.
We've then created a "deployment" user which has those roles, add it to the settings.xml file and make sure to find a way to "hide" the password!
Attachments
Attachments
Issue Links
- is related to
-
MRM-1763 Provide custom roles for repository access
-
- Open
-