Non-owner users can't issue access tokens on repositories

Bug #2039669 reported by Andrei Gherzan
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself

Bug Description

I am interested in a setup where users can issue access tokens for HTTPS authentication even if they do not own a specific repository (they have read access, for example).

Here is a clear use case. User A owns a private repository R, A adds user B to subscribers (for access to Merge requests, for example), and sets a permission rule in R for B to write to a specific branch. Once this is done, user B cannot set its own access token to take advantage of authentication with access tokens. Navigating +access-tokens as user B in the UI returns:

Not allowed here
Sorry, you don't have permission to access this page or the information in this page is not shared with you.
You are logged in as B.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.