Add a test in receive commits for commit message first lines of over 50
characters and a boolean config option to enable checking for it.
Change-Id: I557d1ff72e6df97b991b05c36483c13873b706fb
We don't push our code to a Maven repository, so there only reason
to construct source archives is to feed source files into the GWT
compiler. Move the source plugin onto only the packages that we
feed into the GWT code, allowing the others to skip this step.
This fixes a "bug" in a later change that adds the Prolog Cafe
translater to the build process. Without this change first, the
Prolog Cafe translator is firing twice for every Prolog source file
that is part of our standard build.
Change-Id: Iba38aa371ce7c8950ac30dc3cf06e01b465afb5a
Signed-off-by: Shawn O. Pearce <sop@google.com>
Permissions are stored in the project.config file within the
refs/meta/config branch of each project. This makes the rules
more flexible in the future, as well as adds version control.
For example:
[access "refs/*"]
owner = group tools-owners
[access "refs/heads/*"]
label-Verified = -1..+1 group tools-dev
label-Verified = -1..+1 group tools-owners
label-Code-Review = -2..+2 group tools-owners
submit = group tools-dev
submit = group tools-owners
[access "refs/heads/stable"]
exclusiveGroupPermissions = read create push
read = group Anonymous Users
push = group tools-repo-maintainer
To enable easy remote editing of the configuration rules, the
following access block is added by default to -- All Projects --
and is thus inherited throughout the entire site:
[access "refs/meta/config"]
read = group Project Owners
push = group Project Owners
This configuration section permits any project owner or site
administrator (as they are indirectly always a project owner of
any project) to push changes to the project.config file within
the refs/meta/config branch, updating access (and other project
information) remotely without using the web UI.
Change-Id: Idb56f657a4bf88108ad40bbb19d831e6806b68c5
Signed-off-by: Shawn O. Pearce <sop@google.com>
By switching to the UUID we can have a globally unique identifier
for group membership throughout the server, even if group information
comes in from a different data source.
Change-Id: Icb49d6a6aff8e62864ac0f78ceedbe03f01de894
Signed-off-by: Shawn O. Pearce <sop@google.com>
UUIDs will be used later on to link access rules to groups, even if
the group gets renamed and the access rule file didn't get updated
with the new name yet.
To generate a UUID we take the creator of the group and the original
group name and hash them with SHA-1. This should produce a globally
unique identifier that is also time dependent, as the PersonIdent
has the current time embedded as part of the creator string.
The placeholder group 'Project Owners' is assigned a constant UUID,
as the concept of project ownership is the same across all servers
and the server interpreting the rules needs to replace this group
with the actual ownership list before evaluating them.
The magic groups 'Anonymous Users' and 'Registered Users' are also
assigned constant UUIDs, as this simplifies the definition of those
automatic membership groups within a server installation.
Change-Id: I47119b325418f88e089e136cee47593d82fbc754
Signed-off-by: Shawn O. Pearce <sop@google.com>
Project settings are now saved in the project.config file of the
refs/meta/config branch within each Git repository. This offers
us free version control over the lifespan of the project, and will
help reduce schema version issues as the configuration file is
more free-form.
Project owners can edit the configuration of their project by
hand and push the results back up, possibly even going through
code review, if the proper access rules are assigned in the
project's access panel. Project users can inspect the history of
the configuration by reading the history of the refs/meta/config
branch with their favorite history browser.
Change-Id: Id63414d86dbfb9033021f76e1d5e782373525a77
Signed-off-by: Shawn O. Pearce <sop@google.com>
Rather than locating projects in the database table, perform a
recursive scan of the managed repository directory and pull up
anything that we find. This is a first step towards moving all
the project control metadata directly into Git.
Bug: issue 436
Change-Id: I08e0083f14f5c03eb9e49b4895c265d13b828534
Signed-off-by: Shawn O. Pearce <sop@google.com>
Parent commit id and short message is placed in a Grid that expands
vertically when a patch set has more than one parent. The text
"Initial Commit" is used when a patch set has no parents.
Change-Id: I5775e8e09b506d9a97d0303e0ba150a926a091e8
When automatically closing changes during a push directly into a
branch, match open changes with existing Change-Ids only if they are
pending for the same branch. This prevents changes from crossing
branches during a push.
Bug: issue 635
Change-Id: I2bfeb89bb14a29610295dd4681176db26f31ee79
Signed-off-by: Shawn O. Pearce <sop@google.com>
To support cherry-picking changes across branches (e.g. backporting
from master to maint release) use both the destination project and
branch name when matching commits for patch set replacement.
Bug: issue 635
Change-Id: Ied10ffc6ccf96621c9ff57e6466c8aff93b71136
Signed-off-by: Shawn O. Pearce <sop@google.com>
This is required, because starting with PostgreSQL 9.0, PL/pgSQL
language is installed by default and database returns error when
we try to install it again.
Change-Id: I59aa8860bed27165a07e6fde80f6f873a3e90bd9
Signed-off-by: Piotr Sikora <piotr.sikora@frickle.com>
This change adds a new item to the group configuration: a list of
groups whose members should be included in this one. This makes it
possible to set up a hierarchy of included groups, which can make it
easier to maintain complex access control lists.
To accomplish this, two new database tables were added,
called AccountGroupIncludes and AccountGroupIncludesAudit.
The relevant support code was added around them, largely based on
the existing code for handling indivdual account membership. In
addition, caches for group information were added, paralleling the
caches that already exist for accounts.
Change-Id: Ib6990c17739f28f38bc13961143db7ce79251567
When this property is set on a group, actions and
comments from members of this group will only cause
emails to be sent to change authors. This is
particularly useful to quiet actions from automation
users.
Change-Id: Ibcde6e07045ec00d095028c86e8dd47cef3cf582
* The purpose of this change is to be able to look at the various
change lists and see who reviewed, verified without clicking in.
There are various reasons this is nice, you can easily see who's
doing reviews, who isn't lately just by looking quickly, as well
as if anyone did a review for themselves (we're a small to mid team
and people have access and sometimes do this)... this compared to
the title label which you need to hover to see.
* A user perference has been added to allow the user to toggle
this setting on/off, it defaults to off to keep existing layout
Change-Id: Iae347521b7645082a1d65759198d0347502ab55d
Normally a group is only visible to the group owners and the Gerrit
administrators. In certain environments (corporate or open source) it
can make sense to have groups that are visible to all registered
users. E.g.:
- a user needs access rights for a certain project, if this user can
see the project owner group, he knows whom to contact to request
the access rights
- a user needs support from a Gerrit administrator, if this user can
see the administrator group, he knows whom to contact
This change adds a new group option that allows to make the group
visible to all registered users. Modifying the group is still only
allowed for the group owners. By default a newly created group will
only be visible to the group owners.
Change-Id: I2de0084a7842d73618ca48fa95804c22d5bb90cb
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
* changes:
[findbugs] Fix TrackingId.equals()
[findbugs] Ensure that statement is closed
[findbugs] Remove dead store to local variable
[findbugs] Use key to remove entry from HashMap
[findbugs] equals() must return false for null argument
Comparing tr.key to itself is always true which yields wrong results
for equals().
Change-Id: I284d2c651e8ab23aa81d71594feefc5148638840
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
The Owner permission should be inherited from any parent project,
so long as the parent project isn't the global -- All Projects --
parent project.
Change-Id: I2a1f1d9c941a44d2ed4b8d900ee3ef6e48368343
Signed-off-by: Shawn O. Pearce <sop@google.com>
The submit and new changes buttons were cross-wired, causing the one
to impact the other's value. Fix that, and while we are at it clarify
the names involved so there is less confusion going on.
Change-Id: Ie1b082e35b7a95913a7feb92739f79220a24a983
Signed-off-by: Shawn O. Pearce <sop@google.com>
Use new content merge functionality in JGit for automatic
resolution of conflicts within a file.
Change-Id: Ifae8a94709fb60f13e4c79fb6bb77a214ef5f0b7
Signed-off-by: Shawn O. Pearce <sop@google.com>
Add a new system group 'Project Owners' that permits all owners of a project.
The 'Project Owners' group is always evaluated in the context of a project,
meaning that all rights assigned to the 'Project Owners' group are resolved to
rights for the concrete groups owning the project.
This new group makes it easy for Gerrit administrators to configure a default
access configuration for new projects and so the creation of new projects gets
easier and faster.
As an example let's assume that by default for new projects we want to allow
all project owners to push tags and to vote -2/+2 for Code Review, -1/+1 for
Verified and to submit. Before this change the steps to do this were:
1. Creation of a new group for the team that owns the project, 'Team X' (if not
already existing)
2. Creation of a new project 'Project Y' with group 'Team X' as project owner.
3. Assigning for 'Project Y' 'Push Tag +2' privilege to 'Team X'
4. Assigning for 'Project Y' 'Code Review -2/+2' privilege to 'Team X'
5. Assigning for 'Project Y' 'Verified -1/+1' privilege to 'Team X'
6. Assigning for 'Project Y' 'Submit +1' privilege to 'Team X'
With the introduction of the 'Project Owner' group things get easier. A Gerrit
Administrator can assign the deault privileges ONCE on a parent project,
e.g. '-- All Projects --', to the 'Project Owners' group.
1. Assigning for '-- All Projects --' 'Push Tag +2' privilege to
'Project Owners'
2. Assigning for '-- All Projects --' 'Code Review -2/+2' privilege to
'Project Owners'
3. Assigning for '-- All Projects --' 'Verified -1/+1' privilege to
'Project Owners'
4. Assigning for '-- All Projects --' 'Submit +1' privilege to 'Project Owners'
Then the creation of new projects can be done very easily within 1 or 2
commands from the command line:
1. Creation of a new group for the team that owns the project, 'Team X' (if not
already existing)
2. Creation of a new project 'Project Y' with group 'Team X' as project owner.
'Project Y' will inherit the rights assigned to the group 'Project Owner' which
will be resolved for 'Project Y' to rights for the group 'Team X' which is
owning 'Project Y'.
Signed-off-by: Edwin Kempin <edwin.kempin@gmail.com>
Change-Id: Ia233a1ae9138b833aab5d5a53525bbdf6539580e
Added a new general user preference by which the
display order of the patch sets in the
ChangeScreen can be reversed so that the latest
patch set is always shown on top.
If there are a lot of patch sets for a change the
latest patch set and the links to the diffs in the
patch set are below the fold of the ChangeScreen.
In most cases users are interest in the latest
patch set. This is why it may be more convinient
if the latest patch set is always displayed on
top.
Bug: issue 556
Change-Id: I01b718252c260bfeea63819466a8286de7a43459
Signed-off-by: Edwin Kempin <edwin.kempin@gmail.com>
Add two checkboxes to the user diff preferences. These
buttons enable/disable skipping deleted or uncommented files.
Skipping is with respect to the prev/next links above and
below the diff.
Bug: issue 584
Change-Id: I105ee3115f806f1637997e95e9e9931b4107a69e
Support for authentication using client side SSL certificate. This
authentication type is actually kind of SSO. Gerrit will configure Jetty's SSL
channel to request client's SSL certificate. For this authentication to work a
Gerrit administrator has to import the root certificate of the trust chain used
to issue the client's certificate into the <review-site>/etc/keystore.
For the Gerrit's server side SSL certificate one can use a certificate signed
by a CA or a self-signed certificate.
After the authentication is done Gerrit will obtain basic user
registration (name and email) from LDAP, and some group memberships.
Change-Id: Ic076178f844f05b73be5d7c8fe9c8bb29b458f26
Add a new enum type for AccountProjectWatch, and add methods
to support using the enum type. Make use of the enums
to reduce the complexity of setting up the different watch
checkboxes.
Change-Id: If86422ea895180cf87083f8423b0c05a790ac3df
We now support user preferences to select how dates and times
should be rendered. Right now we only offer 3 basic date layouts,
and 2 time layouts (12 hour or 24 hour clock).
Bug: issue 698
Change-Id: Ic8d70964566898bc9f9f8782ac684c1707f36864
Signed-off-by: Shawn O. Pearce <sop@google.com>
This was the older `diff --cc` style output, which wasn't very useful
when reviewing a merge commit. We plan to do merge reviews again
in the near future by comparing the result of the merge against the
automated machine performed merge, making it even more obvious what
the human author changed.
Change-Id: I2355b50a88f798526ed72b5e36ad84298d81f991
Signed-off-by: Shawn O. Pearce <sop@google.com>
* stable: (30 commits)
Clarify the upgrade instructions
Draft release notes for 2.1.5
documentation: Document why hook --change-url might be missing
documentation: Fix rendering errors in gerrit.config
Allow ; and & to seperate parameters in gitweb
Include a quick summary of the size of a change in email
Display the size of a patch (lines added/removed)
Fix clearing of topic during replace
Fix inherited Read Access +2 not inheriting
Add some basic RefControl tests for delegated ownership
Fix branch owner adding exclusive ACL
Optimize RegexFilePredicate for common matches
Correct copyright headers to AOSP
Don't expose /COMMIT_MSG as a modified file in ChangeData
Don't enable dk.brics.automaton's optional syntax
Fix NPE while matching file:^ pattern on deleted files
Fixed unused imports in OutgoingEmail
Don't show /COMMIT_MSG in change emails
Fix NPE during merge failure on new branch
Honor user's syntax coloring preference in unified view
...
Conflicts:
gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/patch/PatchScriptBuilder.java
gerrit-server/src/main/java/com/google/gerrit/common/ChangeHookRunner.java
gerrit-server/src/main/java/com/google/gerrit/server/mail/ChangeEmail.java
gerrit-server/src/main/java/com/google/gerrit/server/mail/CommentSender.java
gerrit-server/src/main/java/com/google/gerrit/server/mail/OutgoingEmail.java
gerrit-server/src/main/java/com/google/gerrit/server/patch/PatchListCacheImpl.java
gerrit-server/src/main/java/com/google/gerrit/server/patch/Text.java
Change-Id: I80bfdb55872fa4bdf4f751c337b609e7ec809605
In a patch table we now display the number of new lines added or the
number of lines deleted for each file, assuming it is not binary.
Added files only show the total number of lines, while deleted
files show nothing at all.
A new row is added at the bottom of the table that shows the overall
size of the delta. This can be useful if a project has rules about
how big a patch can be before additional types of review are required
(e.g. Eclipse based projects).
Bug: issue 499
Change-Id: I961d8fac3f5d82a5d24f0a4d0b0a9ddf39182a50
Signed-off-by: Shawn O. Pearce <sop@google.com>
The commit message is now shown as a magical "Commit Message" file at
the start of each patch listing. Normally its compared against the
empty blob content, and thus appears all new. When comparing between
two patch sets the message is compared against the message of the other
patch set, enabling a fast view of what was modified in the message.
When showing a commit message we use a friendly format that looks a
lot like the `git log --format=fuller` layout, only we show the parent
commit and its short subject in addition to the other headers. This
helps reviewers to identify a rebase, or easily see merges.
Comments made against the commit message are saved under the
file "/COMMIT_MSG". Any name starting with "/" is legal in a Git
repository because the empty string is not a valid tree entry name.
Consequently we are reasonably safe to use "/" to denote a meta file
which will never appear in real repositories. The name "COMMIT_MSG"
comes from the name of the file some versions of Git used to store
the message-in-progress under ".git" in, and really has no important
meaning other than to be unique within a Gerrit database.
Bug: issue 361
Change-Id: I11004eddfa7ab10e6491eedcf437771bf1e5af64
Signed-off-by: Shawn O. Pearce <sop@google.com>
I meant to keep reusing the 2.1 version number for the entire
2.1 series during development, but botched it during the 2.1.4
development cycle and set it to 2.1.4-SNAPSHOT by mistake. Put
it back to 2.1-SNAPSHOT since 2.1.4 is released.
Change-Id: I37e206c0609bf3fd94a5aab8ea301c98b7fb013e
Signed-off-by: Shawn O. Pearce <sop@google.com>
Add a inactive column to the Account object. Use the inactive
status to disable the user's web and ssh logins, sending
emails to the user on behalf of gerrit, adding the user as a
reviewer or to a group, and making the user appear in the
"add reviewer" and group "add member" auto completion boxes.
Bug: issue 503
Change-Id: Ib002788ebf8204dfea608d9f5ac3a5cdff20f817
Allow download methods configuration in gerrit.config. It was
included a section [download] in gerrit.config file to set the
scheme to be used in downloads.
This configuration hide or show ssh/http/anonymous git/anonymous
http and repo download tabs in change screen.
Bug: issue 583
Change-Id: I157135c6793771fc7b9e22bef5bae1a7d3b1da35
There was some code duplication in these classes. This refactoring
removes the PatchScriptSettings and PrettySettings classes and uses
AccountDiffPreference instead.
Issue: bug 629
Change-Id: I57ab1522b0023503d0cbd29620236ea68b7717ed
Signed-off-by: Sasa Zivkov <zivkov@gmail.com>
Any valid search string is now a valid filter expression or a
watched project. The only operator not supported here is the
is:watched operator, because that creates a recursive call that
would never succeed.
The change turned out far bigger than it should be due to the request
scope requirement for the query builder. We had to rearrange a lot
of code to ensure we always have the request scope available in order
to construct a query builder and execute the filter expressions.
Bug: issue 492
Change-Id: I199d9b215e000c049279cd8e86e7a36386fee0fb
Signed-off-by: Shawn O. Pearce <sop@google.com>
All of the change list pages have been rewritten in terms of the
new query operator implementation. If the query exactly matches
a particular navigation call, we use the same underlying function
to scan the database, which gives us about the same performance.
Rather than showing custom page titles, all of the change list pages
update the search bar and show the underlying query. This helps
users to learn what search operators Gerrit supports internally.
If the query has additional filter restrictions, we try to pick a
reasonable scan function to read from the database, but then use
filters inside of the JVM to whack out rows that do not match.
The scan function selection is based on a hand-coded cost based
query rewriter, which is really more of a rule based optimizer than
it is a cost based optimizer. Its rather horrible at picking a good
"query plan", but its good enough given the limitations of the gwtorm
access API that we can still do something reasonable for the user.
Because the query graph is stored in memory as a proper graph,
we may be able to later perform some optimization work where we
transform the graph into a proper SQL SELECT statement and hand
it off to the database server for execution. For most SQL systems
this would outperform what we do now.
Because the query rewriter edits the query, it may produce an invalid
result sometimes. Any old hand-coded search is correct, because the
rewriter just transforms to the same underlying function that we used
to have. More complex filters may still uncover bugs in the rewiter.
Some queries are simply not executable. For example, "is:reviewed"
won't execute, because we don't have a way to scan the database
along that dimension. The access method doesn't exist simply
because the result set would be too large to reasonably process.
The set of operators is still not complete. We should support
things like 'age:3d' to mean changes that were last modified more
than 3 days ago, but we don't yet. Doing so efficiently probably
requires converting the age specification into a sortKey and using
an existing scan operation along that column.
Queries once parsed into a predicate tree can be tested against a
single ChangeData object, to consider just that one change. This
will later be useful for more powerful project watch specifications,
or access control rules.
Bug: issue 259
Bug: issue 287
Bug: issue 239
Bug: issue 504
Change-Id: Ifdf7306bb362484c58df5785054fd9e43363aaa9
Signed-off-by: Shawn O. Pearce <sop@google.com>
The topic tag can be attached to a change during upload by suffixing
the 'refs/for/branch_name' with the topic label, treating the branch
as though it were a directory.
For example, to tag 'exp/nosql' onto a change headed for the
'sandbox/future-stuff' branch, git push can be used as:
git push URL HEAD:refs/for/sandbox/future-stuff/exp-nosql
If the topic is supplied, it is displayed in the branch column of
a change, in parens. If no topic was set, only the branch is shown.
Bug: issue 51
Change-Id: I07d6c137fc9aefa8c1ee1652bf1e7bcde9d33674
Signed-off-by: Shawn O. Pearce <sop@google.com>
This change considers the rights of the most specific ref pattern.
If the ref pattern starts with ^ it is considered to be a regular
expression, otherwise the older glob style or exact match rules
are used.
Change-Id: Ie060d3758e5184a7cedd38883253f60817a04e1b
Portions-by: carloseduardo.baldacin <carloseduardo.baldacin@sonyericsson.com>
Signed-off-by: Shawn O. Pearce <sop@google.com>
Ian Wienand