On Wed, Aug 02, 2017 at 20:30:40 +0100, Richard Maw wrote:
+While Gitano allows arbitrarily complicated access control via
+and groups and repository prefix matching to manage large projects.
+This is overkill for installations with small numbers of repositories,
+small numbers of users and small numbers of repository permisison grants.
This sentence is split over two paragraphs.
+Instead Gitano supports adding users to project.readers and
+so the much simpler per-repository config can be used.
The language here feels a little clunky.
+This lookup is linear time, so don't try to scale it to large
numbers of users.
+If this becomes a problem add a group.
Good point. How about the whole thing being phrased as:
While Gitano allows arbitrarily complex accss control via Lace, and supports
group and repository prefix matching to manage large projects, these approaches
are often overkill for installations with small numbers of repositories, users,
and permission grants.
Instead, the default ruleset for Gitano also supports adding users, by name, to the
config lists "project.readers" and "project.writers" allowing a much
per-repository configuration approach.
Note: This lookup is linear time, so it won't scale to a large number of users.
Also it doesn't automatically get updated if users are added/deleted/renamed.
If any of that concerns you, take the time to use a proper group and Lace approach.
+ WHEN testinstance adminkey runs create testrepo
+ AND alice, using main, expecting failure, clones testrepo as testrepo
+ THEN stderr contains \(FATAL: Not authorised\|The requested URL returned error:
I don't know if we should depend on wget's message quite so strongly, but I
it'll be clear if something goes wrong on a wget update.
+Pushing works once the user is added to project.writer.
Daniel Silverstone http://www.digital-scurf.org/
PGP mail accepted and encouraged. Key Id: 3CCE BABE 206C 3B69