• 
  
    
 
    
 
    

    



    
    
    
    
     
    






    
 
    


 
    



    
 

 

  

  

 

    


  
    





    
 
    



  

    
 
 
    
  
    Add support for access control on repositories.
    
 
    

    



 
    
 
    

  Review Request #1890
  —
  Created Nov. 2, 2010 and submitted — Latest diff uploaded 

 
    


    




    




    




 
    
  
    
   Information

  
    



    
 
 
    
  chipx86
 
    

    





    
 
 
    
  Review Board
 
    

    





    
 
 
    
  master
 
    

    





    
 
 
    
  
 
    

    





    
 
 
    
  
 
    

    



 
    



 
    
  
    
   Reviewers

  
    



    
 
 
    
  reviewboard
 
    

    





    
 
 
    
  
 
    

    



 
    



    


    
 
    




  

    
 
 
    
  
    Add support for access control on repositories.

This provides the ability to lock down a repository and make it private so that
only those users who are explicitly granted access (directly or through
an invite-only review group) can view review requests on the repository.

This ties into the existing is_accessible_by checks to guarantee the new logic
will work in the API and the UI.

Access is determined per-repository, rather than by a path within a repository.
Any user with access to a repository likely has access to the entire thing.
This may not always be true, in that some advanced repository setups may have
ACLs that work on a per-path basis. However, for now we are not supporting
this. It can be added later if there is need for it, possibly through an
extension that augments the access determination to check the ACLs on the
repository.
    
 
    

    





  

    
 
 
    
  
    Passes the unit tests and works in the UI.