Status: Closed (View Workflow)
Affects Version/s: 7.3.0, 7.6.0, 7.5.2
Component/s: Administration - Global Permissions
Support reference count:5
Symptom Severity:Severity 2 - Major
Bug Fix Policy:
User has access to project and repository after global permission has been removed.
Conversely, a user in this affected state will be greeted with "permission denied" even after the global permission has been re-granted to the user.
- Tested on 7.5 and 7.3
- Create group
- Create project and add the new group to write to it
- Create repo in project and push a file to it
- Add user to group and make sure the user can see a file
- Remove user from group
- Refresh page to see that file. Initially you'll get 403s but after trying a few times you get a 200 and are able to view the file
- the user should not have access when removed from the group
- the user should have access when added to the group
- The user can click the refresh buttons enough times until a pop up is displayed that states "User not permitted - You are not permitted to access this resource"
- The pop up has a "back to dashboard" button and a "close" hyperlink
- The user can click the "close" hyperlink and now has access to the repo
Add the following to bitbucket.properties and restart