Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allowing Package Owner Auth #53

Open
cbdotguru opened this issue Sep 11, 2018 · 1 comment
Open

Allowing Package Owner Auth #53

cbdotguru opened this issue Sep 11, 2018 · 1 comment

Comments

@cbdotguru
Copy link
Contributor

It appears all auth happens at the repo contract owner/authority level and there are no checks at the actual package owner level. Am I missing where this takes place? Is this purposeful in the design? If so, what was the reasoning?
@cgewecke
Copy link
Contributor

@HACKDOM Are you thinking along the lines of a package owner being able to remove a package? Or gatekeeping who can publish one?

There are some checks in the sense that only a package owner can cut a release and there is a mechanism for transferring package ownership.

As currently deployed, the registry is open to the public - anyone can create a package. .But this is configurable - the registry permissions are set in a series of post-deployment calls executed here

Maybe we should highlight this topic in the docs. . .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cbdotguru @cgewecke