If a user is on group1 but not group2, and a change is posted to group2, then the user will not be allowed to see the change. The reason is that there may be discussions from members on group2 that the user is not privy to. This is an intended design. When dealing with private review requests (due to private repositories or invite-only groups), Review Board becomes very restrictive on who has access. The owner of the review request must be explicit in who they want to bring in for discussion.
Christian -- Christian Hammond - chip...@chipx86.com Review Board - http://www.reviewboard.org Beanbag, Inc. - http://www.beanbaginc.com On Wed, Nov 13, 2013 at 4:32 AM, SenjorGes <gessi...@gmail.com> wrote: > > Hey, > > both groups are invite-only groups and review board is on version 1.7.18 > > > - Support ▾ <https://sdreview.protacon.com/dashboard/#> > - [image: Mikko Pulkkinen] Mikko > ▾<https://sdreview.protacon.com/account/preferences/> > > > > On Monday, 11 November 2013 23:15:36 UTC+2, Christian Hammond wrote: > >> Hi, >> >> Are either group1 or group2 invite-only groups? >> >> Also, what version of Review Board? >> >> Christian >> >> -- >> Christian Hammond - chi...@chipx86.com >> >> Review Board - http://www.reviewboard.org >> Beanbag, Inc. - http://www.beanbaginc.com >> >> >> On Mon, Nov 11, 2013 at 5:26 AM, SenjorGes <gess...@gmail.com> wrote: >> >>> Hey, >>> >>> I have noticed some problems with review groups and private >>> repositories. It seems access control doesn't work properly or is it me? >>> Scenario is this: >>> >>> - I have one SVN repository called repository1 and it's not publicly >>> accessible >>> - Review group named group1 has access to repository1 via admin panel >>> (admin panel -> repositories -> repository1 -> Review groups with access:) >>> - Also group2 has same access to that repository as group1 >>> - User1 belongs to group1 and User2 belongs to group2 >>> >>> So thats the setup, and the "problem" occuress when: >>> - User1 creates a review request (repository1) and sets group1 as the >>> group for the request >>> - Now if User2 tries to read the review request he/she gets access >>> denied >>> >>> So if you set repository to be private, only the selected group can view >>> the review request, and not all the groups which have access to the >>> repository via admin panel or am I missing something here? >>> >>> And if User2 is a superuser, then he/she can view the request. And this >>> only works if group2 have access to the repository. If I remove group2 from >>> the repository access list and user2 still have superuser rights, review >>> request will not open (Access Denied). >>> >>> --Ges >>> >>> >>> >>> >>> -- >>> Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ >>> --- >>> Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ >>> --- >>> Happy user? Let us know at http://www.reviewboard.org/users/ >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "reviewboard" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to reviewboard...@googlegroups.com. >>> >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> >> -- Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ --- Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ --- Happy user? Let us know at http://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
