wldhx transcribed 4.1K bytes: > > So instead of "hey, signup and we give you access", what about the > > addition of LDAP? > > https://docs.gitlab.com/ee/administration/auth/how_to_configure_ldap_gitlab_ce/ > > Is there additional benefit to LDAP as compared to standard GL ACL [0]? > Note only some roles have "add members" privilege.
Probably only to unify additional login accounts we might want for example for email boxes. I have no experience with gitlab ldap. It was just a question. > I had had experience with them being somewhat rigid (you sometimes want > a specific set of privileges which none of the built-in roles covers), > but we should probably be fine. > > >> So here's a problem I see with this as it is right now: > >> I'm a git admin. Before I give people a certain kind of access, be > >> it for one repo only, a range of repos or the group 'gnunet', I > >> have a sort of checklist. Can I digitally verify to some extent that the > >> key sent to me matches the person? Do we have a CAA signature? etc. > >> Now I see already one name as 'Owner' in the gnunet group who, to > >> my knowledge, has never signed anything. Correct me if I'm wrong > >> about ic.rbow. > > ic.rbow has indeed not signed CAA yet. I asked them to now. In my > defense, I added them when gitlab.gnunet.org was a mere experiment :) Okay, then it was just delayed communication. Thanks for clearing that up. > >> We can only trust each other. > >> Since we have this CAA in place, we need more than trust, we need > >> some guidelines when someone is added to which permission level > >> in gitlab. > >> Previously the communication about what happened, which steps > >> were followed and that there is a new committer, were betwee > >> 1 or 2 people involved in administration. Now potentially everyone > >> can do this, which is either bad or good, so at the very least > >> we need to communicate about new rights given. > > +1 for guidelines, +1 for communication, but maybe not that much changes > due to GL ACL. Okay, thanks for your message. > [0]: https://gitlab.com/help/user/permissions.md > > _______________________________________________ > GNUnet-developers mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/gnunet-developers
signature.asc
Description: PGP signature
_______________________________________________ GNUnet-developers mailing list [email protected] https://lists.gnu.org/mailman/listinfo/gnunet-developers
