18 Jul
2019
18 Jul
'19
6:07 a.m.
On 18 Jul 2019, at 4:35, Louis Opter wrote:
Hello,
Thank you for the project, quick question:
I see that restrict-modify actually only allows changes made by the principals listed there. Which kinda means that you are either root or you aren't, should restrict-modify also allow index_create/user_modify for authenticated users?
Since devpi-server 5.0.0 this should be possible via the special :AUTHENTICATED: user. That user also allows an index where any authenticated user can upload by setting it in acl_upload. Another special user is :ANONYMOUS: currently used by acl_toxresult_upload. Regards, Florian Schulze