diff --git a/Documentation/access-control.txt b/Documentation/access-control.txt index b9fb8b337f..ad20cb3921 100644 --- a/Documentation/access-control.txt +++ b/Documentation/access-control.txt @@ -444,6 +444,14 @@ have false-negatives that shouldn't block the change. A restart is required after making database changes. See <>. +[[category_abandon]] +Abandon +~~~~ + +This category controls whether users are allowed to abandon changes +to projects in Gerrit. It can give permission to abandon a specific +change to a given ref. + [[category_create]] Create reference ~~~~~~~~~~~~~~~~ diff --git a/gerrit-common/src/main/java/com/google/gerrit/common/data/Permission.java b/gerrit-common/src/main/java/com/google/gerrit/common/data/Permission.java index 20261de496..4067349802 100644 --- a/gerrit-common/src/main/java/com/google/gerrit/common/data/Permission.java +++ b/gerrit-common/src/main/java/com/google/gerrit/common/data/Permission.java @@ -20,6 +20,7 @@ import java.util.List; /** A single permission within an {@link AccessSection} of a project. */ public class Permission implements Comparable { + public static final String ABANDON = "abandon"; public static final String CREATE = "create"; public static final String FORGE_AUTHOR = "forgeAuthor"; public static final String FORGE_COMMITTER = "forgeCommitter"; @@ -40,6 +41,7 @@ public class Permission implements Comparable { NAMES_LC = new ArrayList(); NAMES_LC.add(OWNER.toLowerCase()); NAMES_LC.add(READ.toLowerCase()); + NAMES_LC.add(ABANDON.toLowerCase()); NAMES_LC.add(CREATE.toLowerCase()); NAMES_LC.add(FORGE_AUTHOR.toLowerCase()); NAMES_LC.add(FORGE_COMMITTER.toLowerCase()); diff --git a/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AdminConstants.properties b/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AdminConstants.properties index 3b3d0bb4cf..89fc195b25 100644 --- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AdminConstants.properties +++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AdminConstants.properties @@ -98,6 +98,7 @@ addPermission = Add Permission ... # Permission Names permissionNames = \ + abandon, \ create, \ forgeAuthor, \ forgeCommitter, \ @@ -109,6 +110,7 @@ permissionNames = \ read, \ rebase, \ submit +abandon = Abandon create = Create Reference forgeAuthor = Forge Author Identity forgeCommitter = Forge Committer Identity diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java b/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java index 64f7d979b9..7387fd1b1c 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java @@ -189,6 +189,7 @@ public class ChangeControl { || getRefControl().isOwner() // branch owner can abandon || getProjectControl().isOwner() // project owner can abandon || getCurrentUser().getCapabilities().canAdministrateServer() // site administers are god + || getRefControl().canAbandon() // user can abandon a specific ref ; } diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java b/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java index 82c3a6d84b..2f992719aa 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java @@ -310,6 +310,11 @@ public class RefControl { return canPerform(Permission.FORGE_SERVER); } + /** @return true if this user can abandon a change for this ref */ + public boolean canAbandon() { + return canPerform(Permission.ABANDON); + } + /** All value ranges of any allowed label permission. */ public List getLabelRanges() { List r = new ArrayList();