G-Node / gin-proc

BSD 3-Clause "New" or "Revised" License
0 stars 7 forks source link

Review uses of username as repository owner #55

Open achilleas-k opened 5 years ago

achilleas-k commented 5 years ago

In some cases the service assumes that the logged in user is also the owner of the repository and uses the username of the logged in user to construct the repository path for API calls. This isn't always necessarily true. Users can enable builds and write configurations for collaborative repositories (either through sharing or as part of an organisation.

We should review all cases where the current user's username is used to infer the repository full name.