diff options
author | Richard Ipsum <richardipsum@fastmail.co.uk> | 2017-08-01 23:22:48 +0100 |
---|---|---|
committer | Richard Maw <richard.maw@gmail.com> | 2017-08-02 20:21:18 +0100 |
commit | 14beb9aedee9a17e59576ef68d59a3d3e1df26f2 (patch) | |
tree | 365e9c3dc84d5f99f2642be5f022842516a63a64 | |
parent | 673be50f291eb8976eca63b69d6eab73ea6de6f7 (diff) | |
download | gitano-14beb9aedee9a17e59576ef68d59a3d3e1df26f2.tar.gz |
ruleset: project.readers and project.writers
-rw-r--r-- | skel/gitano-admin/rules/defines.lace | 4 | ||||
-rw-r--r-- | skel/gitano-admin/rules/project.lace | 6 |
2 files changed, 10 insertions, 0 deletions
diff --git a/skel/gitano-admin/rules/defines.lace b/skel/gitano-admin/rules/defines.lace index 6043bac..ec3fbd1 100644 --- a/skel/gitano-admin/rules/defines.lace +++ b/skel/gitano-admin/rules/defines.lace @@ -112,3 +112,7 @@ define op_is_normal anyof op_fastforward op_createref op_deleteref define is_admin_repo repository exact gitano-admin define is_gitano_ref ref prefix refs/gitano/ define is_admin_ref ref exact refs/gitano/admin + +# Project readers and writers +define is_project_reader config/project/readers exact ${user} +define is_project_writer config/project/writers exact ${user} diff --git a/skel/gitano-admin/rules/project.lace b/skel/gitano-admin/rules/project.lace index aafa17c..3bcaf7e 100644 --- a/skel/gitano-admin/rules/project.lace +++ b/skel/gitano-admin/rules/project.lace @@ -28,6 +28,12 @@ # # Core project administration rules +allow "User is project reader" op_read is_project_reader + +allow "User is project writer" op_read is_project_writer +allow "User is project writer" op_write is_project_writer +allow "User is project writer" op_is_normal is_project_writer + # Admins already got allowed, so this is for non-admin users only allow "Owners can always read and write" op_is_basic is_owner |