SSH Certificates: Users with minimal access in the group cannot authenticate
Overview
Authentication via SSH certificates has been implemented within Add support for git access control via SSH cert... (&10662 - closed)
- A user has
Developer
permission in the repo - The user has
Minimal
access to the group - The user tried to auth via SSH certificates and fails
Problem
When information about a user and a certificate is being found, we explicitly check whether the group has user. This check verifies whether the user is among the group members. And the users with minimal access are excluded from this association.
Solution
A potential solution is to use all_group_members
instead, but the Security perspective of the change must be taken into account, so discussing with AppSec is recommended.