Update docs

doc/authenticator.md

@@ -0,0 +1,58 @@
+Authentication in Controller
+========
+GitBucket provides many [authenticators](https://github.com/gitbucket/gitbucket/blob/master/src/main/scala/gitbucket/core/util/Authenticator.scala) to access controlling in the controller.
+
+For example, in the case of `RepositoryViwerController`,
+it references three authenticators, `ReadableUsersAuthenticator`, `ReferrerAuthenticator` and `CollaboratorsAuthenticator`:
+
+```scala
+class RepositoryViewerController extends RepositoryViewerControllerBase
+  with RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
+  with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+  with WebHookPullRequestService with WebHookPullRequestReviewCommentService
+
+trait RepositoryViewerControllerBase extends ControllerBase {
+  self: RepositoryService with AccountService with ActivityService with IssuesService with WebHookService with CommitsService
+    with ReadableUsersAuthenticator with ReferrerAuthenticator with CollaboratorsAuthenticator with PullRequestService with CommitStatusService
+    with WebHookPullRequestService with WebHookPullRequestReviewCommentService =>
+
+  ...
+```
+
+- `ReadableUsersAuthenticator` provides `readableUsersOnly` method
+- `ReferrerAuthenticator` provides `referrersOnly` method
+- `CollaboratorsAuthenticator` provides `collaboratorsOnly` method
+
+These methods are available in each actions as below:
+
+```scala
+// Allows only the repository owner (or manager for group repository) and administrators.
+get("/:owner/:repository/tree/*")(referrersOnly { repository =>
+  ...
+})
+
+// Allows only collaborators and administrators.
+get("/:owner/:repository/new/*")(collaboratorsOnly { repository =>
+  ...
+})
+
+// Allows only signed in users which can access the repository.
+post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) =>
+  ...
+})
+```
+
+Currently, GitBucket provides below authenticators:
+
+|Trait                     | Method          | Description                                                                          |
+|--------------------------|-----------------|--------------------------------------------------------------------------------------|
+|OneselfAuthenticator      |oneselfOnly      |Allows only oneself and administrators.                                               |
+|OwnerAuthenticator        |ownerOnly        |Allows only the repository owner and administrators.                                  |
+|UsersAuthenticator        |usersOnly        |Allows only signed in users.                                                          |
+|AdminAuthenticator        |adminOnly        |Allows only administrators.                                                           |
+|CollaboratorsAuthenticator|collaboratorsOnly|Allows only collaborators and administrators.                                         |
+|ReferrerAuthenticator     |referrersOnly    |Allows only the repository owner (or manager for group repository) and administrators.|
+|ReadableUsersAuthenticator|readableUsersOnly|Allows only signed in users which can access the repository.                          |
+|GroupManagerAuthenticator |managersOnly     |Allows only the group managers.                                                       |
+
+Of course, if you make a new plugin, you can define a your own authenticator according to requirement in your plugin.

doc/readme.md

@@ -3,7 +3,7 @@ Developer's Guide
  * [How to run from source tree](how_to_run.md)
  * [Directory Structure](directory.md)
  * [Mapping and Validation](validation.md)
- * Authentication in Controller (not yet)
+ * [Authentication in Controller](authenticator.md)
  * [About Action in Issue Comment](comment_action.md)
  * [Activity Types](activity.md)
  * [Notification Email](notification.md)