mirrors
/
gitblit
mirror of https://github.com/gitblit/gitblit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 43 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
726 Commits
11 Branches
Tree: 1ab5b30813
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1ab5b30813'
${ noResults }
gitblit/groovy/protect-refs.groovy

protect-refs.groovy 4.5KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 
  1. /*

  2.  * Copyright 2012 Philip L. McMahon.

  3.  *

  4.  * Derived from blockpush.groovy, copyright 2011 gitblit.com.

  5.  *

  6.  * Licensed under the Apache License, Version 2.0 (the "License");

  7.  * you may not use this file except in compliance with the License.

  8.  * You may obtain a copy of the License at

  9.  *

  10.  *     http://www.apache.org/licenses/LICENSE-2.0

  11.  *

  12.  * Unless required by applicable law or agreed to in writing, software

  13.  * distributed under the License is distributed on an "AS IS" BASIS,

  14.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  15.  * See the License for the specific language governing permissions and

  16.  * limitations under the License.

  17.  */

  18. import com.gitblit.GitBlit

  19. import com.gitblit.models.RepositoryModel

  20. import com.gitblit.models.UserModel

  21. 

  22. import org.eclipse.jgit.transport.ReceiveCommand

  23. import org.eclipse.jgit.transport.ReceiveCommand.Result

  24. import org.slf4j.Logger

  25. 

  26. /**

  27.  * Sample Gitblit Pre-Receive Hook: protect-refs

  28.  * 

  29.  * This script provides basic authorization of receive command types for a list

  30.  * of known ref patterns. Command types and unmatched ref patterns will be

  31.  * ignored, meaning this script has an "allow by default" policy.

  32.  *

  33.  * This script works best when a repository requires authentication on push, but

  34.  * can be used to enforce fast-forward commits or prohibit ref deletion by

  35.  * setting the *authorizedTeams* variable to an empty list and adding a ".+"

  36.  * entry to the *protectedRefs* list.

  37.  *

  38.  * The Pre-Receive hook is executed after an incoming push has been parsed,

  39.  * validated, and objects have been written but BEFORE the refs are updated.

  40.  * This is the appropriate point to block a push for some reason.

  41.  *

  42.  * This script is only executed when pushing to *Gitblit*, not to other Git

  43.  * tooling you may be using.

  44.  * 

  45.  * If this script is specified in *groovy.preReceiveScripts* of gitblit.properties

  46.  * or web.xml then it will be executed by any repository when it receives a

  47.  * push.  If you choose to share your script then you may have to consider

  48.  * tailoring control-flow based on repository access restrictions.

  49.  * 

  50.  * Scripts may also be specified per-repository in the repository settings page.

  51.  * Shared scripts will be excluded from this list of available scripts.

  52.  *

  53.  * This script is dynamically reloaded and it is executed within it's own

  54.  * exception handler so it will not crash another script nor crash Gitblit.

  55.  * 

  56.  * This script may reject one or more commands, but will never return false.

  57.  * Subsequent scripts, if any, will always be invoked.

  58.  *

  59.  * Bound Variables:

  60.  *  gitblit			Gitblit Server	 			com.gitblit.GitBlit

  61.  *  repository		Gitblit Repository			com.gitblit.models.RepositoryModel

  62.  *  user			Gitblit User				com.gitblit.models.UserModel

  63.  *  commands		JGit commands 				Collection<org.eclipse.jgit.transport.ReceiveCommand>

  64.  *	url				Base url for Gitblit		String

  65.  *  logger			Logs messages to Gitblit 	org.slf4j.Logger

  66.  *  clientLogger	Logs messages to Git client	com.gitblit.utils.ClientLogger

  67.  *

  68.  * Accessing Gitblit Custom Fields:

  69.  *   def myCustomField = repository.customFields.myCustomField

  70.  *  

  71.  */

  72. 

  73. // map of protected command types to returned results type

  74. // commands not included will skip authz check

  75. def protectedCmds = [

  76. 	UPDATE_NONFASTFORWARD:	Result.REJECTED_NONFASTFORWARD,

  77. 	DELETE:					Result.REJECTED_NODELETE

  78. ]

  79. 

  80. // list of regex patterns for protected refs

  81. def protectedRefs = [

  82. 	"refs/heads/master",

  83. 	"refs/tags/.+"

  84. ]

  85. 

  86. // teams which are authorized to perform protected commands on protected refs

  87. def authorizedTeams = [ "admins" ]

  88. 

  89. for (ReceiveCommand command : commands) {

  90. 	def updateType = command.type

  91. 	def updatedRef = command.refName

  92. 	

  93. 	// find first regex which matches updated ref, if any

  94. 	def refPattern = protectedRefs.find { updatedRef.matches ~it }

  95. 	

  96. 	// find rejection result for update type, if any

  97. 	def result = protectedCmds[updateType.name()]

  98. 	

  99. 	// command requires authz if ref is protected and has a mapped rejection result

  100. 	if (refPattern && result) {

  101. 	

  102. 		// verify user is a member of any authorized team

  103. 		def team = authorizedTeams.find { user.isTeamMember it }

  104. 		if (team) {

  105. 			// don't adjust command result

  106. 			logger.info "${user.username} authorized for ${updateType} of protected ref ${repository.name}:${updatedRef} (${command.oldId.name} -> ${command.newId.name})"

  107. 		} else {

  108. 			// mark command result as rejected

  109. 			command.setResult(result, "${user.username} cannot ${updateType} protected ref ${repository.name}:${updatedRef} matching pattern ${refPattern}")

  110. 		}

  111. 	}

  112. }