Web interface for gitolite?

[Ali Reza Kayvan]

Thank you for preparing this useful tool.
I'am using gitolite with tens of repositories . I have set permisions on each repository and even directories. every sevreal repositorties has an admin.Now I myself give access to every user.But i want team managers do it themeselves.How can i implement this. should I have to write a web interface myself or is there any other tools ready for this;Could you please help me.Thanks

[Sitaram Chamarty]

On Sun, Nov 05, 2017 at 11:27:36PM -0800, Ali Reza Kayvan wrote:
> Thank you for preparing this useful tool.
> I'am using gitolite with tens of repositories . I have set permisions on each repository and even directories. every sevreal repositorties has an admin.Now I myself give access to every user.But i want team managers do it themeselves.How can i implement this. should I have to write a web interface myself or is there any other tools ready for this;Could you please help me.Thanks

In general, in terms of different users managing their own sets
of permissions, there are two ways:

* using "wild"[1] repos and the "perms" command[2]

* by delegating access control responsibilities[3].

Gitolite has no web interface, but if you can explain what you
need with a specific example (using repo names like "repo1",
"repo2", etc., and user names like "alice", "bob", etc.,
perhaps?) it may be useful.

[1]: http://gitolite.com/gitolite/wild/
[2]: http://gitolite.com/gitolite/user/#setget-additional-permissions-for-repos-you-created
[3]: http://gitolite.com/gitolite/deleg/

regards
sitaram

[Ali Reza Kayvan]

repo gitolite-admin
RW+ = superadmin

repo project1/repo1
RW+ = admin1 bob smith jack
repo project1/repo2
RW+ = admin2 jane dany
RW master VREF/NAME/SportClasses/* = peter
repo project1/repo3
RW+ = admin3 bob smith
RW master VREF/NAME/educ/acc/* = raja
RW master VREF/NAME/educ/css/* = jones kelara
repo project1/repo4
...
repo project1/repo5
...
repo project1/repo6
...
.
These tree admins should be able to give access to whome they want . Thay have the same admin access but less than superadmin. Admins dont know too much about gitolite so thay prefer to have a simple and easy to use web interface.

Thanks you for your guidance .I think delegating access control responsibilities is a right solution, but i dont want admins engage with complexities of gitolite.They just need a simple interface that can list repositories and maybe directories and files inside it in a treeview and set a permission for it (mostely write access , becouse repositories are previousely created and if again needed I will create it) .

I myelf thinks if there is not such an application available , I should read all accesses from database and recreate gitolite-conf each time each permision changes . Is it right?

[Eric Johnson]

On Mon, Nov 6, 2017 at 5:37 AM, Ali Reza Kayvan <alireza...@gmail.com> wrote:

On Monday, November 6, 2017 at 12:26:19 PM UTC+3:30, Sitaram Chamarty wrote:

repo gitolite-admin
    RW+        =   superadmin

repo  project1/repo1
   RW+         = admin1 bob smith jack
repo project1/repo2
   RW+         = admin2 jane dany
   RW master VREF/NAME/SportClasses/* = peter
repo project1/repo3
   RW+         = admin3 bob smith
   RW master VREF/NAME/educ/acc/* = raja
   RW master VREF/NAME/educ/css/* = jones kelara
repo project1/repo4
        ...
repo project1/repo5
        ...
repo project1/repo6
        ...
.
These tree admins should be able to give access  to whome they want . Thay have the same admin access but less than superadmin. Admins dont know  too much about gitolite so thay prefer to have a simple and easy to use web interface.

Thanks you for your guidance .I  think with delegating access control responsibilities is a write solution, but we dont want our admins engage with complexities of gitolite.They nead just a simple interface that they can list repositories and maybe directories and files inside it in a treeview  and set a permission for it (mostely write access , becouse repositories are previousely created and if again needed I will create it) .

I myelf thinks if there is not such an application available , I should read all accesses from database and recreate gitolite-conf  each time each permision changes . Is it right?

This is a variation of what we've done at my company. We generate the gitolite conf from an alternate source of data. Works great.

Instead of a database we use another git repository. That way, changes to who has access are all tracked by version control. It is not a trivial amount of code, but not too hard either. The key trick is that of course you have to configure the gitolite permissions to prevent people from making changes to repositories that they don't have permissions to change. That means separate files depending on the boundaries of your access control constraints.

Eric.

 

--
You received this message because you are subscribed to the Google Groups "gitolite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitolite+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Sitaram Chamarty]

On Mon, Nov 06, 2017 at 05:37:43AM -0800, Ali Reza Kayvan wrote:

> These tree admins should be able to give access to whome they
> want . Thay have the same admin access but less than
> superadmin. Admins dont know too much about gitolite so thay
> prefer to have a simple and easy to use web interface.

The new templates feature [1] may also be useful. It was
originally created to help with 'gitolite compile' performance,
but I later realised it is a very good abstraction layer on top
of gitolite's rules -- allowing an "expert" to write rule
"templates" while any one, even without being an expert in
gitolite, simply assigns users to various roles in plain text.

It *could* also be the basis for a decent web layer, if someone
wants to write one for their own use.

[1]: http://gitolite.com/gitolite/templates