Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Ticket tracker with patchset contributions
A basic issue tracker styled as a hybrid of GitHub and BitBucket issues.
You may attach commits to an existing ticket or you can push a single
commit to create a *proposal* ticket.
Tickets keep track of patchsets (one or more commits) and allow patchset
rewriting (rebase, amend, squash) by detecing the non-fast-forward
update and assigning a new patchset number to the new commits.
Ticket tracker
--------------
The ticket tracker stores tickets as an append-only journal of changes.
The journals are deserialized and a ticket is built by applying the
journal entries. Tickets are indexed using Apache Lucene and all
queries and searches are executed against this Lucene index.
There is one trade-off to this persistence design: user attributions are
non-relational.
What does that mean? Each journal entry stores the username of the
author. If the username changes in the user service, the journal entry
will not reflect that change because the values are hard-coded.
Here are a few reasons/justifications for this design choice:
1. commit identifications (author, committer, tagger) are non-relational
2. maintains the KISS principle
3. your favorite text editor can still be your administration tool
Persistence Choices
-------------------
**FileTicketService**: stores journals on the filesystem
**BranchTicketService**: stores journals on an orphan branch
**RedisTicketService**: stores journals in a Redis key-value datastore
It should be relatively straight-forward to develop other backends
(MongoDB, etc) as long as the journal design is preserved.
Pushing Commits
---------------
Each push to a ticket is identified as a patchset revision. A patchset
revision may add commits to the patchset (fast-forward) OR a patchset
revision may rewrite history (rebase, squash, rebase+squash, or amend).
Patchset authors should not be afraid to polish, revise, and rewrite
their code before merging into the proposed branch.
Gitblit will create one ref for each patchset. These refs are updated
for fast-forward pushes or created for rewrites. They are formatted as
`refs/tickets/{shard}/{id}/{patchset}`. The *shard* is the last two
digits of the id. If the id < 10, prefix a 0. The *shard* is always
two digits long. The shard's purpose is to ensure Gitblit doesn't
exceed any filesystem directory limits for file creation.
**Creating a Proposal Ticket**
You may create a new change proposal ticket just by pushing a **single
commit** to `refs/for/{branch}` where branch is the proposed integration
branch OR `refs/for/new` or `refs/for/default` which both will use the
default repository branch.
git push origin HEAD:refs/for/new
**Updating a Patchset**
The safe way to update an existing patchset is to push to the patchset
ref.
git push origin HEAD:refs/heads/ticket/{id}
This ensures you do not accidentally create a new patchset in the event
that the patchset was updated after you last pulled.
The not-so-safe way to update an existing patchset is to push using the
magic ref.
git push origin HEAD:refs/for/{id}
This push ref will update an exisitng patchset OR create a new patchset
if the update is non-fast-forward.
**Rebasing, Squashing, Amending**
Gitblit makes rebasing, squashing, and amending patchsets easy.
Normally, pushing a non-fast-forward update would require rewind (RW+)
repository permissions. Gitblit provides a magic ref which will allow
ticket participants to rewrite a ticket patchset as long as the ticket
is open.
git push origin HEAD:refs/for/{id}
Pushing changes to this ref allows the patchset authors to rebase,
squash, or amend the patchset commits without requiring client-side use
of the *--force* flag on push AND without requiring RW+ permission to
the repository. Since each patchset is tracked with a ref it is easy to
recover from accidental non-fast-forward updates.
Features
--------
- Ticket tracker with status changes and responsible assignments
- Patchset revision scoring mechanism
- Update/Rewrite patchset handling
- Close-on-push detection
- Server-side Merge button for simple merges
- Comments with Markdown syntax support
- Rich mail notifications
- Voting
- Mentions
- Watch lists
- Querying
- Searches
- Partial miletones support
- Multiple backend options
il y a 10 ans Ticket tracker with patchset contributions
A basic issue tracker styled as a hybrid of GitHub and BitBucket issues.
You may attach commits to an existing ticket or you can push a single
commit to create a *proposal* ticket.
Tickets keep track of patchsets (one or more commits) and allow patchset
rewriting (rebase, amend, squash) by detecing the non-fast-forward
update and assigning a new patchset number to the new commits.
Ticket tracker
--------------
The ticket tracker stores tickets as an append-only journal of changes.
The journals are deserialized and a ticket is built by applying the
journal entries. Tickets are indexed using Apache Lucene and all
queries and searches are executed against this Lucene index.
There is one trade-off to this persistence design: user attributions are
non-relational.
What does that mean? Each journal entry stores the username of the
author. If the username changes in the user service, the journal entry
will not reflect that change because the values are hard-coded.
Here are a few reasons/justifications for this design choice:
1. commit identifications (author, committer, tagger) are non-relational
2. maintains the KISS principle
3. your favorite text editor can still be your administration tool
Persistence Choices
-------------------
**FileTicketService**: stores journals on the filesystem
**BranchTicketService**: stores journals on an orphan branch
**RedisTicketService**: stores journals in a Redis key-value datastore
It should be relatively straight-forward to develop other backends
(MongoDB, etc) as long as the journal design is preserved.
Pushing Commits
---------------
Each push to a ticket is identified as a patchset revision. A patchset
revision may add commits to the patchset (fast-forward) OR a patchset
revision may rewrite history (rebase, squash, rebase+squash, or amend).
Patchset authors should not be afraid to polish, revise, and rewrite
their code before merging into the proposed branch.
Gitblit will create one ref for each patchset. These refs are updated
for fast-forward pushes or created for rewrites. They are formatted as
`refs/tickets/{shard}/{id}/{patchset}`. The *shard* is the last two
digits of the id. If the id < 10, prefix a 0. The *shard* is always
two digits long. The shard's purpose is to ensure Gitblit doesn't
exceed any filesystem directory limits for file creation.
**Creating a Proposal Ticket**
You may create a new change proposal ticket just by pushing a **single
commit** to `refs/for/{branch}` where branch is the proposed integration
branch OR `refs/for/new` or `refs/for/default` which both will use the
default repository branch.
git push origin HEAD:refs/for/new
**Updating a Patchset**
The safe way to update an existing patchset is to push to the patchset
ref.
git push origin HEAD:refs/heads/ticket/{id}
This ensures you do not accidentally create a new patchset in the event
that the patchset was updated after you last pulled.
The not-so-safe way to update an existing patchset is to push using the
magic ref.
git push origin HEAD:refs/for/{id}
This push ref will update an exisitng patchset OR create a new patchset
if the update is non-fast-forward.
**Rebasing, Squashing, Amending**
Gitblit makes rebasing, squashing, and amending patchsets easy.
Normally, pushing a non-fast-forward update would require rewind (RW+)
repository permissions. Gitblit provides a magic ref which will allow
ticket participants to rewrite a ticket patchset as long as the ticket
is open.
git push origin HEAD:refs/for/{id}
Pushing changes to this ref allows the patchset authors to rebase,
squash, or amend the patchset commits without requiring client-side use
of the *--force* flag on push AND without requiring RW+ permission to
the repository. Since each patchset is tracked with a ref it is easy to
recover from accidental non-fast-forward updates.
Features
--------
- Ticket tracker with status changes and responsible assignments
- Patchset revision scoring mechanism
- Update/Rewrite patchset handling
- Close-on-push detection
- Server-side Merge button for simple merges
- Comments with Markdown syntax support
- Rich mail notifications
- Voting
- Mentions
- Watch lists
- Querying
- Searches
- Partial miletones support
- Multiple backend options
il y a 10 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans Finer-grained repository access permissions (issue 36)
Implemented discrete repository access permissions to replace the
really primitive course-grained permissions used to this point. This
implementation allows for finer-grained access control, but still
falls short of integrated, branch-based permissions sought by some.
Access permissions follow the conventions established by Gitosis and
Gitolite so they should feel immediately comfortable to experienced
users. This permissions infrastructure is complete and works exactly as
expected. Unfortunately, there is no ui in this commit to change
permissions, that will be forthcoming. In the meantime, Gitblit
hot-reloads users.conf so the permissions can be manipulated at runtime
with a text editor.
The following per-repository permissions are now supported:
- V (view in web ui, RSS feeds, download zip)
- R (clone)
- RW (clone and push)
- RWC (clone and push with ref creation)
- RWD (clone and push with ref creation, deletion)
- RW+ (clone and push with ref creation, deletion, rewind)
And a users.conf entry looks something like this:
[user "hannibal"]
password = bossman
repository = RWD:topsecret.git
il y a 11 ans |
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595 |
- /*
- * Copyright 2011 gitblit.com.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package com.gitblit;
-
- import java.lang.annotation.Documented;
- import java.lang.annotation.Retention;
- import java.lang.annotation.RetentionPolicy;
- import java.net.URL;
- import java.util.Arrays;
- import java.util.List;
- import java.util.jar.Attributes;
- import java.util.jar.Manifest;
-
- /**
- * Constant values used by Gitblit.
- *
- * @author James Moger
- *
- */
- public class Constants {
-
- public static final String NAME = "Gitblit";
-
- public static final String FULL_NAME = "Gitblit - a pure Java Git solution";
-
- public static final String ADMIN_ROLE = "#admin";
-
- public static final String FORK_ROLE = "#fork";
-
- public static final String CREATE_ROLE = "#create";
-
- public static final String NOT_FEDERATED_ROLE = "#notfederated";
-
- public static final String NO_ROLE = "#none";
-
- public static final String EXTERNAL_ACCOUNT = "#externalAccount";
-
- public static final String PROPERTIES_FILE = "gitblit.properties";
-
- public static final String DEFAULT_USER_REPOSITORY_PREFIX = "~";
-
- public static final String R_PATH = "/r/";
-
- public static final String GIT_PATH = "/git/";
-
- public static final String ZIP_PATH = "/zip/";
-
- public static final String SYNDICATION_PATH = "/feed/";
-
- public static final String FEDERATION_PATH = "/federation/";
-
- public static final String RPC_PATH = "/rpc/";
-
- public static final String PAGES = "/pages/";
-
- public static final String SPARKLESHARE_INVITE_PATH = "/sparkleshare/";
-
- public static final String RAW_PATH = "/raw/";
-
- public static final String BRANCH_GRAPH_PATH = "/graph/";
-
- public static final String BORDER = "*****************************************************************";
-
- public static final String BORDER2 = "#################################################################";
-
- public static final String FEDERATION_USER = "$gitblit";
-
- public static final String PROPOSAL_EXT = ".json";
-
- public static final String ENCODING = "UTF-8";
-
- public static final int LEN_SHORTLOG = 78;
-
- public static final int LEN_SHORTLOG_REFS = 60;
-
- public static final String DEFAULT_BRANCH = "default";
-
- public static final String CONFIG_GITBLIT = "gitblit";
-
- public static final String CONFIG_CUSTOM_FIELDS = "customFields";
-
- public static final String ISO8601 = "yyyy-MM-dd'T'HH:mm:ssZ";
-
- public static final String baseFolder = "baseFolder";
-
- public static final String baseFolder$ = "${" + baseFolder + "}";
-
- public static final String contextFolder$ = "${contextFolder}";
-
- public static final String HEAD = "HEAD";
-
- public static final String R_META = "refs/meta/";
-
- public static final String R_HEADS = "refs/heads/";
-
- public static final String R_NOTES = "refs/notes/";
-
- public static final String R_CHANGES = "refs/changes/";
-
- public static final String R_PULL = "refs/pull/";
-
- public static final String R_TAGS = "refs/tags/";
-
- public static final String R_REMOTES = "refs/remotes/";
-
- public static final String R_FOR = "refs/for/";
-
- public static final String R_TICKET = "refs/heads/ticket/";
-
- public static final String R_TICKETS_PATCHSETS = "refs/tickets/";
-
- public static String getVersion() {
- String v = Constants.class.getPackage().getImplementationVersion();
- if (v == null) {
- return "0.0.0-SNAPSHOT";
- }
- return v;
- }
-
- public static String getGitBlitVersion() {
- return NAME + " v" + getVersion();
- }
-
- public static String getBuildDate() {
- return getManifestValue("build-date", "PENDING");
- }
-
- private static String getManifestValue(String attrib, String defaultValue) {
- Class<?> clazz = Constants.class;
- String className = clazz.getSimpleName() + ".class";
- String classPath = clazz.getResource(className).toString();
- if (!classPath.startsWith("jar")) {
- // Class not from JAR
- return defaultValue;
- }
- try {
- String manifestPath = classPath.substring(0, classPath.lastIndexOf("!") + 1) + "/META-INF/MANIFEST.MF";
- Manifest manifest = new Manifest(new URL(manifestPath).openStream());
- Attributes attr = manifest.getMainAttributes();
- String value = attr.getValue(attrib);
- return value;
- } catch (Exception e) {
- }
- return defaultValue;
- }
-
- /**
- * Enumeration representing the four access restriction levels.
- */
- public static enum AccessRestrictionType {
- NONE, PUSH, CLONE, VIEW;
-
- private static final AccessRestrictionType [] AUTH_TYPES = { PUSH, CLONE, VIEW };
-
- public static AccessRestrictionType fromName(String name) {
- for (AccessRestrictionType type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return NONE;
- }
-
- public static List<AccessRestrictionType> choices(boolean allowAnonymousPush) {
- if (allowAnonymousPush) {
- return Arrays.asList(values());
- }
- return Arrays.asList(AUTH_TYPES);
- }
-
- public boolean exceeds(AccessRestrictionType type) {
- return this.ordinal() > type.ordinal();
- }
-
- public boolean atLeast(AccessRestrictionType type) {
- return this.ordinal() >= type.ordinal();
- }
-
- @Override
- public String toString() {
- return name();
- }
-
- public boolean isValidPermission(AccessPermission permission) {
- switch (this) {
- case VIEW:
- // VIEW restriction
- // all access permissions are valid
- return true;
- case CLONE:
- // CLONE restriction
- // only CLONE or greater access permissions are valid
- return permission.atLeast(AccessPermission.CLONE);
- case PUSH:
- // PUSH restriction
- // only PUSH or greater access permissions are valid
- return permission.atLeast(AccessPermission.PUSH);
- case NONE:
- // NO access restriction
- // all access permissions are invalid
- return false;
- }
- return false;
- }
- }
-
- /**
- * Enumeration representing the types of authorization control for an
- * access restricted resource.
- */
- public static enum AuthorizationControl {
- AUTHENTICATED, NAMED;
-
- public static AuthorizationControl fromName(String name) {
- for (AuthorizationControl type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return NAMED;
- }
-
- @Override
- public String toString() {
- return name();
- }
- }
-
-
- /**
- * Enumeration representing the types of federation tokens.
- */
- public static enum FederationToken {
- ALL, USERS_AND_REPOSITORIES, REPOSITORIES;
-
- public static FederationToken fromName(String name) {
- for (FederationToken type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return REPOSITORIES;
- }
-
- @Override
- public String toString() {
- return name();
- }
- }
-
- /**
- * Enumeration representing the types of federation requests.
- */
- public static enum FederationRequest {
- POKE, PROPOSAL, PULL_REPOSITORIES, PULL_USERS, PULL_TEAMS, PULL_SETTINGS, PULL_SCRIPTS, STATUS;
-
- public static FederationRequest fromName(String name) {
- for (FederationRequest type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return PULL_REPOSITORIES;
- }
-
- @Override
- public String toString() {
- return name();
- }
- }
-
- /**
- * Enumeration representing the statii of federation requests.
- */
- public static enum FederationPullStatus {
- PENDING, FAILED, SKIPPED, PULLED, MIRRORED, NOCHANGE, EXCLUDED;
-
- public static FederationPullStatus fromName(String name) {
- for (FederationPullStatus type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return PENDING;
- }
-
- @Override
- public String toString() {
- return name();
- }
- }
-
- /**
- * Enumeration representing the federation types.
- */
- public static enum FederationStrategy {
- EXCLUDE, FEDERATE_THIS, FEDERATE_ORIGIN;
-
- public static FederationStrategy fromName(String name) {
- for (FederationStrategy type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return FEDERATE_THIS;
- }
-
- public boolean exceeds(FederationStrategy type) {
- return this.ordinal() > type.ordinal();
- }
-
- public boolean atLeast(FederationStrategy type) {
- return this.ordinal() >= type.ordinal();
- }
-
- @Override
- public String toString() {
- return name();
- }
- }
-
- /**
- * Enumeration representing the possible results of federation proposal
- * requests.
- */
- public static enum FederationProposalResult {
- ERROR, FEDERATION_DISABLED, MISSING_DATA, NO_PROPOSALS, NO_POKE, ACCEPTED;
-
- @Override
- public String toString() {
- return name();
- }
- }
-
- /**
- * Enumeration representing the possible remote procedure call requests from
- * a client.
- */
- public static enum RpcRequest {
- // Order is important here. anything after LIST_SETTINGS requires
- // administrator privileges and web.allowRpcManagement.
- CLEAR_REPOSITORY_CACHE, REINDEX_TICKETS, GET_PROTOCOL, LIST_REPOSITORIES, LIST_BRANCHES, GET_USER,
- FORK_REPOSITORY, LIST_SETTINGS,
- CREATE_REPOSITORY, EDIT_REPOSITORY, DELETE_REPOSITORY,
- LIST_USERS, CREATE_USER, EDIT_USER, DELETE_USER,
- LIST_TEAMS, CREATE_TEAM, EDIT_TEAM, DELETE_TEAM,
- LIST_REPOSITORY_MEMBERS, SET_REPOSITORY_MEMBERS, LIST_REPOSITORY_TEAMS, SET_REPOSITORY_TEAMS,
- LIST_REPOSITORY_MEMBER_PERMISSIONS, SET_REPOSITORY_MEMBER_PERMISSIONS, LIST_REPOSITORY_TEAM_PERMISSIONS, SET_REPOSITORY_TEAM_PERMISSIONS,
- LIST_FEDERATION_REGISTRATIONS, LIST_FEDERATION_RESULTS, LIST_FEDERATION_PROPOSALS, LIST_FEDERATION_SETS,
- EDIT_SETTINGS, LIST_STATUS;
-
- public static RpcRequest fromName(String name) {
- for (RpcRequest type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return null;
- }
-
- public boolean exceeds(RpcRequest type) {
- return this.ordinal() > type.ordinal();
- }
-
- @Override
- public String toString() {
- return name();
- }
- }
-
- /**
- * Enumeration of the search types.
- */
- public static enum SearchType {
- AUTHOR, COMMITTER, COMMIT;
-
- public static SearchType forName(String name) {
- for (SearchType type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return COMMIT;
- }
-
- @Override
- public String toString() {
- return name().toLowerCase();
- }
- }
-
- /**
- * Enumeration of the feed content object types.
- */
- public static enum FeedObjectType {
- COMMIT, TAG;
-
- public static FeedObjectType forName(String name) {
- for (FeedObjectType type : values()) {
- if (type.name().equalsIgnoreCase(name)) {
- return type;
- }
- }
- return COMMIT;
- }
-
- @Override
- public String toString() {
- return name().toLowerCase();
- }
- }
-
- /**
- * The types of objects that can be indexed and queried.
- */
- public static enum SearchObjectType {
- commit, blob;
-
- public static SearchObjectType fromName(String name) {
- for (SearchObjectType value : values()) {
- if (value.name().equals(name)) {
- return value;
- }
- }
- return null;
- }
- }
-
- /**
- * The access permissions available for a repository.
- */
- public static enum AccessPermission {
- NONE("N"), EXCLUDE("X"), VIEW("V"), CLONE("R"), PUSH("RW"), CREATE("RWC"), DELETE("RWD"), REWIND("RW+"), OWNER("RW+");
-
- public static final AccessPermission [] NEWPERMISSIONS = { EXCLUDE, VIEW, CLONE, PUSH, CREATE, DELETE, REWIND };
-
- public static final AccessPermission [] SSHPERMISSIONS = { VIEW, CLONE, PUSH };
-
- public static AccessPermission LEGACY = REWIND;
-
- public final String code;
-
- private AccessPermission(String code) {
- this.code = code;
- }
-
- public boolean atMost(AccessPermission perm) {
- return ordinal() <= perm.ordinal();
- }
-
- public boolean atLeast(AccessPermission perm) {
- return ordinal() >= perm.ordinal();
- }
-
- public boolean exceeds(AccessPermission perm) {
- return ordinal() > perm.ordinal();
- }
-
- public String asRole(String repository) {
- return code + ":" + repository;
- }
-
- @Override
- public String toString() {
- return code;
- }
-
- public static AccessPermission permissionFromRole(String role) {
- String [] fields = role.split(":", 2);
- if (fields.length == 1) {
- // legacy/undefined assume full permissions
- return AccessPermission.LEGACY;
- } else {
- // code:repository
- return AccessPermission.fromCode(fields[0]);
- }
- }
-
- public static String repositoryFromRole(String role) {
- String [] fields = role.split(":", 2);
- if (fields.length == 1) {
- // legacy/undefined assume full permissions
- return role;
- } else {
- // code:repository
- return fields[1];
- }
- }
-
- public static AccessPermission fromCode(String code) {
- for (AccessPermission perm : values()) {
- if (perm.code.equalsIgnoreCase(code)) {
- return perm;
- }
- }
- return AccessPermission.NONE;
- }
- }
-
- public static enum RegistrantType {
- REPOSITORY, USER, TEAM;
- }
-
- public static enum PermissionType {
- MISSING, ANONYMOUS, EXPLICIT, TEAM, REGEX, OWNER, ADMINISTRATOR;
- }
-
- public static enum GCStatus {
- READY, COLLECTING;
-
- public boolean exceeds(GCStatus s) {
- return ordinal() > s.ordinal();
- }
- }
-
- public static enum AuthenticationType {
- PUBLIC_KEY, CREDENTIALS, COOKIE, CERTIFICATE, CONTAINER;
-
- public boolean isStandard() {
- return ordinal() <= COOKIE.ordinal();
- }
- }
-
- public static enum AccountType {
- LOCAL, EXTERNAL, CONTAINER, LDAP, REDMINE, SALESFORCE, WINDOWS, PAM, HTPASSWD;
-
- public static AccountType fromString(String value) {
- for (AccountType type : AccountType.values()) {
- if (type.name().equalsIgnoreCase(value)) {
- return type;
- }
- }
- return AccountType.LOCAL;
- }
-
- public boolean isLocal() {
- return this == LOCAL;
- }
- }
-
- public static enum CommitMessageRenderer {
- PLAIN, MARKDOWN;
-
- public static CommitMessageRenderer fromName(String name) {
- for (CommitMessageRenderer renderer : values()) {
- if (renderer.name().equalsIgnoreCase(name)) {
- return renderer;
- }
- }
- return CommitMessageRenderer.PLAIN;
- }
- }
-
- public static enum Transport {
- // ordered for url advertisements, assuming equal access permissions
- SSH, HTTPS, HTTP, GIT;
-
- public static Transport fromString(String value) {
- for (Transport t : values()) {
- if (t.name().equalsIgnoreCase(value)) {
- return t;
- }
- }
- return null;
- }
-
- public static Transport fromUrl(String url) {
- int delim = url.indexOf("://");
- if (delim == -1) {
- // if no protocol is specified, SSH is assumed by git clients
- return SSH;
- }
- String scheme = url.substring(0, delim);
- return fromString(scheme);
- }
- }
-
- @Documented
- @Retention(RetentionPolicy.RUNTIME)
- public @interface Unused {
- }
- }
|