Add permission for pushing signed tag

The method that determines whether or not the user can create a new Git ref checks if the tag contains a PGP signature, but it returns the same result in both the `if` and `else` blocks. The redundant check seems to be legacy of the changes in Idb56f65 where the create ref checks were refactored. Previously there was a distinction between permissions to push an annotated tag and to push a signed tag. There is now no distinction and the permission is simply "push tag" (which actually refers to annotated tag). Add a new permission for pushing signed tag, and use that when the tag contains a PGP signature. Change-Id: Ic32e0e60f8518b04e8325653e3e90edee834e629
2012-12-12 11:04:40 +09:00
parent 095a25143c
commit b429ce1f50
4 changed files with 23 additions and 4 deletions
--- a/Documentation/access-control.txt
+++ b/Documentation/access-control.txt
@@ -659,8 +659,8 @@ with a command line such as:
  git push ssh://USER@HOST:PORT/PROJECT tag v1.0
 ====

-Tags must be annotated (created with `git tag -a` or `git tag -s`),
-should exist in the `refs/tags/` namespace, and should be new.
+Tags must be annotated (created with `git tag -a`), should exist in
+the `refs/tags/` namespace, and should be new.

 This category is intended to be used to publish tags when a project
 reaches a stable release point worth remembering in history.
@@ -682,6 +682,22 @@ option enabled for reference name `refs/tags/*`, as deleting a tag
 requires the same permission as deleting a branch.


+[[category_push_signed]]
+Push Signed Tag
+~~~~~~~~~~~~~~~
+
+This category permits users to push a PGP signed tag object over
+SSH into the project's repository.  Typically this would be done
+with a command line such as:
+
+====
+  git push ssh://USER@HOST:PORT/PROJECT tag v1.0
+====
+
+Tags must be signed (created with `git tag -s`), should exist in the
+`refs/tags/` namespace, and should be new.
+
+
 [[category_read]]
 Read
 ~~~~
--- a/gerrit-common/src/main/java/com/google/gerrit/common/data/Permission.java
+++ b/gerrit-common/src/main/java/com/google/gerrit/common/data/Permission.java
@@ -32,6 +32,7 @@ public class Permission implements Comparable<Permission> {
  public static final String PUSH = "push";
  public static final String PUSH_MERGE = "pushMerge";
  public static final String PUSH_TAG = "pushTag";
+  public static final String PUSH_SIGNED_TAG = "pushSignedTag";
  public static final String READ = "read";
  public static final String REBASE = "rebase";
  public static final String REMOVE_REVIEWER = "removeReviewer";
@@ -53,6 +54,7 @@ public class Permission implements Comparable<Permission> {
    NAMES_LC.add(PUSH.toLowerCase());
    NAMES_LC.add(PUSH_MERGE.toLowerCase());
    NAMES_LC.add(PUSH_TAG.toLowerCase());
+    NAMES_LC.add(PUSH_SIGNED_TAG.toLowerCase());
    NAMES_LC.add(LABEL.toLowerCase());
    NAMES_LC.add(REBASE.toLowerCase());
    NAMES_LC.add(REMOVE_REVIEWER.toLowerCase());
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AdminConstants.properties
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AdminConstants.properties
@@ -111,6 +111,7 @@ permissionNames = \
 	push, \
 	pushMerge, \
 	pushTag, \
+	pushSignedTag, \
 	read, \
 	rebase, \
 	removeReviewer, \
@@ -126,6 +127,7 @@ owner = Owner
 push = Push
 pushMerge = Push Merge Commit
 pushTag = Push Annotated Tag
+pushSignedTag = Push Signed Tag
 read = Read
 rebase = Rebase
 removeReviewer = Remove Reviewer
--- a/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
@@ -279,11 +279,10 @@ public class RefControl {
      // than if it doesn't have a PGP signature.
      //
      if (tag.getFullMessage().contains("-----BEGIN PGP SIGNATURE-----\n")) {
-        return owner || canPerform(Permission.PUSH_TAG);
+        return owner || canPerform(Permission.PUSH_SIGNED_TAG);
      } else {
        return owner || canPerform(Permission.PUSH_TAG);
      }
-
    } else {
      return false;
    }