From 101cb5f4a43b9e418268fe3a8461ae6493678302 Mon Sep 17 00:00:00 2001 From: Giteabot Date: Mon, 5 Jun 2023 06:04:59 -0400 Subject: [PATCH] improve permission documentation (#23942) (#25078) (cherry picked from commit 15adec19e77d85fcd9cb798765d8b25373cdc28f) --- docs/content/doc/usage/permissions.en-us.md | 33 +++++++++++++++------ 1 file changed, 24 insertions(+), 9 deletions(-) diff --git a/docs/content/doc/usage/permissions.en-us.md b/docs/content/doc/usage/permissions.en-us.md index 013dbfabd4..b0d7729957 100644 --- a/docs/content/doc/usage/permissions.en-us.md +++ b/docs/content/doc/usage/permissions.en-us.md @@ -23,7 +23,7 @@ Gitea supports permissions for repository so that you can give different access ## Unit -In Gitea, we call a sub module of a repository `Unit`. Now we have following units. +In Gitea, we call a sub module of a repository `Unit`. Now we have following possible units. | Name | Description | Permissions | | --------------- | ---------------------------------------------------- | ----------- | @@ -35,6 +35,8 @@ In Gitea, we call a sub module of a repository `Unit`. Now we have following uni | ExternalWiki | Link to an external wiki | Read | | ExternalTracker | Link to an external issue tracker | Read | | Projects | The URL to the template repository | Read Write | +| Packages | Packages which linked to this repository | Read Write | +| Actions | Review actions logs or restart/cacnel pipelines | Read Write | | Settings | Manage the repository | Admin | With different permissions, people could do different things with these units. @@ -49,6 +51,8 @@ With different permissions, people could do different things with these units. | ExternalWiki | Link to an external wiki | - | - | | ExternalTracker | Link to an external issue tracker | - | - | | Projects | View the boards | Change issues across boards | - | +| Packages | View the packages | Upload/Delete packages | - | +| Actions | View the Actions logs | Approve / Cancel / Restart | - | | Settings | - | - | Manage the repository | And there are some differences for permissions between individual repositories and organization repositories. @@ -58,16 +62,27 @@ And there are some differences for permissions between individual repositories a For individual repositories, the creators are the only owners of repositories and have no limit to change anything of this repository or delete it. Repositories owners could add collaborators to help maintain the repositories. Collaborators could have `Read`, `Write` and `Admin` permissions. +For a private repository, the experience is similar to visiting an anonymous public repository. You have access to all the available content within the repository, including the ability to clone the code, create issues, respond to issue comments, submit pull requests, and more. If you have 'Write' permission, you can push code to specific branches of the repository, provided it's permitted by the branch protection rules. Additionally, you can make changes to the wiki pages. With 'Admin' permission, you have the ability to modify the repository's settings. + +But you cannot delete or transfer this repository if you are not that repository's owner. + ## Organization Repository -Different from individual repositories, the owner of organization repositories are the owner team of this organization. +For individual repositories, the owner is the user who created it. For organization repositories, the owners are the members of the owner team on this organization. All the permissions depends on the team permission settings. -### Team +### Owner Team -A team in an organization has unit permissions settings. It can have members and repositories scope. A team could access all the repositories in this organization or special repositories changed by the owner team. A team could also be allowed to create new -repositories. +The owner team will be created when the organization is created, and the creator will become the first member of the owner team. The owner team cannot be deleted and there is at least one member. -The owner team will be created when the organization is created, and the creator will become the first member of the owner team. -Every member of an organization must be in at least one team. The owner team cannot be deleted and only -members of the owner team can create a new team. An admin team can be created to manage some of the repositories, whose members can do anything with these repositories. -The Generate team can be created by the owner team to do the operations allowed by their permissions. +### Admin Team + +When creating teams, there are two types of teams. One is the admin team, another is the general team. An admin team can be created to manage some of the repositories, whose members can do anything with these repositories. Only members of the owner or admin team can create a new team. + +### General Team + +A general team in an organization has unit permissions settings. It can have members and repositories scope. + +- A team could access all the repositories in this organization or special repositories. +- A team could also be allowed to create new repositories or not. + +The General team can be created to do the operations allowed by their permissions. One member could join multiple teams.