Example Scenario:

ARTIFACTORY: How to differentiate between Read and Deploy/Cache permission when downloading files

AuthorFullName__c
Marwa Sharif
articleNumber
000006033
ft:sourceType
Salesforce
FirstPublishedDate
2024-02-19T12:20:33Z
lastModifiedDate
2024-02-19T12:24:52Z
VersionNumber
1
Let's explore a scenario where a file is downloaded under different user permissions:

Admin User Download:
  • Initially, the file is downloaded by an Admin user with both Read and Deploy/Cache permissions.
  • The file download is successful, demonstrating the capabilities granted by elevated permissions.
User-added image

Developer User Download:
Subsequently, the same file is downloaded by a Developer user with only Read permissions.
Despite lacking Deploy/Cache permissions, the Developer user can still download the file, showcasing the accessibility afforded by Read permissions.

User-added image

UI Representation:
In Artifactory's UI, both downloads are reflected, indicating successful retrieval of the file under different user permissions.

User-added image

However, challenges arise when attempting to download new files not present in local or remote cache repositories, such as NPM packages:

To download new files, Artifactory may need to retrieve them remotely, necessitating Deploy/Cache permissions, for example:

User-added image

Analysis of the artifactory-service.log entries highlight instances where a Developer user lacks the necessary Deploy/Cache permission, resulting in download failures for new files.
2024-01-17T10:38:45.148Z [jfrt ] [ERROR] [33d89b9f38091146] [.r.PypiRemoteIndexProvider:223] [tp-nio-8081-exec-121] - Could not retrieve remote index from https://pypi.org/simple/npm/: User developer is not permitted to deploy '.pypi/npm.html' into 'pypi-nexus-remote-cache:.pypi/npm.html'.
2024-01-17T10:38:45.159Z [jfrt ] [ERROR] [33d89b9f38091146] [.r.PypiRemoteIndexProvider:223] [tp-nio-8081-exec-121] - Could not retrieve remote index from https://pypi.org/simple/npm/: User developer is not permitted to deploy '.pypi/npm.html' into 'marwa-pypi-remote-cache:.pypi/npm.html'.

In conclusion, understanding the interplay between permissions and file downloads is essential for optimizing user experiences in Artifactory. It is imperative to ensure users are granted the appropriate permissions, including Deploy/Cache where necessary. By aligning permissions with user roles and responsibilities, organizations can foster efficient file management and streamline operations within Artifactory.