Enable the feature (as project admin)

• A project admin must enable this possibility at project level. For public projects only
  • When the feature is enabled, there is a log in history to keep track of this
  • A warning is displayed to ensure admin understands what is doing. The warning includes:
    • Info about project being listed in Project tree
    • Info about services being listed (but not accessible)
    • Info about the summary page being public (with all widgets without specific permissions checking)
  • There is a forge upgrade to explicitlely change all "all_users/anonymous" to "registered users" when the platform is configured to forbid anonymous access
• When the project admin revoke the option, the permissions granted to "authenticated users" already set are revoked.
  • It means that when you untick "use restricted users" option as a project admin, you will have to set permissions on "restricted users" again if you reactivate this option in the future
  • The other permissions are not affected
• When the option is activated, the project is listed in "project tree" and trove cat
• When a restricted user access this project, nothing but Git service is actually browsable. Only 'git' and 'summary page' services are displayed.
• As long as no repository is granted to restricted users, the repository list is empty

Usage (as git admin)

• In permissions section, the permission select box displays:
  • Anonymous users (correspond to all_users) only displayed is the platform allows it
  • Authenticated users (corresponds to previous registered_users + restricted)
  • Registered users (to be renamed to something smarter)
  • Project members
  • ...

API impact:

• When permissions are used in API (REST routes on /git), the permissions are listed as:
  • Anonymous => all_users
  • Authenticated => authenticated_users
  • Registered/New name => registered_users
  • ...
• In other terms, the technical names in the API doesn't change but we introduce "authenticated_users" as a new possibility.

Site admin:

• "$sys_allow_anon" and "$sys_allow_restricted_users" parameters needs to be imported as DB configuration elements (now they are in /etc/tuleap/conf/local.inc). With a forge upgrade
• We need to manage it in DB (and with site admin configuration panel because we need to detect the change of those settings to properly update repository permissions.
• Changes to be propagated:
  • When the site admin disable usage of anonymous:
    • All git repositories granted to "Anonymous" are updated to be granted to "Registered"
  • When the site admin disable usage of Restricted users:
    • All git repositories granted to "Authenticated" are updated to be granted to "Registered"
    • Project admin use of "Authenticated users" group is revoked
  • Those changes are recorded in project history

Technical background:

• This need to be placed in a new code (permissions.php is rotten) with a clean and tested implementation
• The objective is to validate the new code with git and to progressively deploy it for all services once it's validated
• When completed for all services, the custom "restricted_user_permissions.txt" (site-content/en_US/include will be removed)