On Tuesday 21 November 2006 20:34, Elliot Lee wrote:
I think that works within the context of Fedora as a whole, but
moving into hosted territory means you have to adopt more of a
sourceforge mentality, where your job is to give as much control as
possible to the project owner, and let them make decisions such as
who can participate. In order to let each project owner make access
decisions independantly, you would need a separate account.
I'm still not so sure you would. For a source repo, there would be a new
group, and the existing user who is the admin for a project would be made the
admin of this group. (S)He could then approve/deny requests to join the
source group for write access.
It sounds like trac has some 'webadmin' thing for controlling
people's access - I think it's a bad idea to go with that. Properly
tying trac into the Fedora account system means making it so that
full control of both authentication & authorization is done through
the FAS. In the long run, it'll be a lot nicer to be able to go to
one place to control people's access levels for everything. (Not to
say that FAS v1 is the right way to do it, just suggesting a good
goal for the future :)
This _may_ be possible in the future, however the only real authorization that
we need to set in Trac is the initial admin. The trac webadmin is mostly for
setting up urls and project summaries, and ticket components, milestones,
etc.. All of this is highly trac instance specific. There _is_ some
management of who can open/close bugs I do believe, and who is a default
owner of bugs, but again its all instance specific. I think for the first
instance of Fedora Hosted Projects this would be perfectly serviceable and if
problems arise we can look at fixing them, or more tightly integrating trac
with FAS v2 for Fedora Hosted Projects v2.
--
Jesse Keating
Release Engineer: Fedora