dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard

Published 20 hours ago verified publisher icon DependencyTrack

Permissions do not follow the evolution of the project versions

Open step50 opened this issue 2 years ago • 1 comments

Current Behavior:

The permissions do not follow the evolution of the project versions

Steps to Reproduce:

  • Create a project with N teams in version 1.0.0
  • menu "Portfolio Access Control", the N teams are affected to the project (section 'Project access')
  • menu "Project", we have one line for this project
  • menu "Project Detail", select 'Add version' and create a new version for this project 1.0.1 with the all include parameters (tags, properties, components, services, audit history)
  • menu "Project", we have now 2 lines for this project. The first line with the version 1.0.0 and a second with 1.0.1
  • menu "Portfolio Access Control", the N teams are affected only to the project with the version 1.0.0 (section 'Project access') , not the project with the version 1.0.1

Expected Behavior:

  • Create a project with N teams in version 1.0.0
  • menu "Portfolio Access Control", the N teams are affected to the project (section 'Project access')
  • menu "Project", we have one line for this project
  • menu "Project Detail", select 'Add version' and create a new version for this project 1.0.1 with the all include parameters (tags, properties, components, services, audit history). Need to add a parameter for permissions ?
  • menu "Project", we have now 2 lines for this project. The first line with the version 1.0.0 and a second with 1.0.1
  • menu "Portfolio Access Control", the N teams are affected to the project with the version 1.0.0 (section 'Project access') AND the the version 1.0.1

OR

  • Create a project with N teams in version 1.0.0
  • menu "Portfolio Access Control", the N teams are affected to the project (section 'Project access')
  • menu "Project", we have one line for this project
  • menu "Project Detail", select 'Add version' and create a new version for this project 1.0.1 with the all include parameters (tags, properties, components, services, audit history). Need to add a parameter for permissions ?
  • menu "Project", we have ONLY 1 line for this project. The choice to select a specific version is available in the project itself
  • menu "Portfolio Access Control", the N teams are affected to the project (no permission per version ?)

Question : maybe the same behavior for automatic creation by maven for example ?

Environment:

  • Dependency-Track Version: 4.3.2
  • Distribution: Docker
  • BOM Format & Version: All
  • Database Server: PostgreSQL
  • Browser: Chrome / FireFox

Additional Details:

step50 avatar May 17 '22 10:05 step50

duplicate of #1534.

valentijnscholten avatar May 18 '22 18:05 valentijnscholten

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

github-actions[bot] avatar Dec 07 '22 10:12 github-actions[bot]