You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Sep 30, 2024. It is now read-only.
[Backport 5.1] [permissions] Revert default behaviour for explicit permissions (#54439)
With the switch to the `user_repo_permissions` table, the default
behaviour for explicit permissions changed. Previously, if explicit
permissions API was enabled, then all repositories would be treated as
restricted, regardless of code host connection configurations.
The `user_repo_permissions` table allows us to run permissions syncs and
explicit permissions in parallel, but the default behaviour was to have
code host connections be marked as unrestricted, unless authorization is
enabled. However, not all code hosts support authorization, leading to
connections that are always left unrestricted, even if explicit
permissions are being used.
This PR reverts the default behaviour back to treating a repository as
restricted if explicit permissions are enabled.
## Test plan
Added unit tests for the new Unrestricted logic. Also tested locally
with an "Other Git code host" connection.
<!-- All pull requests REQUIRE a test plan:
https://docs.sourcegraph.com/dev/background-information/testing_principles
-->
<br> Backport 5ad2474 from #54419
Co-authored-by: Petri-Johan Last <[email protected]>
Copy file name to clipboardExpand all lines: CHANGELOG.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,7 +26,7 @@ All notable changes to Sourcegraph are documented in this file.
26
26
27
27
### Fixed
28
28
29
-
-
29
+
- Fixed the default behaviour when the explicit permissions API is enabled. Repositories are no longer marked as unrestricted by default. [#54419](https://github.com/sourcegraph/sourcegraph/pull/54419)
Copy file name to clipboardExpand all lines: doc/admin/permissions/index.md
+1-3Lines changed: 1 addition & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -112,7 +112,7 @@ of `alice` are the following union set: [`horsegraph/global`, `horsegraph/hay-v1
112
112
1. Go to **Site Admin > Migrations** page. There is a migration called `Migrate data from user_permissions table to unified user_repo_permissions.`.
113
113
Make sure that it finished migrating all the data (it reports as 100%). Contact support if the migration does not seem to complete for a long time (multiple days).
114
114
115
-
1. Enable the experimental feature in the [site configuration](../config/site_config.md):
115
+
1.(Not required for Sourcegraph 5.1+) Enable the experimental feature in the [site configuration](../config/site_config.md):
116
116
```json
117
117
{
118
118
"experimentalFeatures": {
@@ -122,8 +122,6 @@ Make sure that it finished migrating all the data (it reports as 100%). Contact
122
122
}
123
123
```
124
124
1. Continue [configuring the explicit permissions API](api.md#configuration) as you would before.
125
-
Both mechanisms work at the same time, thanks to a new behind the scenes data model that allows
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments