Commit Graph

137 Commits

Author SHA1 Message Date
Ian Wienand 234ed85a92 Retire repo
Change-Id: I7d68f82c75cbc4dc7e843198593846e19cf88f14
2022-04-05 13:20:00 +10:00
Monty Taylor d0fa8866d4 Reject commit subjects over 50 characters.
Add a test in receive commits for commit message first lines of over 50
characters and a boolean config option to enable checking for it.

Change-Id: I557d1ff72e6df97b991b05c36483c13873b706fb
2011-11-08 14:26:40 -08:00
Shawn Pearce 045b76c6d6 Merge "Implement multiple branches in ls-project" 2011-06-07 09:50:09 -07:00
Martin Fick 066c71219d Add error messages for abandon and restore when in bad state
The abandon and restore routines can fail if the change
is in the wrong state (abandoned already, or open still).
These failure lead to internal NPEs.  Instead, create a
new exception and give a reason for the failure to the user.

Change-Id: Id7861d75e535c439c12329f7e891797c5b1f6eca
2011-06-07 08:13:12 -06:00
Shawn O. Pearce 4e67700dab Change version to 2.2-SNAPSHOT
Change-Id: I1d3e6c42bc678536162a81d2b13372659a1c3dec
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-31 10:30:57 -07:00
Anatol Pomazau 3739569aad Implement multiple branches in ls-project
Allow users request SHA1 of multiple branches per command:

$ ssh -p 29418 review.example.com gerrit ls-projects -b eclair -b gingerbread

In case if a branch is not visible or does not exists then stub is shown. Here is
a sample of the command output:

---------------------------------------- d8a9e45c7ec6ff97b44fdbd0b21cabdb69f5f15b foo
---------------------------------------- 87e4297f8f508e9b73863b27c25a551a4d4b5ed5 bar
a7e9587229246f6eb876795bc45a09c17b3bed51 862b2ce84f38e93a50d29510e713475f11228b28 baz
405cd3f5d7df7bae701b313dad9ce2ef797eb754 6a7eb2f0c885d03320b58afb662ee4fc14659063 hello
---------------------------------------- 782effdaeba782a656f799c9584dcc82fbfb7fa7 world
b8240b951de6c03f72278dd3d7790c2355878197 e8099cc12a3b64aa4e58b319e61f0190e27bd3ac kext

Change-Id: Ib05a6fc770ed0b70a3c180b2a41bec5e95a7117b
2011-05-24 11:14:03 -07:00
Shawn O. Pearce cb115b6d24 Fix unused import/code warnings
Change-Id: Icb4968bfc340333ee613cfe3dfe01d3de49358d4
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 17:33:37 -07:00
Shawn O. Pearce 6a765190df Move "ref_rights" table into Git
Permissions are stored in the project.config file within the
refs/meta/config branch of each project.  This makes the rules
more flexible in the future, as well as adds version control.

For example:

  [access "refs/*"]
    owner = group tools-owners

  [access "refs/heads/*"]
    label-Verified = -1..+1 group tools-dev
    label-Verified = -1..+1 group tools-owners
    label-Code-Review = -2..+2 group tools-owners
    submit = group tools-dev
    submit = group tools-owners

  [access "refs/heads/stable"]
    exclusiveGroupPermissions = read create push
    read = group Anonymous Users
    push = group tools-repo-maintainer

To enable easy remote editing of the configuration rules, the
following access block is added by default to -- All Projects --
and is thus inherited throughout the entire site:

  [access "refs/meta/config"]
    read = group Project Owners
    push = group Project Owners

This configuration section permits any project owner or site
administrator (as they are indirectly always a project owner of
any project) to push changes to the project.config file within
the refs/meta/config branch, updating access (and other project
information) remotely without using the web UI.

Change-Id: Idb56f657a4bf88108ad40bbb19d831e6806b68c5
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 16:53:03 -07:00
Shawn O. Pearce e662fb3d4d Use AccountGroup.UUID instead of Account.Id
By switching to the UUID we can have a globally unique identifier
for group membership throughout the server, even if group information
comes in from a different data source.

Change-Id: Icb49d6a6aff8e62864ac0f78ceedbe03f01de894
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 16:53:03 -07:00
Shawn O. Pearce a56d834d2b Move "projects" table into Git
Project settings are now saved in the project.config file of the
refs/meta/config branch within each Git repository.  This offers
us free version control over the lifespan of the project, and will
help reduce schema version issues as the configuration file is
more free-form.

Project owners can edit the configuration of their project by
hand and push the results back up, possibly even going through
code review, if the proper access rules are assigned in the
project's access panel.  Project users can inspect the history of
the configuration by reading the history of the refs/meta/config
branch with their favorite history browser.

Change-Id: Id63414d86dbfb9033021f76e1d5e782373525a77
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 16:53:02 -07:00
Shawn O. Pearce 13fb707580 List projects by scanning the managed Git directory
Rather than locating projects in the database table, perform a
recursive scan of the managed repository directory and pull up
anything that we find.  This is a first step towards moving all
the project control metadata directly into Git.

Bug: issue 436
Change-Id: I08e0083f14f5c03eb9e49b4895c265d13b828534
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 16:53:01 -07:00
Shawn O. Pearce 62defaca1c Move repository creation into LocalDiskRepositoryManager
Make createRepository() actually create the project repository.

Change-Id: Ic10381440129f13919ad6cd67a32c22ae48e0f53
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 16:53:01 -07:00
Shawn O. Pearce bd8e5c1e8b Fix more rawtype warnings
Change-Id: I50e401a7a604dde7bfad63639bdadb29c2b8a4a9
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-19 09:58:35 -07:00
Nasser Grainawi 3755e9fd85 Remove unnecessary warning suppression
Change-Id: Iac493ad8be46d29e82ffb3007aadf25a49debfa8
2011-05-19 08:06:40 -07:00
Nasser Grainawi 8bc0d7d481 Remove dead code and unused variables
Change-Id: If87f7ad452ce597c82872b36a76f32afcc6ab7fd
2011-05-19 08:06:39 -07:00
Nasser Grainawi c7a1d91dd7 Remove unused imports
Change-Id: Ib51584840b6703a14554cc5b3e0aa890fe46234e
2011-05-19 08:05:36 -07:00
Shawn Pearce b642abf3d8 Merge "Added "version" command for Gerrit sshd." 2011-05-18 15:11:44 -07:00
Gustaf Lundh 018332f164 Added "version" command for Gerrit sshd.
Change-Id: I04ebc93940e18d933fe3186d771cccb1672f054e
2011-05-19 00:08:39 +02:00
Edwin Kempin 6b14d92374 SSH commands with user: create account if needed
SSH commands that accept a user as parameter (e.g.
create-group, receive-pack) fail if for a
specified user an account is not existing. With
this change the command is not immediately failing,
but if a user is specified that has no account it
tries to authenticate the user and if the
authentication is successful a user account is
automatically created so that the SSH command can
succeed.

This is e.g. useful if you have an automated
process that creates committer groups for new
projects. Since it can happen that the users that
should be assigned to the new committer group
have never logged in into Gerrit, some of these
users may not have a Gerrit account and so the group
creation fails. However these users are all known in
the used LDAP system and so a Gerrit account can be
automatically created for them. With this the group
creation can be successful even if some of the
members did not log in into Gerrit before.

Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
Change-Id: Ic3bc7b802ab5c8b0da4953fe207e47a43c54bcf7
2011-05-17 21:13:09 +02:00
Edwin Kempin efde723fa4 Disallow setting a project as parent for itself
The 'set-project-parent' SSH command allows to set a project as
parent for itself. If this is done the project is not anymore
inheriting from the '--All Projects--' so that we get multiple
project roots. A project owning itself is not anymore reported by
'ls-projects' command.

This change ensures that a project cannot be set as parent for
itself.

Change-Id: Idc19dc5383b51d06e4d0bcdf1025023e9f763e83
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
2011-05-16 18:11:22 -07:00
Shawn O. Pearce d6296556c6 Move SSH command creation off NioProcessors
Creating an SSH command for an incoming user request may require
looking up group information in LDAP if the user's groups are not hot
in the cache. This can take some time and may temporarily block an
NioProcessor thread preventing network IO from occurring for other
active user sessions.

Shift command creation onto a background work queue that only does
command construction for incoming requests. This way active commands
are not blocked by LDAP group lookups.

Two threads are used to try and avoid a single LDAP lookup from
blocking all new command creation on the server.

Change-Id: I1b49a836ba3443a9a85c29b7e3156558ca34ac47
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-05-15 14:19:19 -07:00
Shawn O. Pearce d2eaefa18a Update MINA SSHD to 0.5.1-r1095809
This fixes the keepalive@jsch.com error seen by some sites.

Change-Id: I19917d91ddeb2ab55119c71ea60e90d2034ab460
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-04-21 14:00:39 -07:00
Matt Fischer 620255aef7 Added support for included groups
This change adds a new item to the group configuration: a list of
groups whose members should be included in this one.  This makes it
possible to set up a hierarchy of included groups, which can make it
easier to maintain complex access control lists.

To accomplish this, two new database tables were added,
called AccountGroupIncludes and AccountGroupIncludesAudit.
The relevant support code was added around them, largely based on
the existing code for handling indivdual account membership.  In
addition, caches for group information were added, paralleling the
caches that already exist for accounts.

Change-Id: Ib6990c17739f28f38bc13961143db7ce79251567
2011-04-11 15:02:15 -04:00
Georg Müller 0860e1b13c Fix IllegalArgumentException caused by non-ascii user names
When connecting via command line ssh with a non-ascii user name set,
the info message is not displayed, but an IllegalArgumentException
("Not ASCII string") is thrown.  This change shows the message in
UTF-8.

Change-Id: I1c4da072a572b6a35bd020a00450ec7123c23ba9
2011-04-11 14:57:03 -04:00
Edwin Kempin b66c43fc0f Add group option that makes the group visible to all registered users
Normally a group is only visible to the group owners and the Gerrit
administrators. In certain environments (corporate or open source) it
can make sense to have groups that are visible to all registered
users. E.g.:
- a user needs access rights for a certain project, if this user can
  see the project owner group, he knows whom to contact to request
  the access rights
- a user needs support from a Gerrit administrator, if this user can
  see the administrator group, he knows whom to contact

This change adds a new group option that allows to make the group
visible to all registered users. Modifying the group is still only
allowed for the group owners. By default a newly created group will
only be visible to the group owners.

Change-Id: I2de0084a7842d73618ca48fa95804c22d5bb90cb
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
2011-04-08 10:36:47 +02:00
Shawn Pearce a8d749b3e2 Merge "Minor refactors prompted by abandon changes in ChangeUtil." 2011-04-07 16:15:17 -07:00
Shawn O. Pearce d1fac8378f Avoid huge pushes during refs/for/BRANCH push over SSH
Earlier I fixed the huge push problem, but only for smart HTTP.  I
forgot to apply the same logic to the advertisements offered over SSH,
as the SSH variant doesn't require the cache to carry the ObjectIds
from one request into the next.

Move the logic to the common ReceiveCommits class, and apply it to
both the smart HTTP and SSH protocols.

Change-Id: I96be6ec4c15d05f7667c9cb3adf221e29a1c3a33
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-04-06 16:59:53 -04:00
Martin Fick 8ed16d7c35 Minor refactors prompted by abandon changes in ChangeUtil.
Add some finals, fix line sizes, argument order and variable
names.

Change-Id: Ie514510ad067620a8f1f1ef2b619e28e251bf3dc
2011-03-28 11:02:39 -06:00
Martin Fick 30f823c1f8 Enhance review ssh command to abandon/restore patchsets.
The review command could only do approvals, verifies,
comments, and submits.  It now can also do abandons and
restores like the WUI.  Also refactor the abandon and
restore logic out of the AbandonChange and RestoreChange
classes and into the ChangeUtil class since it is used by
both the WUI and SSH now.

Bug: issue 674
Change-Id: I7ac24a0ff47f3edaebb6fcad8ad3127f370e5672
2011-03-28 11:02:38 -06:00
Shawn Pearce 78ea8756d3 Merge "Evict initial members of group created by SSH command from AccountCache" 2011-03-16 07:19:48 -07:00
Edwin Kempin 85c8acbc51 Evict initial members of group created by SSH command from AccountCache
When a user is added to a group, the new group membership gets not
active as long as the old user information stays in the AccountCache.
This is why the user needs to be evicted from the AccountCache when
he is added to a group. Then the user information together with the
new group membership is reloaded from the database.

If a new group membership is assigned in the WebUI the user is
properly evicted from the AccountCache and the new group membership
is immediately active.

If a group gets created by an SSH command and initial members get
added to the new group, the initial members are not evicted from the
AccountCache. This is why the new group membership does not get
active immediatley if the user information is already in the
AccountCache.

This change now ensures that the initial members of a group created
by an SSH command get evicted from the AccountCache. The fix is done
in such a way that there is now only one implementation of the group
creation functionality which is used from both WebUI and SSH command.

Change-Id: I605277d564d3e2d45d6366afbf3af48cc04458d5
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
Bug: issue 814
2011-03-16 15:15:31 +01:00
Edwin Kempin 6fc51e058a Fix replication of initial empty commit in new project
If a new project is created with an initial empty commit, the
replication of this commit is always failing. The reason is that the
replication is triggered before the project is created in the Gerrit
database.

This fix ensures that the replication of the initial commit is
triggered only after the project was created in the Gerrit database.

Change-Id: Ica2f53392f26cb2ddab568f77d04e1c040d5cb9b
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
Bug: issue 879
2011-03-16 13:14:35 +01:00
Matthias Sohn 0ff5ff0112 Enable git reflog for all newly created projects
Gerrit changed it's behavior with JGit commit
ffc8b42957a2f294960d5ad027e2c7e41d3f70cd and since then sets
core.logallrefupdates = false for new projects. Prior to that
change Gerrit did set core.logallrefupdates = true for newly created
projects. Reverting to the old behavior as being able to inspect the
reflog is desirable.

Change-Id: If6ffa8c98658c996a01811ccaa8823c7042af08a
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
2011-03-09 16:45:06 +01:00
Shawn O. Pearce d2593a24e6 Use Project.NameKey in GitRepositoryManager
This simplifies all of the calling sites, where they have a
Project.NameKey on hand and would prefer not to invoke .get() to
convert it into a String.

Change-Id: If661fc07cff542a57af3c28f27ab401ce7b3a656
Signed-off-by: Shawn O. Pearce <sop@google.com>
2011-01-04 12:05:05 -08:00
Shawn O. Pearce 2edc2b3d06 Speed up push by hiding refs/changes/
No user (even site administrators) is permitted to make modifications
to the refs/changes/ namespace during push.  This restriction
prevents commits needed to remember patch sets of a change from
being deleted or replaced after the review has already started.

The primary reason the git receive-pack server advertises references
to the send-pack client is to let it know what references the client
can change, and allow the client to detect if the change should
require the --force flag.  The secondary reason is to help the
client compute a common ancestor with the server, and reduce the
amount of objects it must upload.  Either way the client doesn't
need the list of all commits submitted for review, it can function
perfectly fine without the refs/changes/ names.

For some really busy repositories, this can save megabytes worth
of text that needs to be sent from server to client each time the
client tries to push a change for review.

Change-Id: I4815adcdb58b8fea24b77b6b5e92a0d073dddb0f
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-12-10 16:16:55 -08:00
Shawn O. Pearce 887bc2d59f review: Batch submit all changes at once
By batch submitting all of the changes to the MergeQueue we ensure
that the merge queue can sort them by topological order and doesn't
create unnecessary merge commits.  This can be relevant if the user
accidentally uses --reverse flag when submitting changes in bulk or
when there is clock skew on the branch:

  ssh r gerrit review -s $(git rev-list --reverse origin/master..)

Unfortunately we can't do a full batch submit, as there isn't that
level of transaction support avaliable in the database API.  But we
can avoid starting the merger on the branch until after all of the
affected changes have been marked SUBMITTED.

The better way to ensure submits happen correctly is to perform a
topological sort of the changes using the same sorter as MergeOp, and
then submit them from the root down.  This ensures that an early merge
attempt started by a different thread will be unable to merge the
change, because its parent isn't yet marked SUBMITTED.  Unfortunately
reusing that code here is non-trivial, so I'm punting on it for now.

Change-Id: I0242a360fcd8ba8f8c7fa5dcee021867f91352f8
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-11-15 11:45:34 -08:00
Shawn O. Pearce cd67a8403f Improve the no-interactive-shell error message over SSH
Present users with a more useful message that explains they have
logged in, but aren't able to run commands directly through SSH.

Change-Id: I9763ae6f28c2dd2aa7a3f3e41a9b13ef997a1f45
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-11-05 18:30:07 -07:00
Shawn O. Pearce 8a0bf36711 Configure SSHD maxAuthTries, loginGraceTime, maxConnectionsPerUser
Enable the site administrator to control the SSHD server's limits by
defining how many times a user can prevent an SSH key before we give
up, how long the session is allowed to sit without authentication,
and how many sessions any single user may have.

Change-Id: Ia7da504caa6e741a412dc03cf0e2e167d6d4c612
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-11-05 17:49:41 -07:00
Shawn O. Pearce 7f9e1e1326 Update MINA SSHD to 0.5.1-r1031886
The new version contains a work-around for failed sftp connections,
resolving a common NullPointerException error in server error logs.

Change-Id: Iebe667e8cd81cb79848833e2a5de68447fcd42fa
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-11-05 17:16:07 -07:00
Shawn Pearce ec15511690 Enable creation of initial empty commit for new projects
Add new option '--empty-commit' for the
'create-project' SSH command that creates an
initial empty commit for the newly created
project.

The idea of introducing this option was discussed
on the mailing list:
http://groups.google.com/group/repo-discuss/browse_thread/thread/945f313be4f26167?pli=1

Signed-off-by: Edwin Kempin <edwin.kempin@gmail.com>
Change-Id: I54cee094a4d465cd05cbc13ffcf90666b205ba72
2010-10-15 07:12:52 +02:00
Dmitry Fink 876953ea4d Add experimental support for automatic conflict handling
Use new content merge functionality in JGit for automatic
resolution of conflicts within a file.

Change-Id: Ifae8a94709fb60f13e4c79fb6bb77a214ef5f0b7
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-10-14 21:37:22 -07:00
Edwin Kempin bd90df6966 Remove duplicate code in class CreateProject
Bug: issue 734
Signed-off-by: Edwin Kempin <edwin.kempin@gmail.com>
2010-10-14 10:49:01 +02:00
Dmitry Fink d8235793c9 Allow rejection of changes without Change-Id line.
Bug: issue 557
Change-Id: I8bb545d19d4ab04278cd1f185401f4dc3cefbcc4
2010-10-12 22:00:13 -07:00
Martin Fick db3be25933 Add a --all-approvals option to queries
The new --all-approvals option in queries enables
the approvals to be displayed inline with each patchset.
This option therefore implies the --patch-sets option.

Bug: issue 729
Change-Id: Iace6ce9673f3d54c102af5550ebed0c4c5cb5053
2010-09-16 09:21:43 -06:00
Shawn O. Pearce 504dd024b8 Perform very detailed logging on unpack failures
If we catch an UnpackException it might be caused by a bug deep
within the check connectivity code of ReceivePack.  Log a lot more
detail than we have in the past to try and narrow down the problem.

Change-Id: I28b2e9e3183359eea6d0f33cb16ffc579f8a837e
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-09-03 11:37:52 -07:00
Shawn O. Pearce 75aca24370 create-project: Add --permissions-only option
The new --permissions-only option permits creating a project only
for use as a parent of other projects, for permissions inheritance.
This bypasses the creation of an otherwise empty git repository in
the server's repository forest.

Bug: issue 613
Change-Id: I86c53b11597a3d0cddfae01b2195944b458727a1
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-08-28 16:04:34 -07:00
Edwin Kempin be3d4c00f4 ensure that openend git repositories are closed
In several places a git repository was opened
but not closed or not closed in case of exception.
This commit fixes these places and ensures that
the opened git repository is properly closed after
use.

Signed-off-by: Edwin Kempin <edwin.kempin@gmail.com>
2010-08-27 08:29:00 +02:00
lincoln 2be1160f05 Block off commands on a server for certain user groups.
This feature adds two new options to gerrit.config file: upload and
receive with the allowGroup attribute, that restrict to some specific
groups the ability to run upload/receive commands on the server.

[sp: All bugs are mine, I refactored the code a bit from the original]

Change-Id: Ibd31bd11234e429f8b0201bbb03099f737281f21
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-08-25 14:42:25 -07:00
Shawn O. Pearce f855f399f8 Fix all of our pom.xml versions to be 2.1-SNAPSHOT
I meant to keep reusing the 2.1 version number for the entire
2.1 series during development, but botched it during the 2.1.4
development cycle and set it to 2.1.4-SNAPSHOT by mistake.  Put
it back to 2.1-SNAPSHOT since 2.1.4 is released.

Change-Id: I37e206c0609bf3fd94a5aab8ea301c98b7fb013e
Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-08-12 16:24:43 -07:00
Martin Fick 3f8385ba1e Add ability to deactivate a user when they leave the project.
Add a inactive column to the Account object.  Use the inactive
status to disable the user's web and ssh logins, sending
emails to the user on behalf of gerrit, adding the user as a
reviewer or to a group, and making the user appear in the
"add reviewer" and group "add member" auto completion boxes.

Bug: issue 503
Change-Id: Ib002788ebf8204dfea608d9f5ac3a5cdff20f817
2010-08-12 09:31:45 -06:00