Mail Archives: geda-user/2012/11/16/15:34:10
> > Changing someone's admin permissions
>
> Which admin permissions do you mean?
Did you read my first mail, which mentioned three types of users?
> Which repos do you mean by "every single git repo" and "new repos" ?
gedasymbols.org is a *web site*. There's more to it than just each
user's repo. There's other content there as well, such as
documentation and guidelines, search forms, the officially distributed
libraries, etc. Those have to be maintained as well. Getting
per-user content in there is only part of the job. There are also a
lot of CGIs that work behind the scenes to render symbols and
footprints, scan directories for search indices, etc.
> The top-level repo wouldn't have content,
The top-level web site does have content. You cannot look only at the
repo and think "I know gedasymbols" because if you don't consider the
web site as well, you're missing most of the problem.
> Hm? Only if the user is actually supposed to write to multiple repos?
Yes, that's exactly it. They're called "administrators". They need
to be able to fix things that are either (1) causing server-wide
problems, (2) potential legal problems, or (3) other blatant misuses
of the system.
> Another way, and the way I strongly prefer, is to create actual
> system users for each user,
That would let people potentially (or actually) log into the server,
which puts them inside the gedasymbols firewall. No thank you.
> > If you steal a footprint and put my name on it, I get in trouble.
>
> Aha! But since I can only put symbols in my own repository it's very
> easy for everyone to see that in fact you had nothing to do with it.
Right, which is why I enforce ownership at the per-repository level,
and not rely on what the user committed.
> If we wanted to, we could easily make per-user gedasymbol
> repositories reject any commits with author != repo owner.
It does that at the moment.
- Raw text -