From 44f6238fd5fe7675e7de43f4a42d1f7dabcfee4e Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 27 Nov 2012 17:01:59 -0500
Subject: [PATCH] Tweak to GCA config, fix send mail prompts, added authority.cmd

---
 docs/01_setup.mkd |   25 +++++++++++++++++++++----
 1 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/docs/01_setup.mkd b/docs/01_setup.mkd
index a9ce767..c19f7fb 100644
--- a/docs/01_setup.mkd
+++ b/docs/01_setup.mkd
@@ -264,9 +264,28 @@
 
 #### Discrete Permissions with Regex Matching (Gitblit v1.2.0+)
 
-Gitblit also supports regex matching for repository permissions.  The following permission grants push privileges to all repositories in the *mygroup* folder.
+Gitblit also supports *case-insensitive* regex matching for repository permissions.  The following permission grants push privileges to all repositories in the *mygroup* folder.
 
-    RW:mygroup/[A-Za-z0-9-~_\\./]+
+    RW:mygroup/.*
+
+##### Exclusions
+
+When using regex matching it may also be useful to exclude specific repositories or to exclude regex repository matches.  You may specify the **X** permission for exclusion.  The following example grants clone permission to all repositories except the repositories in mygroup.  The user/team will have no access whatsoever to these repositories.
+
+    X:mygroup/.*
+    R:.*
+
+##### Order is Important
+
+The preceding example should suggest that order of permissions is important with regex matching.  Here are the rules for determining the permission that is applied to a repository request:
+
+1. If the user is an admin or repository owner, then RW+
+2. Else if user has an explicit permission, use that
+3. Else check for the first regex match in user permissions
+4. Else check for the HIGHEST permission from team memberships
+    1. If the team is an admin team, then RW+
+    2. Else if a team has an explicit permission, use that
+    3. Else check for the first regex match in team permissions
 
 #### No-So-Discrete Permissions (Gitblit <= v1.1.0)
 
@@ -276,8 +295,6 @@
 2. **RW+** for any permitted user
 
 #### Committer Verification
-
-<span class='label label-warning'>Experimental</span>
 
 You may optionally enable committer verification which requires that each commit be committed by the authenticated user pushing the commits.  i.e. If Bob is pushing the commits, Bob **must** be the committer of those commits.
 

--
Gitblit v1.9.1