> > > The thing about doing this on the user side is (as always) that you can't > > really be 100% sure it's taking place. Doing it on the server is safer. > > > > Doing both is safer yet :-) Problem is I want to ensure 2 things: > - only specific users have deployment rights on release > - unicity of deployed artifacts in release mode is guaranteed even for > authorized deployers >
I don't see why this can't be done on the server side. I normally never even think about doing stuff on the client side if I want to ensure it to always happen. > > > Regarding Nexus and allowing the role to update the metadata file: It > (the > > metdata file) has to be updated when you add new artifacts. So the role > of > > the person deploying the new artifact must have that permission. > > > > Sure, but the given FAQ entry creates a specific role w/ only "Update > Metadata" rights, so this role cannot update artifacts themselves but > only their metadata. What's the point of doing this ? > > That's not how I read the FAQ entry. The role has permission to create and read as well. But, I'm waiting for Nexus 1.4 to do this instead. /Anders
