diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2012-02-16 00:02:33 +0400 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2012-02-16 00:02:33 +0400 |
| commit | 37224dc9c1ee80ba9030b616e2bc87bd96919e09 (patch) | |
| tree | 5291abadd8748ea47685c326df4b137d0d6a2194 /lib | |
| parent | 3a9e5a9357b6b0cac2acdefa203136c9b572e102 (diff) | |
ProtectedBranches model, Master permission for repo\n Allow push to protected branch for masters only
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlabhq/gitolite.rb | 62 |
1 files changed, 34 insertions, 28 deletions
diff --git a/lib/gitlabhq/gitolite.rb b/lib/gitlabhq/gitolite.rb index e6eb8e5144b..4f911113ea0 100644 --- a/lib/gitlabhq/gitolite.rb +++ b/lib/gitlabhq/gitolite.rb @@ -64,21 +64,9 @@ module Gitlabhq def update_project(repo_name, project) ga_repo = ::Gitolite::GitoliteAdmin.new(File.join(@local_dir,'gitolite')) conf = ga_repo.config - - repo = if conf.has_repo?(repo_name) - conf.get_repo(repo_name) - else - ::Gitolite::Config::Repo.new(repo_name) - end - - name_readers = project.repository_readers - name_writers = project.repository_writers - - repo.clean_permissions - repo.add_permission("R", "", name_readers) unless name_readers.blank? - repo.add_permission("RW+", "", name_writers) unless name_writers.blank? + repo = update_project_config(project, conf) conf.add_repo(repo, true) - + ga_repo.save end @@ -89,25 +77,43 @@ module Gitlabhq conf = ga_repo.config projects.each do |project| - repo_name = project.path - - repo = if conf.has_repo?(repo_name) - conf.get_repo(repo_name) - else - ::Gitolite::Config::Repo.new(repo_name) - end - - name_readers = project.repository_readers - name_writers = project.repository_writers - - repo.clean_permissions - repo.add_permission("R", "", name_readers) unless name_readers.blank? - repo.add_permission("RW+", "", name_writers) unless name_writers.blank? + repo = update_project_config(project, conf) conf.add_repo(repo, true) end ga_repo.save end + def update_project_config(project, conf) + repo_name = project.path + + repo = if conf.has_repo?(repo_name) + conf.get_repo(repo_name) + else + ::Gitolite::Config::Repo.new(repo_name) + end + + name_readers = project.repository_readers + name_writers = project.repository_writers + name_masters = project.repository_masters + + pr_br = project.protected_branches.map(&:name).join(" ") + + repo.clean_permissions + + # Deny access to protected branches for writers + unless name_writers.blank? || pr_br.blank? + repo.add_permission("-", pr_br, name_writers) + end + + # Add read permissions + repo.add_permission("R", "", name_readers) unless name_readers.blank? + + # Add write permissions + repo.add_permission("RW+", "", name_writers) unless name_writers.blank? + repo.add_permission("RW+", "", name_masters) unless name_masters.blank? + + repo + end end end |