Delegated management in Gitano
------------------------------

If you wish to delegate management in gitano then the rules syntax can provide a
very effective way to delegate access to the gitano-admin repository.

In particular, you could use a ruleset like:

---8<----
GrantWrite(Branch "master", Path "groups/myfrobbler/myfrobbler-*.conf", Group "myfrobbler-admins")
---8<----

This rule demonstrates the way that we can allow master access to a specific
set of admins and then require that they can only manage stuff inside
groups/myfrobbler called myfrobbler-* which effectively means that they can
manage their own groups but noone elses.

Combine that with a rule along the lines of:

---8<----
GrantWrite(Branch "master", Path "users/**/$USER/*.key")
---8<----

And any user can manage their own SSH keys.  You might want to omit the '.key'
if you want users to be able to alter their own.

If you use either of the above rules to allow delegated administration, you
probably want to pop a 'GrantClone(Group "some-admin-group")' and a
'DenyClone(User "gitano/any")' at the top of your gitano-admin repository rules
file.

If you're not worried about the security of the site should the admin repo be
cloned by a non-admin then don't worry about those.  It shouldn't be an issue
unless you also store non-standard admin content which could be exploited, or
unless your user list or users' keys are considered secret.  Later if we store
email addresses etc in users' metadata files then it may be 'secret'.  As such,
the *default* gitano-admin repo-specific rules will contain:

---8<----
GrantClone(User "whatever")
DenyClone(User "gitano/any")
---8<----

Where 'whatever' is the username you gave gitano when it created your
fundamental admin repository commit.

By default, when you set up gitano, the gitano-admin repository is created with
the deny rules above and a group called gitano-admin which contains the one user
created during setup.