opendev/gerrit
Code Issues Proposed changes

Access control documentation: Push Annotated Tags

Browse Source 
This change describes what can be done with the Push Annotated Tags
access.

Change-Id: Ia7ba07208500e6fb85cc0ec67c508871d4596543
Signed-off-by: Fredrik Luthander <fredrik.luthander@sonyericsson.com>
This commit is contained in:
Fredrik Luthander
2012-01-20 07:29:43 +01:00
committed by Gustaf Lundh
parent 5168057a03
commit 5b75c00625
2 changed files with 16 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
Documentation/access-control.txt
View File

@@ -642,9 +642,9 @@ wish to restrict merges to being created by Gerrit. By granting
system will be those created by Gerrit. system will be those created by Gerrit.
[[category_pTAG]] [[category_push_annotated]]
Push Tag Push Annotated Tag
~~~~~~~~ ~~~~~~~~~~~~~~~~~~
This category permits users to push an annotated tag object over This category permits users to push an annotated tag object over
SSH into the project's repository. Typically this would be done SSH into the project's repository. Typically this would be done
@@ -660,29 +660,21 @@ should exist in the `refs/tags/` namespace, and should be new.
This category is intended to be used to publish tags when a project This category is intended to be used to publish tags when a project
reaches a stable release point worth remembering in history. reaches a stable release point worth remembering in history.
The range of values is: It allows for a new annotated (unsigned) tag to be created. The
tagger email address must be verified for the current user.
* +1 Create Signed Tag
+
A new signed tag may be created. The tagger email address must be
verified for the current user.
* +2 Create Annotated Tag
+
A new annotated (unsigned) tag may be created. The tagger email
address must be verified for the current user.
To push tags created by users other than the current user (such To push tags created by users other than the current user (such
as tags mirrored from an upstream project), `Forge Identity +2` as tags mirrored from an upstream project), `Forge Committer Identity`
must be also granted in addition to `Push Tag >= +1`. must be also granted in addition to `Push Annotated Tag`.
To push lightweight (non annotated) tags, grant `Push Branch +2 To push lightweight (non annotated) tags, grant
Create Branch` for reference name `refs/tags/*`, as lightweight <<category_create,`Create Reference`>> for reference name
tags are implemented just like branches in Git. `refs/tags/*`, as lightweight tags are implemented just like
branches in Git.
To delete or overwrite an existing tag, grant `Push Branch +3 To delete or overwrite an existing tag, grant `Push` with the force
Force Push Branch; Delete Branch` for reference name `refs/tags/*`, option enabled for reference name `refs/tags/*`, as deleting a tag
as deleting a tag requires the same permission as deleting a branch. requires the same permission as deleting a branch.
[[category_READ]] [[category_READ]]
Read Access Read Access

5
Documentation/error-prohibited-by-gerrit.txt
View File

@@ -14,9 +14,8 @@ In particular this error occurs:
2. if you bypass code review without 2. if you bypass code review without
link:access-control.html#category_push_direct['Push'] privileges link:access-control.html#category_push_direct['Push'] privileges
on `refs/heads/*` on `refs/heads/*`
3. if you push a signed or annotated tag without sufficient 3. if you push a signed or annotated tag without
privileges in the link:access-control.html#category_pTAG['Push Tag'] link:access-control.html#category_pTAG['Push Tag'] privileges
category
4. if you push a lightweight tag without the access right link:access-control.html#category_create['Create 4. if you push a lightweight tag without the access right link:access-control.html#category_create['Create
Reference'] for the reference name 'refs/tags/*' Reference'] for the reference name 'refs/tags/*'