setPostReceiveHook(this);\r
}\r
\r
+ /**\r
+ * Returns true if the user is permitted to apply the receive commands to\r
+ * the repository.\r
+ *\r
+ * @param commands\r
+ * @return true if the user may push these commands\r
+ */\r
+ protected boolean canPush(Collection<ReceiveCommand> commands) {\r
+ // TODO Consider supporting branch permissions here (issue-36)\r
+ // Not sure if that should be Gerrit-style, refs/meta/config, or\r
+ // gitolite-style, permissions in users.conf\r
+ //\r
+ // How could commands be empty?\r
+ //\r
+ // Because a subclass, like PatchsetReceivePack, filters receive\r
+ // commands before this method is called. This makes it possible for\r
+ // this method to test an empty list. In this case, we assume that the\r
+ // subclass receive pack properly enforces push restrictions. for the\r
+ // ref.\r
+ //\r
+ // The empty test is not explicitly required, it's written here to\r
+ // clarify special-case behavior.\r
+\r
+ return commands.isEmpty() ? true : user.canPush(repository);\r
+ }\r
+\r
/**\r
* Instrumentation point where the incoming push event has been parsed,\r
* validated, objects created BUT refs have not been updated. You might\r
return;\r
}\r
\r
- if (!user.canPush(repository)) {\r
+ if (!canPush(commands)) {\r
// user does not have push permissions\r
for (ReceiveCommand cmd : commands) {\r
sendRejection(cmd, "User \"{0}\" does not have push permissions for \"{1}\"!", user.username, repository.name);\r
projects / gitblit.git / commitdiff