Authz question

[Konstantin Ryabitsev]

On 02/06/14 05:34 PM, Jason A. Donenfeld wrote:
>> Before I go look in the code, can someone tell me if the authentication
>> > support in cgit hides the repositories to which the user has no access,
>> > or just prevents accessing the actual content?
> Just the actual content, but not the listing in the global index.

That's what I figured from reading the sample authentication filter.

>> >  is there any mechanism
>> > in place to hide it?
> Not at the moment. If you're going to deploy this feature on
> kernel.org, though, I'd be happy to write support for it. What's your
> use case?

It's not for kernel.org -- we don't have a reason to run read-restricted
AuthZ stuff there. It's for another LF project that wants to be able to
do private repositories with a web frontend. It's not a critical
requirement for them to restrict repo listing, but it's certainly a
nice-to-have.

Best,
-- 
Konstantin Ryabitsev
Senior Systems Administrator
Linux Foundation Collab Projects
Montréal, Québec

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 713 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/cgit/attachments/20140602/654c37a5/attachment.asc>