From 79a981e5120e4708dfcf2a266fd7ed1743391ee6 Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <dsilvers@digital-scurf.org>
Date: Tue, 3 Jul 2012 11:43:40 +0100
Subject: EXAMPLE: Update rules to include destroy repo and rename repo and
 various other bits which got lost

---
 example/gitano-admin/rules/core.lace        | 6 ++++++
 example/gitano-admin/rules/createrepo.lace  | 5 +++--
 example/gitano-admin/rules/defines.lace     | 2 ++
 example/gitano-admin/rules/destroyrepo.lace | 6 ++++++
 example/gitano-admin/rules/renamerepo.lace  | 6 ++++++
 5 files changed, 23 insertions(+), 2 deletions(-)
 create mode 100644 example/gitano-admin/rules/destroyrepo.lace
 create mode 100644 example/gitano-admin/rules/renamerepo.lace

(limited to 'example')

diff --git a/example/gitano-admin/rules/core.lace b/example/gitano-admin/rules/core.lace
index 3f400b1..5e927f9 100644
--- a/example/gitano-admin/rules/core.lace
+++ b/example/gitano-admin/rules/core.lace
@@ -25,6 +25,12 @@ allow "Owners can set HEAD" is_owner op_sethead
 # Site-defined rules for repository creation
 include global:createrepo op_createrepo
 
+# Site-defined rules for repository renaming
+include global:renamerepo op_renamerepo
+
+# Site-defined rules for repository destruction
+include global:destroyrepo op_destroyrepo
+
 # Site-defined rules for project repositories
 include global:project
 
diff --git a/example/gitano-admin/rules/createrepo.lace b/example/gitano-admin/rules/createrepo.lace
index 719323c..9085706 100644
--- a/example/gitano-admin/rules/createrepo.lace
+++ b/example/gitano-admin/rules/createrepo.lace
@@ -4,8 +4,9 @@
 # so this is for non-admins.
 
 # Uncomment the following to allow repositories in personal/username/
-define repo_is_personal repository ~^personal/${user}/
-allow "Personal repo creation is okay" repo_is_personal
+
+# define repo_is_personal repository ~^personal/${user}/
+# allow "Personal repo creation is okay" repo_is_personal
 
 # Otherwise the default is that non-admins can't create repositories
 deny "Repository creation is not permitted."
diff --git a/example/gitano-admin/rules/defines.lace b/example/gitano-admin/rules/defines.lace
index 3e4a6ac..b316177 100644
--- a/example/gitano-admin/rules/defines.lace
+++ b/example/gitano-admin/rules/defines.lace
@@ -39,6 +39,8 @@ define op_is_admin anyof op_user op_group
 define op_read operation read
 define op_write operation write
 define op_createrepo operation createrepo
+define op_renamerepo operation renamerepo
+define op_destroyrepo operation destroyrepo
 define op_setowner operation setowner
 define op_sethead operation sethead
 
diff --git a/example/gitano-admin/rules/destroyrepo.lace b/example/gitano-admin/rules/destroyrepo.lace
new file mode 100644
index 0000000..fd02547
--- /dev/null
+++ b/example/gitano-admin/rules/destroyrepo.lace
@@ -0,0 +1,6 @@
+# Rules related to the destroying of repositories
+
+# For now, owners may destroy repositories
+allow "You may destroy your own repositories" op_destroyrepo is_owner
+
+deny "You may not destroy repositories you do not own"
diff --git a/example/gitano-admin/rules/renamerepo.lace b/example/gitano-admin/rules/renamerepo.lace
new file mode 100644
index 0000000..946d544
--- /dev/null
+++ b/example/gitano-admin/rules/renamerepo.lace
@@ -0,0 +1,6 @@
+# Rules related to renaming repositories
+
+# For now, owners may rename their repositories
+allow "Owners may rename repositories" op_renamerepo is_owner
+
+deny "You may not rename a repository you do not own"
-- 
cgit v1.2.1