diff options
| author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-07-03 11:43:40 +0100 |
|---|---|---|
| committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-07-03 11:43:40 +0100 |
| commit | 79a981e5120e4708dfcf2a266fd7ed1743391ee6 (patch) | |
| tree | e99d7dfdbc75a16a07f88349ede8db6c23676507 /example | |
| parent | 9e9591d71992cc4e49c77ff1193b641488a65e35 (diff) | |
| download | gitano-79a981e5120e4708dfcf2a266fd7ed1743391ee6.tar.gz | |
EXAMPLE: Update rules to include destroy repo and rename repo and various other bits which got lost
Diffstat (limited to 'example')
| -rw-r--r-- | example/gitano-admin/rules/core.lace | 6 | ||||
| -rw-r--r-- | example/gitano-admin/rules/createrepo.lace | 5 | ||||
| -rw-r--r-- | example/gitano-admin/rules/defines.lace | 2 | ||||
| -rw-r--r-- | example/gitano-admin/rules/destroyrepo.lace | 6 | ||||
| -rw-r--r-- | example/gitano-admin/rules/renamerepo.lace | 6 |
5 files changed, 23 insertions, 2 deletions
diff --git a/example/gitano-admin/rules/core.lace b/example/gitano-admin/rules/core.lace index 3f400b1..5e927f9 100644 --- a/example/gitano-admin/rules/core.lace +++ b/example/gitano-admin/rules/core.lace @@ -25,6 +25,12 @@ allow "Owners can set HEAD" is_owner op_sethead # Site-defined rules for repository creation include global:createrepo op_createrepo +# Site-defined rules for repository renaming +include global:renamerepo op_renamerepo + +# Site-defined rules for repository destruction +include global:destroyrepo op_destroyrepo + # Site-defined rules for project repositories include global:project diff --git a/example/gitano-admin/rules/createrepo.lace b/example/gitano-admin/rules/createrepo.lace index 719323c..9085706 100644 --- a/example/gitano-admin/rules/createrepo.lace +++ b/example/gitano-admin/rules/createrepo.lace @@ -4,8 +4,9 @@ # so this is for non-admins. # Uncomment the following to allow repositories in personal/username/ -define repo_is_personal repository ~^personal/${user}/ -allow "Personal repo creation is okay" repo_is_personal + +# define repo_is_personal repository ~^personal/${user}/ +# allow "Personal repo creation is okay" repo_is_personal # Otherwise the default is that non-admins can't create repositories deny "Repository creation is not permitted." diff --git a/example/gitano-admin/rules/defines.lace b/example/gitano-admin/rules/defines.lace index 3e4a6ac..b316177 100644 --- a/example/gitano-admin/rules/defines.lace +++ b/example/gitano-admin/rules/defines.lace @@ -39,6 +39,8 @@ define op_is_admin anyof op_user op_group define op_read operation read define op_write operation write define op_createrepo operation createrepo +define op_renamerepo operation renamerepo +define op_destroyrepo operation destroyrepo define op_setowner operation setowner define op_sethead operation sethead diff --git a/example/gitano-admin/rules/destroyrepo.lace b/example/gitano-admin/rules/destroyrepo.lace new file mode 100644 index 0000000..fd02547 --- /dev/null +++ b/example/gitano-admin/rules/destroyrepo.lace @@ -0,0 +1,6 @@ +# Rules related to the destroying of repositories + +# For now, owners may destroy repositories +allow "You may destroy your own repositories" op_destroyrepo is_owner + +deny "You may not destroy repositories you do not own" diff --git a/example/gitano-admin/rules/renamerepo.lace b/example/gitano-admin/rules/renamerepo.lace new file mode 100644 index 0000000..946d544 --- /dev/null +++ b/example/gitano-admin/rules/renamerepo.lace @@ -0,0 +1,6 @@ +# Rules related to renaming repositories + +# For now, owners may rename their repositories +allow "Owners may rename repositories" op_renamerepo is_owner + +deny "You may not rename a repository you do not own" |