Roles for RPM plugin

I’d like to start a discussion about RPM RBAC and how it will be used.
There is a draft starting with two basic roles which should like this:


  • just to view and use (as well as content app - to use client as dnf to fetch content)


  • this user will be able to create and remove repositories, publications and distributions.
  • in short - to do everything

I’d like to brainstorm if this basic approach is enough or there are more ideas or needs how we can improve it.

Eg. there is an idea that there could be a maintainer which cannot create/destroy repositories but can sync and re-publish repositories to keep content up to date.

I’d like to name @ggainey, @dralley, @wibbit, @Conan_Kudo to discuss if interested in.

1 Like