mirror of
https://gitea.com/gitea/docs.git
synced 2026-07-01 08:34:24 +00:00
Clarify package permissions and tokens scopes as discussed in https://github.com/go-gitea/gitea/issues/32048 (#72)
This adds explanations, that were missing regarding Token scopes and the packages feature requiring a token with said scope. Also added a missing explanation, that tokens can be created in the user interface, not just the API. The reason this PR is created was due to misunderstandings around the package feature, that arose during the discussion in https://github.com/go-gitea/gitea/issues/32048 . This PR aims to clarify the misunderstood points around tokens, scopes and the package feature. During the creation of this PR bug https://github.com/go-gitea/gitea/issues/32078 was found, the scopes are always reported as `null` during the response of the initial `POST` to create the token. Co-authored-by: Wladislav ヴラド Artsimovich <wladislav.artsimovich@dmgmori.co.jp> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Reviewed-on: https://gitea.com/gitea/docs/pulls/72 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: FrostKiwi <frostkiwi@noreply.gitea.com> Co-committed-by: FrostKiwi <frostkiwi@noreply.gitea.com>
This commit is contained in:
@@ -29,7 +29,7 @@ npm config set -- '//gitea.example.com/api/packages/{owner}/npm/:_authToken' "{t
|
||||
| ------------ | ----------- |
|
||||
| `scope` | The scope of the packages. |
|
||||
| `owner` | The owner of the package. |
|
||||
| `token` | Your [personal access token](development/api-usage.md#authentication). |
|
||||
| `token` | Your [personal access token](development/api-usage.md#authentication). With `package` permissions. |
|
||||
|
||||
For example:
|
||||
|
||||
|
||||
@@ -56,6 +56,8 @@ and shows a link to the repository on the package site (as well as a link to the
|
||||
| **read** access | public, if user is public too; otherwise for this user only | public, if org is public, otherwise for org members only |
|
||||
| **write** access | owner only | org members with admin or write access to the org |
|
||||
|
||||
Please note, that your respective package manager needs to have a [personal access token](development/api-usage.md#authentication) with the permissions `package` set to either Read or Read & Write to download and publish packages respectively.
|
||||
|
||||
N.B.: These access restrictions are [subject to change](https://github.com/go-gitea/gitea/issues/19270), where more finegrained control will be added via a dedicated organization team permission.
|
||||
|
||||
## Create or upload a package
|
||||
|
||||
Reference in New Issue
Block a user