Promotions permission control

As I understand from documentation, code promotion are allowed to anyone with git repository push permission.
To restrict promotion right only to chosen users, administrator can use Drone extension, like this one Promote auth extension.

But, as I suggest, this is widely used/required feature and it will be great if you implement it in core server code.

It can be done by adding to repository settings in Web UI the field where repository administrator can add usernames for whom promotions are allowed.

Or probably it can be defined in pipeline
Something like this

trigger:
  event:
  - promote
  target:
  - production
  allowed: [user1, user2, user3]

And Drone server when executes this pipeline, check if current user is in the list. And if not - hide ‘Deploy’ button in Web UI and return error message if user run pipeline from command line.

We recommend all new features start as extensions for two reasons. First, it give the community an opportunity to iterate on the feature, ensure all major use cases are handled, and ensure there are no glaring edge cases in the design. Second, it gives us a chance to gauge community interest to determine whether or not the solution should be bundled in Drone core or should be left as an extension.

This particular feature (and extension) are relatively new and I think they would benefit from more iteration and community feedback.