Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-4131

Authorisation mechanism does not work on sub-views -> managing roles on sub-views should not be allowed

    XMLWordPrintable

    Details

      Description

      Indeed, Project#resource_id_for_authorization and Snapshot#resource_id_for_authorization methods return always the ID of the "root project". But in the case of sub-views, it should not.

      But instead of fixing this bug we must simply remove this ability to define a dedicated authorization policity on a sub-view. More generally, it should not be possible to define an authorization policy on a resource which is not the root of a snapshot tree.

        Attachments

          Activity

            People

            Assignee:
            julien.lancelot Julien Lancelot
            Reporter:
            fabemn OLD - Fabrice Bellingard
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: