Permissions related question #207
Comments
|
"why do I need to set repos as private when the entire Gogs installation is private, that shoud be enough" By example, in our company : we don't want that repo A was visible from users who only have read permission on repo B. We also use this feature to hide a lot a repos from trainees or to hide "non android" projects to Android developers. Private Gitea instance ==> Must be registered to see something |
lunny
added
type/bug
topic/security
|
^ The same word |
|
Hello @0xBAADF00D, "why do I need to set repos as private when the entire Gogs installation is private, that shoud be enough" ==> my mistake I did not finish this sentence, I forgot to get rid of it prior to posting... Yes, that's my point. I have my internal devs, they're in my MyTeam team and should have access to all repos of my MyOrg organisation. That's why I use private repos on my org. So the two issues I can see here are :
Thanks |
|
I add a comment in the issue because it is related : So my guess would be to :
That would make me very happy and I can't imagine I'm the only one. I'm a good web developer and CTO and I'm mad at myself I don't know a thing about Go. I know exactly what should be modified and where in the sources, line by line, but it will take me so much time to do so and to understand how to develop on Gitea... :( I couldn't find a tuto on how to build the master branch with live reload. If anyone has this, I might be interested. Thanks a lot |
|
I'm almost done with:
I'll create a PR tomorrow |
|
@Bwko awesome, thanks. You're fast. |
|
On Tue, Nov 22, 2016 at 12:26:34AM -0800, axeloz wrote:
How do you set a dev environment ?
See https://golang.org/doc/install
Once you're setup (Go installed and GOPATH env variable set)
you'd do:
```
go get code.gitea.io/gitea
cd $GOPATH/src/code.gitea.io/gitea
./gitea web
```
|
|
Thanks @strk does it include a file watcher which will recompile when I update the code? Or should I rerun the server each time? |
|
The commands I showed do not include a file watcher. |
|
OK thanks,
|
|
Any file watcher included |
|
@Bwko thanks for the pull request, nice piece of work. Hopefully it will be merged soon. Also, did you guys have the time to consider my last point?
I think Bitbucket model is easier to understand and to manage than Gitea's model. Axel |
|
I'll look into that. I hope to create a PR in a couple of days |
|
Hello @ALL, sorry for bringing that up again. I understand the search in private repo and ordering will be fixed soon. What's about the team permission related question I asked? @Bwko you said you would create a pull request soon but I don't think you did, right? Are you still considering this point? It's very time consuming to add each repo to each team who should have access to it. When you have 40 repos and 2 teams, you must replicate this action 80 times. Thanks a lot |
|
@axeloz The search in private repo feature is already added to the latest master . I haven't had the time to create a PR for this issue. I hope to create a PR in a couple of days/ weeks. |
Hi there,
FYI : I have added the same question on Gogs official repo as both projects are linked.
Not really a bug but a question about the permissions : they are not very clear to me, am I the only one?
I want to use Gogs as a private repositories hosting app. When installing Gogs, I have set in the options that Gogs is private, no registration, no public page. This part works.
I have created an organisation named MyOrg and I have created 10 repositories whose owner is MyOrg (not me). When visiting the "Explorer" page as me (admin), I can list my 10 repos.
Then I have created a team MyTeam in MyOrg with write permission in which I have added an user "user1". And I have created another user "user2" with no team.
When logging as "user2", this user could see the 10 repos in "Explorer". I was at first surprised because this user does not belong to any organisation nor team then I realized that I had to set "Private" in the repo settings. Doing so, "user2" could not see any repo any longer, which was good.
When logging as "user1", this user could not see any repo in "Explorer" despite it belongs to the team in the organisation. Also, even when browsing on the organisation page, it could not see any repo.
Once again, I realized I had to manually add each repo to the team and this is weird and time consuming. Doing so, the "user1" can now see the repos from the organisation page (but not from the "Explorer" page, which is weird). So I got to the point where my 10 repos are owned by me (Owner) and as a duplicate by the team (MyTeam). Plus adding a repo to a team is not very user-friendly as you must remember the name of the repo for autocompletion (so I did this in the database directly).
Finally, I was really surprised when I realized that me (Owner and admin) could not see any repo in Explorer any longer. I had to go through the organisation page.
Taking Bitbucket as an example, it is not the way Bitbucket works. Once a team is affected to an organisation, the team has permission to list and/or write (according to the given permission) on all repos of this organisation. It is not required to manually affect each repo to the team as these repos are already affected to the organisation. Plus, on Bitbucket, when listing the repos, it will output all the repos you have access to. I don't understand why the "Explorer" page is now empty.
Is there anything I missed?
Sorry for the long post, wasn't easy to be shorter.
Thanks
Axel
The text was updated successfully, but these errors were encountered: