Access control documentation: Forge identity

This change divides the old forge identity section into three new
sections, one for each of author, committer and server identities.
The previous scale of permissions is now replaced by three
individual permissions not dependant on each other.

Some generic text about forging identities is copied to all three
sections to increase the ease of use when using this page as a quick
lookup reference page.

Change-Id: Iff04dea2711560baf3d2f4454b1206dcac775a4c
Signed-off-by: Fredrik Luthander <fredrik.luthander@sonyericsson.com>

Documentation/access-control.txt

@@ -490,43 +490,58 @@ you grant the users the push force permission to be able to clean up
 stale branches.
 
 
-[[category_FORG]]
+
-Forge Identity
+[[category_forge_author]]
-~~~~~~~~~~~~~~
+Forge Author
+~~~~~~~~~~~~
 
 Normally Gerrit requires the author and the committer identity
 lines in a Git commit object (or tagger line in an annotated tag) to
 match one of the registered email addresses of the uploading user.
-This permission allows users to bypass that validation, which may
+This permission allows users to bypass parts of that validation, which
-be necessary when mirroring changes from an upstream project.
+may be necessary when mirroring changes from an upstream project.
 
-* +1 Forge Author Identity
-+
 Permits the use of an unverified author line in commit objects.
 This can be useful when applying patches received by email from
 3rd parties, when cherry-picking changes written by others across
 branches, or when amending someone else's commit to fix up a minor
 problem before submitting.
-+
+
 By default this is granted to `Registered Users` in all projects,
 but a site administrator may disable it if verified authorship
 is required.
 
-* +2 Forge Committer or Tagger Identity
-+
-Implies 'Forge Author Identity', but also allows the use of an
-unverified committer line in commit objects, or an unverified tagger
-line in annotated tag objects.  Typically this is only required
-when mirroring commits from an upstream project repository.
 
-* +3 Forge Gerrit Code Review Server Identity
+[[category_forge_committer]]
-+
+Forge Committer
-Implies 'Forge Committer or Tagger Identity' as well as 'Forge
+~~~~~~~~~~~~~~~
-Author Identity', but additionally allows the use of the server's
+
-own name and email on the committer line of a new commit object.
+Normally Gerrit requires the author and the committer identity
-This should only be necessary when force pushing a commit history
+lines in a Git commit object (or tagger line in an annotated tag) to
-which has been rewritten by 'git filter-branch' and that contains
+match one of the registered email addresses of the uploading user.
-merge commits previously created by this Gerrit Code Review server.
+This permission allows users to bypass parts of that validation, which
+may be necessary when mirroring changes from an upstream project.
+
+Allows the use of an unverified committer line in commit objects, or an
+unverified tagger line in annotated tag objects.  Typically this is only
+required when mirroring commits from an upstream project repository.
+
+
+[[category_forge_server]]
+Forge Server
+~~~~~~~~~~~~
+
+Normally Gerrit requires the author and the committer identity
+lines in a Git commit object (or tagger line in an annotated tag) to
+match one of the registered email addresses of the uploading user.
+This permission allows users to bypass parts of that validation, which
+may be necessary when mirroring changes from an upstream project.
+
+Allows the use of the server's own name and email on the committer
+line of a new commit object.  This should only be necessary when force
+pushing a commit history which has been rewritten by 'git filter-branch'
+and that contains merge commits previously created by this Gerrit Code
+Review server.
 
 [[category_OWN]]
 Owner

Documentation/error-not-signed-off-by.txt

@@ -7,8 +7,8 @@ author, committer or uploader. If for a project a Signed-off-by is
 required and the commit message does not contain it, Gerrit rejects
 to push the commit with this error message.
 
-This policy can be bypassed by having the access right '+2 Forge
+This policy can be bypassed by having the access right
-Committer or Tagger Identity' in the link:access-control.html#category_FORG['Forge Identity'] category.
+link:access-control.html#category_forge_committer['Forge Committer'].
 
 This error may happen for different reasons if you do not have the
 access right to forge the committer identity:

Documentation/error-you-are-not-author.txt

@@ -5,8 +5,8 @@ Gerrit verifies for every pushed commit that the e-mail address of
 the author matches one of the registered e-mail addresses of the
 pushing user. If this is not the case pushing the commit fails with
 the error message "you are not author ...". This policy can be
-bypassed by having the access right '+1 Forge Author Identity' in the
+bypassed by having the access right
-link:access-control.html#category_FORG['Forge Identity'] category.
+link:access-control.html#category_forge_author['Forge Author'].
 
 This error may happen for two reasons:
 

Documentation/error-you-are-not-committer.txt

@@ -5,8 +5,8 @@ Gerrit verifies for every pushed commit that the e-mail address of
 the committer matches one of the registered e-mail addresses of the
 pushing user. If this is not the case pushing the commit fails with
 the error message "you are not committer ...". This policy can be
-bypassed by having the access right '+2 Forge Committer or Tagger
+bypassed by having the access right
-Identity' in the link:access-control.html#category_FORG['Forge Identity'] category.
+link:access-control.html#category_forge_committer['Forge Committer'].
 
 This error may happen for two reasons: