While this is by design not possible, in this short video we demonstrate how to configure access to resources on the local and remote repositories that are aggregated within a virtual repository in order to achieve this goal.
Let’s see how it looks. I have set up an Artifactory instance with two local repositories, Repo A and Repo B will be, and one virtual repository called filter repo that basically aggregates both local repositories. I’ve also created to users called User A and User B and permission targets that grant permissions accordingly. So in Repo A, permission targets and granting read permissions for User A to access resources on Repo A, and in the Repo B permission targets I’m granting read permissions for User B to access resources on Repo B. So going back to the artifacts you logged in as an admin user, of course, I can see both repositories and I’ve deployed files into repository A called file in Repo A and in Repo B of course I have file in Repo B. Looking in the virtual repository view, I can see both files aggregated in a circle, single layer repository. So let’s run some curl commands to see how it looks like.
In this example, I’m running the curl command as User A, trying to access the virtual repository and trying to download file in Repo A. In this case, the request succeeded because User A has permissions for Repo A, but if I change the file name, trying to access file in Repo B, which as you recall, is inside Repo B, the request fails with a 403, saying download request for Rebel Beth, Repo B is forbidden for use, User A. So if I go to the curl command and switch user to User B, trying to access file in Repo B, the request succeeds. And again, if I switch the file to filing Repo A still using User B, you guessed it, it fails with 403, forbidden for user, User B. Let’s see how this looks in the UI when I’m logging out of the admin view and logged in as one of the users. So I’m logging in with User A.
And you can see that in the artifact view, I have view of only one repository and only one file looking inside the virtual repository, I have access only to file in Repo A, and of course, if I log in with User B, I will only be able to access file in Repo B. That was my video on field trip repository permissions. Thanks for watching, and I hope you enjoyed. Feel free to leave your comments, feedback, or questions in the comments section below.