--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/configuring-access	Sat Mar 07 09:31:06 2009 +0000
@@ -0,0 +1,47 @@
+ACCESS.CONF
+
+Out of the box, there are just two kinds of users: the ones with keys in
+"keys/root" and those in "keys/users". However, you can change this by editing
+"access.conf". There are two "access.conf" files, one in
+"/etc/mercurial-server" and one in "hgadmin"; the two are simply concatenated
+before being read.
+
+Each line of access.conf has the following syntax:
+
+<rule> <condition> <condition> ...
+
+Rule is one of
+
+init - allow any operation, including the creation of new repositories
+write - allow reads and writes to this file in this repository
+read - allow the repo to be read but reject matching writes
+deny - deny all requests
+
+A condition is a globpattern matched against a relative path. The two most
+important conditions are
+
+    user=<globpattern> - user's key
+    repo=<globpattern> - repo (as the user supplies it)
+
+The first rule in the file which has all its conditions satisfied is used to
+determine whether an action is allowed.
+
+Paths cannot contain any special characters except "/"; glob patterns cannot
+contain any special characters except "/" and "*". "*" matches zero or more
+characters not including "/" while "**" matches zero or more characters
+including "/".
+
+Blank lines and lines that start with "#" are ignored.
+
+access.conf ships with the following contents:
+
+    init user=root/**
+    deny repo=hgadmin
+    write user=users/**
+
+This means: keys in "root" can do anything; keys in "users" cannot create
+repositories, cannot even read the hgadmin repository, but can read and write
+any other repository; no other key has any access.
+
+More advanced access configuration is covered in file-conditions.
+