Uploaded image for project: 'Crucible'
  1. Crucible
  2. CRUC-797

Visibility of Crucible SCM Plugin Repositories

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      The FishEye repos are only visible (i.e. returned by getRepositories()) when the current principal has access to it. However, the repositories provided through plugin (light) scm modules are always returned, even to anonymous users.

      The SCMRepository interface has an isAvailable(Principal) method that is poorly documented. We currently just include the return value in the RepositoryData instance that is returned through the API, but it's not used for access control. What's the intended use for this method? Is it to allow plugin writers to restrictively allow access to repos? If so, we should enforce it in the api and document it as such. If not (after all, shouldn't access control be handed by Crucible itself?), then why pass the Principal to isAvailable()?

      Attachments

        Activity

          People

            Unassigned Unassigned
            evzijst Erik van Zijst (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: