| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
page (issue-173)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Present the mutable permissions by default. Allow the administrator or
owner to toggle the displayed permissions to see how the user
and team permissions are applied to a repository.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Also hooked-up GC settings in the Manager.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The order of permissions defined within a user or team is preserved
during read and write. This order is important for determining the
regex match used within the user or team object.
If the user is an admin or repository owner, then RW+
Else if user has an explicit permission, use that
Else check for the first regex match in user permissions
Else check for the HIGHEST permission from team memberships
If the team is an admin team, then RW+
Else if a team has an explicit permission, use that
Else check for the first regex match in team permissions
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If this feature is enabled then permitted users can automatically create a
repository when pushing to one that does not yet exist. Permitted users
are administrators and any user with the CREATE role.
If the pushing account is an administrator, the created repository may be
located in any folder/project space. This reposiory will inherit the server's
default access restriction and authorization control. The repository owner
will be the pushing account.
If the pushing account is a regular user with the CREATE role, the repository
can only be located in the account's personal folder (~username/myrepo.git).
This repository will be VIEW restricted and accessible by NAMED users. The
repository owner will be the pushing account.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are now three new targets on the ANT build:
- buildJAR: creates a GitBlit JAR including the GitBlit biz logic
- installMaven: install GitBlit JAR as Maven module
- uploadMaven: uploads GitBlit JAR to a Maven repository
Additional extensions have been made to allow:
a) GitBlit to load his resources outside of Wicket domain
b) GitBlit to use an injected UserService
c) Generic authentication of HTTP Request using 3rd party logic
d) Load settings programmatically from an InputStream
e) Use cookie authentication OR generic HTTP Request
authentication for Wicket pages
f) UserModel with branch-level security logic
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The fork mechanism clones the repository , access restrictions, and
other config options. The app has been updated throughout to handle
personal repositories and to properly display origin/fork links.
In order to fork a repository the user account must have the #fork role,
the origin repository must permit forking, and the user account must
have standard clone permissions to the repository.
Because forking introduces a new user role no existing user accounts can
automatically begin forking a repository. This is both a pro and a con.
Since the fork has the same access restrictions as the origin repository,
those who can access the origin may also access the fork. This is intentional
to facilitate integration-manager workflow. The fork owner does have the
power to completely change the access restrictions of his/her fork.
|
| | |
|
| |
|
|
|
|
| |
This is an in-progress feature to offer an interface for grouped
repositories. This may help installations with large numbers of
repositories stay organized. It also will be part of a future,
more advanced security model.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
TimeUtils needs to output localized strings like "5 days ago" and "6 months". In order to do this it needs a translation resource. Additionally, that resource can not be static because the single Gitblit server can handle multiple connections in different locales/languages.
TimeUtils has changed from a collection of static methods to some static methods and some instance methods. A TimeUtils is instantiated with an optional resource bundle which contains the preferred translation. If the resourec bundle is null or the requested translation key does not exist, an English default will be used.
This change required adjusting the signatures of several key methods and that cascaded out to adjusting those methods calls in many, many classes.
|
