RepositoryService#countByProject does not take into account repositories that are publicly accesible

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Low
    • None
    • Affects Version/s: 2.5.0
    • Component/s: API - Java
    • Severity 3 - Minor
    • 0

      Given a user, user, and a test project, TEST with two repositories:

      • Repo test1 - user is granted REPO_READ permission
      • Repo test2 - public repo

      When called by user, RepositoryService.countByProject(TEST) would only return 1, not 2.

      Users don't technically have a permission on public repositories. Their ability to read the repo is implied. Unfortunately, several of the API calls don't handle this implicit permission grant (or AnonymousUsers) very well.

              Assignee:
              Unassigned
              Reporter:
              jhinch (Atlassian)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: