Empty browse list when using Content Selector

[saitho]

Thanks for creating an issue! Please fill out this form so we can be sure to have all the information we need, and to minimize back and forth.

• What are you trying to do?

I'd like to allow a user only to read and browse certain versions of a package (version 1.0. and 2.). I created the following content selector and a privilege on the composer repository with "browse,read" actions.

format == "composer" and path =~ "^vendor/package/(1\.0\..*|2\..*)"

The preview on the content selector shows me the correct packages. When I log into the user with that privilege, he can access the composer repository in the Browse view but it does not show any packages.

I haven't tried reading the package via Composer yet, will try.

• What feature or behavior is this required for?

Access control to packages

• How could we solve this issue? (Not knowing is okay!)

No idea, as I don't know how Nexus plugins work.

• Anything else?

I'm currently running Nexus 3.24.0-02 with the latest master of this repository (0d1eb84). Before I was running with Nexus 3.20 (and commit 6727417 of this repository) - it also didn't work there.

[saitho]

I haven't tried reading the package via Composer yet, will try.

Just tried it - it failed:

Invalid credentials for 'https://my-nexus-instance.dev/repository/composer-hosted/packages.json', aborting. https://my-nexus-instance.dev/repository/composer-hosted could not be fully loaded, package information was loaded from the local cache and may be out of date

Same user with read access to full Composer repository works fine. Using the limited read access via Content Selector does not.

[saitho]

Nevermind. I missed the last note in the documentation for Content Selectors. I need to allow access to the parent directories like so: format == "composer" and path =~ "^/vendor/|/vendor/package/|/vendor/package/(1\.0\..*|2\..*)"