Change-Id: I3460c9c0eeb32503d58325fd09793a0cd40aa2c4tags/v1.4.0
@@ -23,9 +23,11 @@ r20: { | |||
- Added branch graph image servlet based on EGit's branch graph renderer (issue-194) | |||
- Added option to render Markdown commit messages (issue-203) | |||
- Added setting to control creating a repository as --shared on Unix servers (issue-263) | |||
- Added setting to globally disable anonymous pushes in the receive pack | |||
dependencyChanges: ~ | |||
settings: | |||
- { name: 'git.createRepositoriesShared', defaultValue: 'false' } | |||
- { name: 'git.allowAnonymousPushes', defaultValue: 'true' } | |||
- { name: 'web.commitMessageRenderer', defaultValue: 'plain' } | |||
- { name: 'web.showBranchGraph', defaultValue: 'true' } | |||
contributors: |
@@ -145,6 +145,18 @@ git.onlyAccessBareRepositories = false | |||
# SINCE 1.2.0 | |||
git.allowCreateOnPush = true | |||
# Global setting to control anonymous pushes. | |||
# | |||
# This setting allows/rejects anonymous pushes at the level of the receive pack. | |||
# This trumps all repository config settings. While anonymous pushes are convenient | |||
# on your own box when you are a lone developer, they are not recommended for | |||
# any multi-user installation where accountability is required. Since Gitblit | |||
# tracks pushes and user accounts, allowing anonymous pushes compromises that | |||
# information. | |||
# | |||
# SINCE 1.4.0 | |||
git.allowAnonymousPushes = true | |||
# The default access restriction for new repositories. | |||
# Valid values are NONE, PUSH, CLONE, VIEW | |||
# NONE = anonymous view, clone, & push |
@@ -19,6 +19,8 @@ import java.lang.annotation.Documented; | |||
import java.lang.annotation.Retention; | |||
import java.lang.annotation.RetentionPolicy; | |||
import java.net.URL; | |||
import java.util.Arrays; | |||
import java.util.List; | |||
import java.util.jar.Attributes; | |||
import java.util.jar.Manifest; | |||
@@ -148,6 +150,8 @@ public class Constants { | |||
*/ | |||
public static enum AccessRestrictionType { | |||
NONE, PUSH, CLONE, VIEW; | |||
private static final AccessRestrictionType [] AUTH_TYPES = { PUSH, CLONE, VIEW }; | |||
public static AccessRestrictionType fromName(String name) { | |||
for (AccessRestrictionType type : values()) { | |||
@@ -157,6 +161,13 @@ public class Constants { | |||
} | |||
return NONE; | |||
} | |||
public static List<AccessRestrictionType> choices(boolean allowAnonymousPush) { | |||
if (allowAnonymousPush) { | |||
return Arrays.asList(values()); | |||
} | |||
return Arrays.asList(AUTH_TYPES); | |||
} | |||
public boolean exceeds(AccessRestrictionType type) { | |||
return this.ordinal() > type.ordinal(); |
@@ -27,6 +27,7 @@ import org.slf4j.Logger; | |||
import org.slf4j.LoggerFactory; | |||
import com.gitblit.GitBlit; | |||
import com.gitblit.Keys; | |||
import com.gitblit.models.RepositoryModel; | |||
import com.gitblit.models.UserModel; | |||
import com.gitblit.utils.HttpUtils; | |||
@@ -80,8 +81,7 @@ public class GitblitReceivePackFactory<X> implements ReceivePackFactory<X> { | |||
timeout = client.getDaemon().getTimeout(); | |||
} | |||
// TODO make this a setting | |||
boolean allowAnonymousPushes = true; | |||
boolean allowAnonymousPushes = GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true); | |||
if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) { | |||
// prohibit anonymous pushes | |||
throw new ServiceNotEnabledException(); |
@@ -417,8 +417,8 @@ public class EditRepositoryPage extends RootSubPage { | |||
form.add(new TextField<String>("description")); | |||
form.add(ownersPalette); | |||
form.add(new CheckBox("allowForks").setEnabled(GitBlit.getBoolean(Keys.web.allowForking, true))); | |||
DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction", Arrays | |||
.asList(AccessRestrictionType.values()), new AccessRestrictionRenderer()); | |||
DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction", | |||
AccessRestrictionType.choices(GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true)), new AccessRestrictionRenderer()); | |||
form.add(accessRestriction); | |||
form.add(new CheckBox("isFrozen")); | |||
// TODO enable origin definition |