"List" permission

[kleinen]

Feature Request

Problem to be solved

I would like to have the ability for users to see the existence of a repo and view its permissions in the web interface, but not be able to see or access the contents of the repo. This way I can have authenticated users see the LDAP groups that are configured for that repo and contact the owner/maintainer of that group for appropriate access. This will keep our group from having to maintain separate, yet synchronized, documentation showing users what groups provide access to what repos.

Proposed solution

I would propose that there be a "List Repository" permission, either at the global level or the repository level. This new permission would allows users to see a repo in the "Repositories" list and access a repo's "Information" page. This new permission could then be combined with the existing "read permissions" permission to provide users the ability to see what groups provide various access to a repo.

It would be additionally efficient if this were available at the global and repo levels so as to provide flexibility to application administrators.

[pfeuffer]

Thanks for this request. This should be possible, using the simple read permission. Viewing the sources should require the additional pull permission. We have to admit, though, that this is not working as expected. A user with read permission only (not the role READ, but the single permission set in the advanced permission dialog in the repository) can also see the source code. This is a bug that we will fix soon.

We will get back to you asap.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.