Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enterprise deactivated user repo visibility #1859

Closed
spalmurray-codecov opened this issue Jun 5, 2024 · 3 comments · Fixed by codecov/codecov-api#910
Closed

Enterprise deactivated user repo visibility #1859

spalmurray-codecov opened this issue Jun 5, 2024 · 3 comments · Fixed by codecov/codecov-api#910
Assignees

Comments

@spalmurray-codecov
Copy link

We noticed on qa.codecov.dev that as a deactivated user we could see public repos. We decided the following should be the expected behaviour:

  • If guest access if off, deactivated users should not be able to see anything (just like a guest).
  • If guest access is on, deactivated users should be able to see public repos, but not private repos.

Update the necessary components to match this behaviour.

Get in touch with @spalmurray-codecov if you need help setting up these situations locally!

@suejung-sentry
Copy link

suejung-sentry commented Aug 27, 2024

Hey @spalmurray-codecov , had a couple Qs!

  1. When you say "If guest access is off/on" - are you anticipating a new configuration env var like config.ALLOWS_GUEST_ACCESS or similar? We'd have to communicate to our self hosted folks they'd have to set that configuration value if so.

  2. For below-

If guest access if off, deactivated users should not be able to see anything (just like a guest).

On this - "just like a guest" - in cloud, "guests" (not logged in user) are able to see public repo. Are we looking to restrict the behavior for Enterprise only?

  1. Also maybe related - I see there is user.guest field (e.g., here), but it appears that field is just used to indicate in Pendo and LaunchDarkly that the user was not logged in at the time of some action being taken. Are we aiming to lift the usage spots of that designation, or will that word "guest" mean something else vs. what's desired in this ticket?

Thanks!

@spalmurray-codecov
Copy link
Author

Hi @suejung-sentry!

To clarify, this is all specifically for self-hosted/DEC.

  1. By "guest access" I mean the backend config value as discussed here: https://docs.codecov.com/docs/configuration#guest-access

  2. Yep - this is for self-hosted/DEC only. No changes to cloud behavior.

  3. By "guest" I mean a user who is not logged into Codecov.

lmk if you have any other questions!

@suejung-sentry
Copy link

suejung-sentry commented Sep 23, 2024

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants