RBAC Content guards do not seem to work for distributions with pull-through caching

[Benzor94]

Version
Core: 3.95.2
Python plugin: 3.22.1

Describe the bug
After setting up a remote, a repository and a distribution, creating a RBAC content guard and applying it to the distribution, package downloading fails with 403 error even if supposedly valid credentials are provided.

To Reproduce

1. Set up the system and CLI as described in the tutorials.
2. Create remote, repository and distribution:

pulp python remote create --name pypi --url https://pypi.org/ --policy on_demand
pulp python repository create --name orgalorg-repo
pulp python distribution create --name orgalorg-dist --base-path orgalorg --repository orgalorg-repo --remote pypi

3. Create content guard and associate it with the distribution:

pulp content-guard rbac create --name python-guard
pulp python distribution update --name orgalorg-dist --content-guard core:rbac:python-guard

4. Create a venv and try to install something (note: the admin password is admin):

python -m venv .venv
source .venv/bin/activate
pip install --isolated --index-url http://admin:admin@localhost:8080/pypi/orgalorg/simple requests

5. Observe that the install request fails with 403 error.

6. Remove the content guard (pulp python distribution update --name orgalorg-dist --content-guard "") and do it again. Observe that the package gets installed successfully.

Expected behavior
Package should get installed since admin has full rights.

Additional context

• According to what I have seen in the docs, the crucial permission here is core.download_rbaccontentguard, which the admin user has by default. But I have also tested this by creating a new user and assigning to the user the content guard, which added the core.rbaccontentguard_downloader role to the user. It still failed.
• I also tried to use uv with the following settings:

[[tool.uv.index]]
name = "orgalorg"
url = "http://localhost:8080/pypi/orgalorg/simple"
default = true
authenticate = "always"

and with the UV_INDEX_ORGALORG_USERNAME=admin, UV_INDEX_ORGALORG_PASSWORD=admin env vars set. Also failed.

• There was no difference between trying to get a package that's not in the repository (but on the official PyPI), a PyPI package that was cached (for example by installing with the content guard disabled) and a hand-uploaded wheel. All failed.
• Note: I have not tested whether pull-through caching is responsible (i.e. if the same thing happens when the remote is disassociated from the distribution), but figured it might be relevant.

Error output:

(.venv) benzor@orgalorg:~/Projects/Local/dummyenv$ pip install --isolated --index-url http://admin:admin@localhost:8080/pypi/orgalorg/simple/ requests
Looking in indexes: http://admin:****@localhost:8080/pypi/orgalorg/simple/
Collecting requests
  ERROR: HTTP error 403 while getting http://orgalorg:8080/pulp/content/orgalorg/requests-2.32.5-py3-none-any.whl#sha256=2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6 (from http://localhost:8080/pypi/orgalorg/simple/requests/)

[notice] A new release of pip is available: 25.1.1 -> 25.3
[notice] To update, run: pip install --upgrade pip
ERROR: Could not install requirement requests from http://orgalorg:8080/pulp/content/orgalorg/requests-2.32.5-py3-none-any.whl#sha256=2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6 because of HTTP error 403 Client Error: Authentication credentials were not provided. for url: http://orgalorg:8080/pulp/content/orgalorg/requests-2.32.5-py3-none-any.whl for URL http://orgalorg:8080/pulp/content/orgalorg/requests-2.32.5-py3-none-any.whl#sha256=2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6 (from http://localhost:8080/pypi/orgalorg/simple/requests/)

Container logs for the transaction:

('pulp [26f59719cc57418f8317d00ab8538230]: ::1 - admin [30/Jan/2026:22:22:15 +0000] "GET /pypi/orgalorg/simple/requests/ HTTP/1.0" 200 83127 "-" "pip/25.1.1 {\"ci\":null,\"cpu\":\"x86_64\",\"distro\":{\"libc\":{\"lib\":\"glibc\",\"version\":\"2.42\"},\"name\":\"Fedora Linux\",\"version\":\"43\"},\"implementation\":{\"name\":\"CPython\",\"version\":\"3.14.2\"},\"installer\":{\"name\":\"pip\",\"version\":\"25.1.1\"},\"openssl_version\":\"OpenSSL 3.5.4 30 Sep 2025\",\"python\":\"3.14.2\",\"system\":{\"name\":\"Linux\",\"release\":\"6.18.6-200.fc43.x86_64\"}}"',)
::1 [30/Jan/2026:22:22:15 +0000] "GET /pulp/content/orgalorg/requests-2.32.5-py3-none-any.whl HTTP/1.0" 403 246 "-" "pip/25.1.1 {"ci":null,"cpu":"x86_64","distro":{"libc":{"lib":"glibc","version":"2.42"},"name":"Fedora Linux","version":"43"},"implementation":{"name":"CPython","version":"3.14.2"},"installer":{"name":"pip","version":"25.1.1"},"openssl_version":"OpenSSL 3.5.4 30 Sep 2025","python":"3.14.2","system":{"name":"Linux","release":"6.18.6-200.fc43.x86_64"}}"

(note no error appears in the container logs)

[Benzor94]

I also tried it now without having a remote set up and I still get 403 error, so proxying/pull-through caching is not responsible for this.