Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new feature - adding mapping of predefined repositories to confluence user groups #18

Open
turgutbaumann opened this issue Aug 29, 2018 · 2 comments
Open

new feature - adding mapping of predefined repositories to confluence user groups #18

turgutbaumann opened this issue Aug 29, 2018 · 2 comments

Comments

@turgutbaumann
Copy link

Hi,

there is an addition to the plugin, which would enable us to use it more flexible and in a more secure manner. When we are defining "Predefined Repositories" in Git4C we would be able to assign a confluence user group to it, in order to ensure that only members of the defined groups inside the confluence space can use it. The benefit of this feature could be, that our admins can setup these Predefined Repositories and customers of our company which are only part of the group can only use the Predefined Repositories, they are allowed to. So, there would be no possibility to escalate access rights on code repositories which are not part of the project and our admin team can introduce functional plugin users. When we are using personal accounts of developers to configure the access of the plugin, then as soon as the developer is leaving the company and the account is disabled in our LDAP the confluence page won't render and the plugin will stop working. In order to avoid this behavior and to leave the control over the usage of the plugin to our admin team, this feature would be a great benefit.
@gkopij
Copy link
Contributor

gkopij commented Oct 6, 2018

Hi,
good Idea.
Question: how would the page look like, when the user has access to the page but not to the repository? Would you prefer to have an error message or leave the place blank? Or just render to nothing?

@turgutbaumann
Copy link
Author

Hi,

since the predefined repo will be configured to map to an user group in confluence, there don't have to be an error message necessarily. The idea is that user groups, which have access to a confluence space and are allowed to edit this space, can only choose files from the repos, nothing more. Users, which have the right to read pages can only see the content of the files, which are rendered by the plugin. The predefined repos shall be configured by an admin only and the rights on the repos will come from a function user in GitHub or GitLab. Mapping these predefined repos to a user group in confluence avoids an escalation of user rights and prevent user, which are not part of an group to read files from Github or GitLab, despite of the fact, that the functional user have these rights. That is the idea behind that request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gkopij @turgutbaumann