[
https://jira.codehaus.org/browse/MRM-1170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=365534#comment-365534
]
Olivier Lamy commented on MRM-1170:
-----------------------------------
@Jonathan JIra will be migrated to Apache instance. When? I don't know :-)
> Add a new role for "Delete artifact"
> ------------------------------------
>
> Key: MRM-1170
> URL: https://jira.codehaus.org/browse/MRM-1170
> Project: Archiva
> Issue Type: Bug
> Affects Versions: 1.2
> Environment: Repository on Unix
> Reporter: Sonia Lodovichetti
> Assignee: Olivier Lamy
> Fix For: 2.2.1
>
> Attachments: MRM-1170.patch
>
>
> It would definitely be a must to add a role for "delete artifact" and not
> encapsulate in the Repository Manager role, maybe a Read-Write-Delete-Upload?
> permission style.
> Here is my use case:
> Here is the use case:
> With Archiva 2.1, there is now the "Delete Artifact" possibility in the UI,
> as long as you are a "Repository Manager", you have access to it. In the
> past, we used the "guest" logon for everyone which was "Repository manager"
> for our snapshots and development repositories, hence no username/password in
> the settings.xml file. And everyone could deploy to those repositories, and
> from the command-line (mvn deploy or mvn deploy:deploy-file) .
> Now we don't want everyone to go to the UI and have the possibility to delete
> artifacts from those repositories, so we can't give "guest" the "Repository
> manager" role for those repositories anymore, because if we do the "delete
> Artifact" functionality is enabled.
> We've then created a "deployment" user which has those roles, add it to the
> settings.xml file and make sure to find a way to "hide" the password!
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)
