CONFIG: Allow for pre.rules so we can run rules before the repository rules

author: Daniel Silverstone <dsilvers@digital-scurf.org> 2012-03-29 16:56:44 +0100
committer: Daniel Silverstone <dsilvers@digital-scurf.org> 2012-03-29 16:56:44 +0100
commit: bf1bcfe43716f0ca5adbb48d3fc972ff07fb636a (patch)
tree: f0d6a0f755617004b1e9963b5688b1dfa1ed11d0 /notes
parent: f9aa94c3cb584ddd3e6792ca33b35c4cca42d862 (diff)
download: gitano-bf1bcfe43716f0ca5adbb48d3fc972ff07fb636a.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/notes/rules-evaluation b/notes/rules-evaluation
index a063b8a..7aa9404 100644
--- a/notes/rules-evaluation
+++ b/notes/rules-evaluation
@@ -29,3 +29,8 @@ and full write/delete/etc access to the user marked as the owner of the
 repository.  If evaluation ever falls off the end of the core rules then Gitano
 evaluates the built in stop-gap rule of 'Deny(User "gitano/any")' which
 effectively denies everything to everyone.
+
+If the administration repository defines a pre.rules file, then those rules
+will be applied before the per-repository rules.  This allows the main admins
+to define some global rules which cannot be overridden.  For example, you might
+require that no matter what, anonymous access is not permitted.
author	Daniel Silverstone <dsilvers@digital-scurf.org>	2012-03-29 16:56:44 +0100
committer	Daniel Silverstone <dsilvers@digital-scurf.org>	2012-03-29 16:56:44 +0100
commit	bf1bcfe43716f0ca5adbb48d3fc972ff07fb636a (patch)
tree	f0d6a0f755617004b1e9963b5688b1dfa1ed11d0 /notes
parent	f9aa94c3cb584ddd3e6792ca33b35c4cca42d862 (diff)
download	gitano-bf1bcfe43716f0ca5adbb48d3fc972ff07fb636a.tar.gz