This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
Summary: | User-managed repositories | ||
---|---|---|---|
Product: | www | Reporter: | Jesse Glick <jglick> |
Component: | Builds & Repositories | Assignee: | pgebauer <pgebauer> |
Status: | NEW --- | ||
Severity: | blocker | CC: | mkleint, mpetras, ttran |
Priority: | P1 | ||
Version: | 6.x | ||
Hardware: | All | ||
OS: | All | ||
Issue Type: | ENHANCEMENT | Exception Reporter: |
Description
Jesse Glick
2008-07-08 20:52:30 UTC
> But basic functionality [...] should be possible with a few simple JSPs. or perhaps Python/Django http://www.selenic.com/mercurial/wiki/index.cgi/HowToSetupFreeHg Note that FreeHg offers #1, but not #4 - only the creator of a repo can push to it. > FreeHg offers #1, but not #4
correct. That's why I said over ICQ we need to use netbeans.org for authentication.
Each repos owner will control authorization, say via a small text file in a well known
place in the repos, listing writers. All repos will be world-readable.
Auth could be done via mod_authnz_external + small program to talk to netbeans.org.
*If* perf is going to be an issue we can cache.
The text file in the repo listing allowed pushers may be a good idea. I don't think we would need any extra authorization module. hgwebdir just has a text file listing people permitted to write to a repo; would just need to synchronize that with the file in the repo when it changed. Not sure this is any easier than just writing a JSP letting the owner add/remove people, though (plus it effectively lets anyone with push access add others, which is not generally desirable). > (plus it effectively lets anyone with push access add others, which is not generally
desirable).
I consider this a feature. After all why we have version control system here.
Admin GUI is usually a hassle. As little of it as possible
What about to put all the hgrc's to the HG repository where few people has push right? The repository checkout could be updated once a minute to keep the server up to date... [Still discussing #4] I guess that's better than having only one or two people able to configure permissions, though would be nicer if the creator of the clone had control. Less to do if we switch to using named branches, since no special step is needed to create a branch, and there are not many new independent repos. Would still be nice to manage push permissions for changesets on your branch. |