storage: ./storage_default_storage plugins: ./plugins auth: htpasswd: file: ./htpasswd packages: '@public-anyone-can-publish/*': access: $anonymous jota_unpublish publish: $anonymous jota_unpublish unpublish: $anonymous jota_unpublish '@scope/deprecate': access: $all publish: - jota_deprecate - only_publish unpublish: - jota_deprecate - only_unpublish '@scope/starPackage': access: $all publish: jota_star unpublish: jota_star '@only-one-can-publish/*': access: jota_unpublish publish: jota_unpublish unpublish: jota_unpublish '@jquery/*': access: $all publish: $all proxy: npmjs '@scope/*': access: test publish: dsadsa proxy: npmjs '@*/*': access: $all publish: $all unpublish: $authenticated proxy: npmjs 'auth-package': access: $authenticated publish: $authenticated 'only-you-can-publish': access: $authenticated publish: you unpublish: you 'non-unpublish': access: $authenticated publish: jota_unpublish_fail # There is some conditions to keep on mind here # - If unpublish is empty, fallback with the publish value # - If the user has permissions to publish and this empty it will be allowed to unpublish # - If we want to forbid anyone to unpublish, just write here any unexisting user unpublish: some_unexisting_user_defined_here_might_be_a_hash 'only-unpublish': access: $authenticated # comment out is intended, we want to test if publish prop is not defined # publish: jota_unpublish_fail # unpublish: 'super-admin-can-unpublish': access: $authenticated publish: super_admin unpublish: super_admin 'all-can-unpublish': access: $authenticated publish: $all unpublish: $all 'forbidden-place': access: nobody publish: $all 'vue': access: $authenticated publish: $authenticated proxy: npmjs 'jquery': access: $all publish: $all proxy: npmjs '*': access: $all publish: $all unpublish: xxx proxy: npmjs logs: - { type: stdout, format: pretty, level: error }