Sebastian
opened 9 months ago
-
~siteis something like GitHub/GitLab pages and is public to everyone.As to latter issue, please file a separate improvement request.
-
Ah, I see, so this is intended behaviour. Okay, I guess I will just move the files to a different machine then.
Issue for part II has been created.
Thanks,
Sebastian -
Previous Value Current Value Open
Closed
-
@sebastian Never tried it, but: If you publish your files using
publish artifactinstead ofpublish sitethey are available for download as part of your build (dedicated tab) and thus should be affected by project permissions. Someone who cannot access the project / builds should not be able to download the artifacts attached to a build. If that is not enough and you want a public download website for easier access you could publish links to these build artifacts and only people with access to the project can download the file. -
Right, good point! We're using it for Doxygen results, in which case this likely won't work, but we also plan to publish build artifacts in which case we will make use of this. Good to know that those are actually protected, thanks!
| Type |
Question
|
| Priority |
Normal
|
| Assignee | |
| Labels |
No labels
|
Hi Robin,
we have a couple of restricted repositories in our system for which we still would like to publish artifacts. Unfortunately,
~siteis available for anyone, no matter if they have access to the repo or not. Is there a way to make these only available to users with the appropriate permissions?Furthermore, OneDev will tell users if a repository exists and they just don't have access to it or if the repo does not exist at all (for example in the resulting error message:
You are not allowed to perform this operation(403) vsDatabase entity not found(404)). Would it be possible to add an option to make repos truly "private", i.e. such that unauthorized users can not determine if a certain repo exists at all, or is there even already such an option and I just missed it?Thanks,
Sebastian