> So instead of "hey, signup and we give you access", what about the > addition of LDAP? > https://docs.gitlab.com/ee/administration/auth/how_to_configure_ldap_gitlab_ce/
Is there additional benefit to LDAP as compared to standard GL ACL [0]? Note only some roles have "add members" privilege. I had had experience with them being somewhat rigid (you sometimes want a specific set of privileges which none of the built-in roles covers), but we should probably be fine. >> So here's a problem I see with this as it is right now: >> I'm a git admin. Before I give people a certain kind of access, be >> it for one repo only, a range of repos or the group 'gnunet', I >> have a sort of checklist. Can I digitally verify to some extent that the >> key sent to me matches the person? Do we have a CAA signature? etc. >> Now I see already one name as 'Owner' in the gnunet group who, to >> my knowledge, has never signed anything. Correct me if I'm wrong >> about ic.rbow. ic.rbow has indeed not signed CAA yet. I asked them to now. In my defense, I added them when gitlab.gnunet.org was a mere experiment :) >> We can only trust each other. >> Since we have this CAA in place, we need more than trust, we need >> some guidelines when someone is added to which permission level >> in gitlab. >> Previously the communication about what happened, which steps >> were followed and that there is a new committer, were betwee >> 1 or 2 people involved in administration. Now potentially everyone >> can do this, which is either bad or good, so at the very least >> we need to communicate about new rights given. +1 for guidelines, +1 for communication, but maybe not that much changes due to GL ACL. [0]: https://gitlab.com/help/user/permissions.md
signature.asc
Description: OpenPGP digital signature
_______________________________________________ GNUnet-developers mailing list [email protected] https://lists.gnu.org/mailman/listinfo/gnunet-developers
