MokoConsulting/MokoGitea
1
0
Fork 0
Code Issues 142 Pull Requests Releases 90 Wiki Activity

feat(permissions): section-based visibility — public wiki/releases on private repos #238

New Issue
Closed
opened 2026-05-30 16:41:21 +00:00 by jmiller · 1 comment
jmiller commented 2026-05-30 16:41:21 +00:00
Owner
Copy Link
Copy Source

Summary

Add section-based visibility permissions so individual repository sections (wiki, releases, issues, etc.) can have different visibility levels from the codebase itself. This allows repos to keep source code private while making wiki documentation, releases, and other sections publicly accessible.

Use case

A private repository should be able to expose:

  • Wiki as public (documentation accessible to everyone)
  • Releases as public (download artifacts without repo access)
  • Issues as public or read-only (community bug reports)
  • Code remains private (source access restricted to collaborators)

This mirrors functionality available in platforms like GitLab where wiki and pages visibility can differ from repo visibility.

Current behavior

Repository visibility is all-or-nothing: a private repo hides everything (wiki, releases, issues, code). There is no way to make individual sections public while keeping the codebase private.

Proposed approach

Add per-section visibility overrides to the repository unit model. Each repo unit (code, issues, wiki, releases, packages, actions, projects) would support its own visibility setting that can override the repo-level default:

  • inherit (default): follows repo visibility
  • public: accessible to everyone regardless of repo visibility
  • private: restricted to collaborators only

Areas to investigate

  • repo_unit model and how units are currently gated
  • Anonymous access controls (there may already be partial support)
  • API permission checks per unit type
  • Web route middleware that enforces visibility
  • Git HTTP/SSH access for wiki repos (wiki is a separate git repo)
  • Template and UI changes to expose per-section visibility settings

References

  • GitLab has "Pages access control" and per-feature visibility (issues, wiki, etc.)
  • GitHub has limited support (public wiki on private repos is not supported)
  • Gitea has repo_unit with anonymous_access_mode (may be a starting point)

Created by @MokoBot - Claude Opus 4.6

## Summary Add section-based visibility permissions so individual repository sections (wiki, releases, issues, etc.) can have different visibility levels from the codebase itself. This allows repos to keep source code private while making wiki documentation, releases, and other sections publicly accessible. ### Use case A private repository should be able to expose: - **Wiki** as public (documentation accessible to everyone) - **Releases** as public (download artifacts without repo access) - **Issues** as public or read-only (community bug reports) - **Code** remains private (source access restricted to collaborators) This mirrors functionality available in platforms like GitLab where wiki and pages visibility can differ from repo visibility. ### Current behavior Repository visibility is all-or-nothing: a private repo hides everything (wiki, releases, issues, code). There is no way to make individual sections public while keeping the codebase private. ### Proposed approach Add per-section visibility overrides to the repository unit model. Each repo unit (code, issues, wiki, releases, packages, actions, projects) would support its own visibility setting that can override the repo-level default: - **inherit** (default): follows repo visibility - **public**: accessible to everyone regardless of repo visibility - **private**: restricted to collaborators only ### Areas to investigate - repo_unit model and how units are currently gated - Anonymous access controls (there may already be partial support) - API permission checks per unit type - Web route middleware that enforces visibility - Git HTTP/SSH access for wiki repos (wiki is a separate git repo) - Template and UI changes to expose per-section visibility settings ### References - GitLab has "Pages access control" and per-feature visibility (issues, wiki, etc.) - GitHub has limited support (public wiki on private repos is not supported) - Gitea has repo_unit with anonymous_access_mode (may be a starting point) --- *Created by @MokoBot - Claude Opus 4.6*
jmiller commented 2026-05-30 16:47:52 +00:00
Author
Owner
Copy Link
Copy Source

Implementation Plan

Current State: More exists than expected

The data model and settings UI already exist:

  • RepoUnit has AnonymousAccessMode and EveryoneAccessMode fields (migrations v297, v318)
  • Settings page at /settings/public_access lets you configure per-unit visibility
  • Permission engine in repo_permission.go handles per-unit public access via UnitAccessMode()
  • Web/API middleware use HasAnyUnitAccessOrPublicAccess() for repo-level gating
  • Template tabs already hide/show based on Permission.CanRead(unitType)

Identified Gaps (what needs fixing)

Gap 1 (Critical): Git HTTP access for wiki repos

  • File: routers/web/repo/githttp.go:131
  • isPublicPull := repoExist && !repo.IsPrivate && isPull -- for private repos this is always false
  • Fix: check per-unit AnonymousAccessMode instead of just repo.IsPrivate

Gap 2: Repo discoverability in explore/search

  • File: models/repo/repo_list.go
  • Private repos with public units are invisible to anonymous users
  • Fix: add SQL subquery to include repos with anonymous_access_mode > 0 on any unit

Gap 3: No API for managing unit public access

  • No GET/PATCH endpoints for per-unit visibility settings

Gap 4: Home page for partial-access users

  • Anonymous user accessing private repo with public wiki sees code page (no access) instead of redirect to wiki

Phased Implementation

Phase Scope Risk Files
1 Git HTTP fix + home redirect High githttp.go, repo.go, view.go
2 Search/explore discoverability Medium repo_list.go
3 API endpoints Medium api.go, structs/repo.go
4 UI improvements (landing page, badges) Low templates
5 Tests Low integration tests

No migration needed

The anonymous_access_mode and everyone_access_mode columns already exist.

@MokoBot - Claude Opus 4.6

## Implementation Plan ### Current State: More exists than expected The data model and settings UI **already exist**: - `RepoUnit` has `AnonymousAccessMode` and `EveryoneAccessMode` fields (migrations v297, v318) - Settings page at `/settings/public_access` lets you configure per-unit visibility - Permission engine in `repo_permission.go` handles per-unit public access via `UnitAccessMode()` - Web/API middleware use `HasAnyUnitAccessOrPublicAccess()` for repo-level gating - Template tabs already hide/show based on `Permission.CanRead(unitType)` ### Identified Gaps (what needs fixing) **Gap 1 (Critical): Git HTTP access for wiki repos** - File: `routers/web/repo/githttp.go:131` - `isPublicPull := repoExist && !repo.IsPrivate && isPull` -- for private repos this is always false - Fix: check per-unit `AnonymousAccessMode` instead of just `repo.IsPrivate` **Gap 2: Repo discoverability in explore/search** - File: `models/repo/repo_list.go` - Private repos with public units are invisible to anonymous users - Fix: add SQL subquery to include repos with `anonymous_access_mode > 0` on any unit **Gap 3: No API for managing unit public access** - No GET/PATCH endpoints for per-unit visibility settings **Gap 4: Home page for partial-access users** - Anonymous user accessing private repo with public wiki sees code page (no access) instead of redirect to wiki ### Phased Implementation | Phase | Scope | Risk | Files | |-------|-------|------|-------| | **1** | Git HTTP fix + home redirect | High | githttp.go, repo.go, view.go | | **2** | Search/explore discoverability | Medium | repo_list.go | | **3** | API endpoints | Medium | api.go, structs/repo.go | | **4** | UI improvements (landing page, badges) | Low | templates | | **5** | Tests | Low | integration tests | ### No migration needed The `anonymous_access_mode` and `everyone_access_mode` columns already exist. --- *@MokoBot - Claude Opus 4.6*
Sign in to join this conversation.
Labels
Clear labels
breaking-change
Breaking API or behavior change
 ci-cd
CI/CD pipeline changes
 config
Configuration changes
 dependencies
Dependency updates
 deploy-failure
Deployment failed
 docker
Docker/container changes
 documentation
Documentation changes
 good first issue
Good for newcomers
 health-check
Repo health check result
 help wanted
Extra attention needed
 mokostandards
Related to MokoStandards framework
 pending: testing
Feature implemented but not yet tested with documented proof
 priority: critical
Must fix immediately
 priority: high
Important, fix soon
 priority: low
Nice to have
 priority: medium
Normal priority
 push-failure
Git push operation failed
 security
Security vulnerability or hardening
 size/l
200-500 lines changed
 size/m
50-200 lines changed
 size/s
10-50 lines changed
 size/xl
500+ lines changed
 size/xs
< 10 lines changed
 standards-drift
Deviates from MokoStandards
 standards-update
MokoStandards compliance update
 status: blocked
Blocked by dependency or decision
 status: in-progress
Actively being worked on
 status: needs-review
Awaiting code review
 status: on-hold
Paused intentionally
 status: wontfix
Will not be addressed
 sync-failure
Sync or mirror failed
 tech-debt
Technical debt and TODO/FIXME items
 type: bug
Something isn't working
 type: bug
type: chore
Maintenance, dependencies, cleanup
 type: enhancement
Improvement to existing feature
 type: feature
New functionality
 type: refactor
Code restructuring without behavior change
 type: version
Version bump or release
 upstream
upstream
Inherited from upstream Gitea
 work-in-progress
Draft or incomplete work
bug
Something is not working
 chore
Maintenance and housekeeping
 documentation
Documentation improvements
 enhancement
Improvement to existing functionality
 feature
New feature or request
 pending: dependency
Blocked by another issue or external dependency
 pending: deployment
Tested and approved, awaiting deployment to production
 pending: design
Needs UI/UX or architecture design before implementation
 pending: documentation
Feature works, needs documentation/wiki update
 pending: feedback
Awaiting feedback or decision from stakeholder
 pending: review
Implementation complete, awaiting code review
 pending: testing
Feature implemented but not yet tested
 priority: critical
Must fix immediately
 priority: high
Should fix soon
 priority: low
Nice to have
 priority: medium
Fix when convenient
 refactor
Code restructuring without behavior change
 roadmap
Planned feature or enhancement tracked on the roadmap
 scope: client
Client-specific work
 scope: dolibarr
Dolibarr modules and customizations
 scope: infrastructure
Server, CI, backups, monitoring
 scope: joomla
Joomla templates and extensions
 scope: waas
MokoWaaS platform
 security
Security vulnerability or hardening
 status: blocked
Waiting on external dependency
 status: duplicate
Duplicate of another issue
 status: in-progress
Being worked on
 status: needs-review
Ready for review
 status: wontfix
Will not be addressed
No labels
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea#238
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?