Commit Graph

2 Commits

Author SHA1 Message Date
1f7f98d0ce sx-gitea Phase 2: access — acl-backed permissions, collaborators, teams, auth-gated routes (TDD, 194/194)
lib/gitea/access.sx: repo role groups (admin>write>read) as acl facts
saturated by the datalog engine; user-owner => admin; collaborators
(per-repo role, upsert); org teams (one role, 'all' or scoped repo
list); org-admin?; visible-repos; create-allowed?; bearer tokens in kv.
Facts derived from forge state, acl db cached in the forge handle and
rebuilt only when facts change.

lib/gitea/web.sx: every repo route now requires read (404 hides private
repos); repo create needs owner/org-admin, delete + collaborator API
need admin (401 no credentials / 403 not allowed); index + /api/repos
list only visible repos; PUT/DELETE collab endpoints.

tests/access.sx (103) + repo suite updated for gating (91). Fixed a
web.sx corruption from the known sx_find_all/sx_replace_node path
mismatch by rewriting via sx_write_file; suite timeout 300->600s.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-07-03 13:21:57 +00:00
c037aca51f sx-gitea Phase 1: repo — forge core (owners, repo CRUD, per-repo git stores) + dream browse views (TDD, 91/91)
lib/gitea/repo.sx: forge handle over persist kv; owner principals
(user/org directory, identity-backed in Phase 2); repo records with
visibility/default-branch metadata; per-repo sx-git namespaces
(forge/<owner>/<name>) so delete is a prefix purge; ref resolution
(branch/tag/cid, annotated tags peeled) and tree-path navigation.

lib/gitea/web.sx: dream routes — repo index, repo home, branches,
tree/blob/raw browse at any ref, commit log, single-commit diff view,
JSON API for repo create/list/delete (201/400/409 semantics).

lib/gitea/tests/repo.sx (91 tests) + conformance.sh + scoreboard.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-07-03 12:45:05 +00:00