Issue #3989: generateacls API endpoint should be restricted to pagure admins - pagure

pagure

#3989 generateacls API endpoint should be restricted to pagure admins

Closed: Won't Fix 5 years ago Opened 5 years ago by karsten.

In the description of pagure/api/project.py api_generate_acls is written that this would be restricted to pagure admins. On my local instance I can trigger acl generation as a normal user, though. The check for is_admin is missing in api_generate_acls.

Metadata Update from @karsten:
- Issue tagged with: bug, easyfix

5 years ago

pingou commented 5 years ago

Anyone can re-generate the gitolite ACL if they have the token which only admins can issue I believe

pingou commented 5 years ago

I'm going to close this ticket as won't fix.
- only admins can create the gitolite ACL allowing to use this API endpoint
- it was designed as such in purpose to allow people to process rcm-requests in Fedora (new package, new branch) without giving them full admin access.

Thanks for your ticket though, it's always good to double check these kinds of behavior :)

Metadata Update from @pingou:
- Issue close_status updated to: Won't Fix
- Issue status updated to: Closed (was: Open)

5 years ago

Metadata

Assignee

None

Tags

Blocking

None

Depending on

None

Priority

None

Milestone

None

pagure

Source Code

Documentation

#3989 generateacls API endpoint should be restricted to pagure admins Closed: Won't Fix 5 years ago Opened 5 years ago by karsten.

Metadata

easyfix bug

#3989 generateacls API endpoint should be restricted to pagure admins

Closed: Won't Fix 5 years ago Opened 5 years ago by karsten.