What problem are you trying to solve?
After updating to 3.68.1, the anonymous user can no longer browse repositories, which is granted permission using content selectors.
Do you have a workaround you are using at present?
No
What feature or behavior is this required for?
Browsing repositories
How could we solve this issue? (Not knowing is okay!)
Tell us about your Nexus Repository deployment: what version, operating system, and database are you using?
Standalone docker container, version 3.68.1.
Anything else?
This seems to have been introduced in 3.68.0 (the steps bellow work in previous version)
Login, go through the wizard and enable anonymous access
Create a new raw hosted repository and upload a couple of files e.g. /foo/bar/test-1.txt and /biz/baz/test-2.txt
Create a content selector with the following
format == "raw" and path =^ "/foo"
this also doesn't work
format == "raw" and path =~ "/|/foo|/foo/bar|/foo/bar/.*"
Create a privilege using that content selector and specify the browse and read actions
Create a new role and assign the privilege to it
Go to Users > anonymous and assign the new role, but also remove nx-anonymous
Logout and try to browse the repository
Now when the user tries to browse the repositories it should see our repository and the file test-1.txt, instead it doesn't see anything.
It seems that only the anonymous user is affected. If you create a new local user and assign the same role - the user will be able to browse the repository.
Adding the nx-repository-view-raw-my-repo-browse causes the repository contents to be visible, but the content selector is completely ignored. The browse action from the privilege seems not to be applied.
What problem are you trying to solve? After updating to 3.68.1, the anonymous user can no longer browse repositories, which is granted permission using content selectors.
Do you have a workaround you are using at present? No
What feature or behavior is this required for? Browsing repositories
How could we solve this issue? (Not knowing is okay!)
Tell us about your Nexus Repository deployment: what version, operating system, and database are you using? Standalone docker container, version 3.68.1.
Anything else? This seems to have been introduced in 3.68.0 (the steps bellow work in previous version)
Steps to reproduce:
docker volume create nexus
docker container run --rm -it -p 8081:8081 --name nexus -v nexus:/nexus-data sonatype/nexus3:3.68.1
raw
hosted repository and upload a couple of files e.g./foo/bar/test-1.txt
and/biz/baz/test-2.txt
this also doesn't work
browse
andread
actionsnx-anonymous
Now when the user tries to browse the repositories it should see our repository and the file test-1.txt, instead it doesn't see anything.
It seems that only the anonymous user is affected. If you create a new local user and assign the same role - the user will be able to browse the repository.