I'm not sure why you'd want a super secretive source repository, you can always host secret stuff on another server before it's viewable elsewhere (a simple git server setup via ssh keys will do). Anyway, if a person does not have permissions to push to a git repo, he won't have the ability to do it, unless he just forked it and push it to his own clone, and maybe send a merge request which IMO is a good thing? No?
For now, I'm not sure if the gitorious team is interested to have a private repository feature, maybe later on, who knows? Any roadmap?. BTW, you can always use apache group restrictions for viewing valid projects, but I'm not sure if you want to be an apache admin as well. If you are a programmer, maybe you can contribute some code in. If you want to enable http urls with ldap auth, apache auth method is your friend, but the config file can be a mess really quickly, and you have to maintain the AD DB as well. BTW, there are other software out there that probably does what you want, like Git Enterprise, or Github.fi and other paid solutions that I've not mentioned. Or hey, you can pay Gitorious to incorporate the features you need and that'll be the ideal scenario :) On Wed, Oct 26, 2011 at 5:20 PM, IronMania <[email protected]>wrote: > Thanks for your replies. > > With the apache backend, I need to put in the user & pw twice, do I? > Also They are still able to pull the repos right? > > This set private/public is not really helpfull, well partly. I don't > want user A, which is NOT in Group B, to see projects from Group B. He > should not be able to Clone or push repositories he is not permitted > to. > > Disableing the urls is not an option. So I don't want people to be > able to pull code, where they have no rights. > > So the best solution would be something over gitorious right? > > Thank you all for your help!!!! > Joerg > -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected]
