diff options
Diffstat (limited to 'gitano-admin/rules/project.lace')
-rw-r--r-- | gitano-admin/rules/project.lace | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/gitano-admin/rules/project.lace b/gitano-admin/rules/project.lace deleted file mode 100644 index aa5e1e2..0000000 --- a/gitano-admin/rules/project.lace +++ /dev/null @@ -1,38 +0,0 @@ -# _____ -# |_ _| __ _____ _____ -# | || '__/ _ \ \ / / _ \ -# | || | | (_) \ V / __/ -# |_||_| \___/ \_/ \___| -# -# Copyright 2012 Codethink Limited -# -# Core project administration rules - -# Admins already got allowed, so this is for non-admin users only -allow "Owners can always read and write" op_is_basic is_owner repo_is_personal - -# Any non-gitano-admin repo is readable to the lorry user and the worker group -allow "Lorry may read" op_read is_lorry lorryable_repo -allow "Workers may read" op_read !is_admin_repo is_worker - -# Force /baserock and /delta to always be anon-readable which means git:// will -# work. This is part of the core ruleset for Baserock because /baserock/ and -# /delta/ are always open source. -define is_baserock_repo repository ~^baserock/ -define is_delta_repo repository ~^delta/ -define is_opensource_repo anyof is_baserock_repo is_delta_repo - -allow "Anonymous access always allowed" op_read !is_admin_repo is_opensource_repo - -# Project remote-configuration rules (set-head etc) -include global:remoteconfigchecks op_is_config - -# Okay, if we're altering the admin ref, in we go -include global:adminchecks is_admin_ref - -# Now we're into branch operations. -# Owners of personal repositories can do any reffy operation -allow "Owners can create refs" op_is_reffy is_owner repo_is_personal - -include global:trove-project repo_is_local_project -include global:other-project lorryable_repo |