--- /dev/null
+/*
+ * Copyright 2011 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import com.gitblit.GitBlit
+import com.gitblit.models.RepositoryModel
+import com.gitblit.models.UserModel
+
+import org.eclipse.jgit.transport.ReceiveCommand
+import org.eclipse.jgit.transport.ReceiveCommand.Result
+import org.eclipse.jgit.transport.ReceiveCommand.Type
+import org.slf4j.Logger
+
+/**
+ * Sample Gitblit Pre-Receive Hook: protect-refs
+ *
+ * This script provides basic authorization for receive command types for a list
+ * of known ref patterns. Command types and unmatched ref patterns will be
+ * ignored, meaning this script has an "allow by default" policy.
+ *
+ * This script works best when a repository requires authentication on push, but
+ * can be used to enforce fast-forward commits or prohibit ref deletion by
+ * setting the authorizedTeams variable to an empty list.
+ *
+ * The Pre-Receive hook is executed after an incoming push has been parsed,
+ * validated, and objects have been written but BEFORE the refs are updated.
+ * This is the appropriate point to block a push for some reason.
+ *
+ * This script is only executed when pushing to *Gitblit*, not to other Git
+ * tooling you may be using.
+ *
+ * If this script is specified in *groovy.preReceiveScripts* of gitblit.properties
+ * or web.xml then it will be executed by any repository when it receives a
+ * push. If you choose to share your script then you may have to consider
+ * tailoring control-flow based on repository access restrictions.
+ *
+ * Scripts may also be specified per-repository in the repository settings page.
+ * Shared scripts will be excluded from this list of available scripts.
+ *
+ * This script is dynamically reloaded and it is executed within it's own
+ * exception handler so it will not crash another script nor crash Gitblit.
+ *
+ * If you want this hook script to fail and abort all subsequent scripts in the
+ * chain, "return false" at the appropriate failure points.
+ *
+ * Bound Variables:
+ * gitblit Gitblit Server com.gitblit.GitBlit
+ * repository Gitblit Repository com.gitblit.models.RepositoryModel
+ * user Gitblit User com.gitblit.models.UserModel
+ * commands JGit commands Collection<org.eclipse.jgit.transport.ReceiveCommand>
+ * url Base url for Gitblit String
+ * logger Logger instance org.slf4j.Logger
+ *
+ */
+
+def protectedCmds = [ Type.UPDATE_NONFASTFORWARD, Type.DELETE ]
+def protectedRefs = [ "refs/heads/master", "refs/tags/.+" ]
+def authorizedTeams = [ "admins" ]
+def blocked = false
+
+for (ReceiveCommand command : commands) {
+ def updateType = command.type
+ def updatedRef = command.refName
+
+ // find first regex which matches updated ref
+ def protectedRef = protectedRefs.find { updatedRef.matches ~it }
+
+ // ...and check if command type requires authz check
+ if (protectedRef && updateType in protectedCmds) {
+
+ // verify user is a member of any authorized team
+ def team = authorizedTeams.find { user.isTeamMember it }
+ if (team) {
+ logger.info "authorized ${command} for ${team} member ${user.username}"
+ } else {
+ command.setResult(Result.REJECTED_OTHER_REASON, "${user.username} cannot ${updateType} protected ref ${repository.name}:${updatedRef} (matched pattern ${protectedRef})")
+ blocked = true
+ }
+ }
+}
+
+if (blocked) {
+ // return false to break the push hook chain
+ return false
+}
\ No newline at end of file
projects / gitblit.git / commitdiff