Policy change: all authorized users now allowed to push to any wild

repository.

1 files changed, 3 insertions, 21 deletions

diff --git a/conf/gitolite.conf b/conf/gitolite.conf
index 6bbe627..01a6860 100644
--- a/conf/gitolite.conf
+++ b/conf/gitolite.conf
@@ -22,28 +22,10 @@ repo gitolite-admin
 # Everything but the gitolite-admin repository is currently set up for
 # "wild repositories" (http://sitaramc.github.com/gitolite/wild.html).
 #
-# In theory, this lets authenticated users create their own
-# repositories without needing to touch this file.
-# 
-# In all of these, we allow read permission to @all, on the theory
-# that it doesn't make much sense to restrict read via SSH while
-# allowing it via plain HTTP.  So we have no current use for the
-# READERS role.  Add it back if we ever find a use for it.
-
-# Principal of Least Astonishment says that users should create
-# repositories that look like they belong to other users.
-
-repo users?/CREATOR/..*
-    C   = @all
-    RW+ = CREATOR
-    RW  = WRITERS
-    R   = @all
-
-# Other wild repositories.  Might consider restricting top-level to
-# enforce a particular hierarchy, ask the users what they want.
+# We used to allow R for @all but restrict RW to WRITERS, but at the moment
+# we just allow any authorized user to push to any wild repository.
 
 repo [a-zA-Z0-9].*
     C   = @all
     RW+	= CREATOR
-    RW	= WRITERS
-    R   = @all
+    RW	= @all