Issue we are having is even though a user does not have access to the project, TAC still downloads the content of the project from bit bucket onto user's system. We are using Talend enterprise version 6.4.1 with TAC & Here is the setup we have:
We are using one bitbucket repository that contain multiple projects & controlling individual project access through TAC
TAC admin created separate Dev Branch from Master Branch for developers per project to work on using Branch management feature from TAC
Now when UserC use Talend studio to connect, UserC is only able to see project that they have access to that is ClientC project however seems like talend is downloading all other projects onto users local file system.
UserC was able to export job files into Talend studio for ClientA & ClientB from their filesystem. This is very critical bug that allows user to access the project files that they are not supposed to have access to.
Any one came across this issue? how did you tackle this issue except creating separate repo per project per user as with this limitation, TAC project authorization doesnt make sense.
Please report this through our support. They will get R&D to verify if it is a bug or not. Generally, the best practice is to have 1 project per Git repository. Or a couple of projects per Git Repository if they are linked together through Project References.
Since your code is for different clients, the best is to separate them by Git repositories. When a branch or tag is applied in Git (through Talend), it will apply to all projects in that Git repository, i.e. your tag or branch will apply to even projects you do not want. I have seen this behaviour in git. Maybe that's why other projects from the same git repository is downloaded together even if it is not opened.
Thanks for your response,
Could you please have look at my question below & respond to that as well?
that is somehow linked with this issue & resolution on that could help fix for this issue.
@nmodi please share the jira id you have reported it as.
As for the issue itself: we will not be able to fix it as such if you indeed have the same git repository hosting different Talend projects all developers not matter the Talend project authorization will have file level access. See e.g. this stackoverflow post: https://stackoverflow.com/questions/13248246/git-branch-permissions.
Thus we highly recommend to follow @iburtally best practice.