Add SSH command to ban commits

Change-Id: Iacd242547dfb2221c85959bf7ec3690134cb5d85
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>

Documentation/cmd-ban-commit.txt

@@ -0,0 +1,60 @@
+gerrit ban-commit
+=================
+
+NAME
+----
+gerrit ban-commit - Bans a commit from a project's repository.
+
+SYNOPSIS
+--------
+[verse]
+'ssh' -p <port> <host> 'gerrit ban-commit'
+  [--reason <REASON>]
+  <PROJECT>
+  <COMMIT> ...
+
+DESCRIPTION
+-----------
+Marks a commit as banned for the specified repository.  If a commit is
+banned Gerrit rejects every push that includes this commit with
+link:error-contains-banned-commit.html[contains banned commit ...].
+
+[NOTE]
+This command just marks the commit as banned, but it does not remove
+the commit from the history of any central branch.  This needs to be
+done manually.
+
+ACCESS
+------
+Caller must be owner of the project or be a member of the privileged
+'Administrators' group.
+
+SCRIPTING
+---------
+This command is intended to be used in scripts.
+
+OPTIONS
+-------
+<PROJECT>::
+	Required; name of the project for which the commit should be
+	banned.
+
+<COMMIT>::
+	Required; commit(s) that should be banned.
+
+--reason::
+	Reason for banning the commit.
+
+EXAMPLES
+--------
+Ban commit `421919d015c062fd28901fe144a78a555d0b5984` from project
+`myproject`:
+
+====
+	$ ssh -p 29418 review.example.com gerrit ban-commit myproject \
+	421919d015c062fd28901fe144a78a555d0b5984
+====
+
+GERRIT
+------
+Part of link:index.html[Gerrit Code Review]

Documentation/cmd-index.txt

@@ -54,6 +54,9 @@ see link:user-upload.html#test_ssh[Testing Your SSH Connection].
 'gerrit approve'::
 	'Deprecated alias for `gerrit review`.'
 
+link:cmd-ban-commit.html[gerrit ban-commit]::
+	Bans a commit from a project's repository.
+
 link:cmd-ls-groups.html[gerrit ls-groups]::
 	List groups visible to the caller.
 

gerrit-server/src/main/java/com/google/gerrit/server/config/GerritRequestModule.java

@@ -34,6 +34,7 @@ import com.google.gerrit.server.changedetail.PublishDraft;
 import com.google.gerrit.server.changedetail.RestoreChange;
 import com.google.gerrit.server.changedetail.Submit;
 import com.google.gerrit.server.git.AsyncReceiveCommits;
+import com.google.gerrit.server.git.BanCommit;
 import com.google.gerrit.server.git.CreateCodeReviewNotes;
 import com.google.gerrit.server.git.MergeOp;
 import com.google.gerrit.server.git.MetaDataUpdate;
@@ -113,5 +114,6 @@ public class GerritRequestModule extends FactoryModule {
     factory(CreateProject.Factory.class);
     factory(Submit.Factory.class);
     factory(SuggestParentCandidates.Factory.class);
+    factory(BanCommit.Factory.class);
   }
 }

gerrit-server/src/main/java/com/google/gerrit/server/git/BanCommit.java

@@ -0,0 +1,273 @@
+// Copyright (C) 2012 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.server.git;
+
+import static com.google.gerrit.server.git.GitRepositoryManager.REF_REJECT_COMMITS;
+
+import com.google.gerrit.common.errors.PermissionDeniedException;
+import com.google.gerrit.reviewdb.client.Account;
+import com.google.gerrit.server.CurrentUser;
+import com.google.gerrit.server.GerritPersonIdent;
+import com.google.gerrit.server.account.AccountCache;
+import com.google.gerrit.server.project.ProjectControl;
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+
+import org.eclipse.jgit.errors.CorruptObjectException;
+import org.eclipse.jgit.errors.IncorrectObjectTypeException;
+import org.eclipse.jgit.errors.MissingObjectException;
+import org.eclipse.jgit.lib.CommitBuilder;
+import org.eclipse.jgit.lib.Constants;
+import org.eclipse.jgit.lib.ObjectId;
+import org.eclipse.jgit.lib.ObjectInserter;
+import org.eclipse.jgit.lib.PersonIdent;
+import org.eclipse.jgit.lib.Ref;
+import org.eclipse.jgit.lib.RefUpdate;
+import org.eclipse.jgit.lib.RefUpdate.Result;
+import org.eclipse.jgit.lib.Repository;
+import org.eclipse.jgit.notes.Note;
+import org.eclipse.jgit.notes.NoteMap;
+import org.eclipse.jgit.notes.NoteMapMerger;
+import org.eclipse.jgit.revwalk.RevCommit;
+import org.eclipse.jgit.revwalk.RevWalk;
+
+import java.io.IOException;
+import java.util.List;
+
+public class BanCommit {
+
+  private static final int MAX_LOCK_FAILURE_CALLS = 10;
+  private static final int SLEEP_ON_LOCK_FAILURE_MS = 25;
+
+  public interface Factory {
+    BanCommit create();
+  }
+
+  private final Provider<CurrentUser> currentUser;
+  private final GitRepositoryManager repoManager;
+  private final AccountCache accountCache;
+  private final PersonIdent gerritIdent;
+
+  @Inject
+  BanCommit(final Provider<CurrentUser> currentUser,
+      final GitRepositoryManager repoManager, final AccountCache accountCache,
+      @GerritPersonIdent final PersonIdent gerritIdent) {
+    this.currentUser = currentUser;
+    this.repoManager = repoManager;
+    this.accountCache = accountCache;
+    this.gerritIdent = gerritIdent;
+  }
+
+  public BanCommitResult ban(final ProjectControl projectControl,
+      final List<ObjectId> commitsToBan, final String reason)
+      throws PermissionDeniedException, IOException,
+      IncompleteUserInfoException, InterruptedException, MergeException {
+    if (!projectControl.isOwner()) {
+      throw new PermissionDeniedException(
+          "No project owner: not permitted to ban commits");
+    }
+
+    final BanCommitResult result = new BanCommitResult();
+
+    final PersonIdent currentUserIdent = createPersonIdent();
+    final Repository repo =
+        repoManager.openRepository(projectControl.getProject().getNameKey());
+    try {
+      final RevWalk revWalk = new RevWalk(repo);
+      final ObjectInserter inserter = repo.newObjectInserter();
+      try {
+        NoteMap baseNoteMap = null;
+        RevCommit baseCommit = null;
+        final Ref notesBranch = repo.getRef(REF_REJECT_COMMITS);
+        if (notesBranch != null) {
+          baseCommit = revWalk.parseCommit(notesBranch.getObjectId());
+          baseNoteMap = NoteMap.read(revWalk.getObjectReader(), baseCommit);
+        }
+
+        final NoteMap ourNoteMap;
+        if (baseCommit != null) {
+          ourNoteMap = NoteMap.read(repo.newObjectReader(), baseCommit);
+        } else {
+          ourNoteMap = NoteMap.newEmptyMap();
+        }
+
+        for (final ObjectId commitToBan : commitsToBan) {
+          try {
+            revWalk.parseCommit(commitToBan);
+          } catch (MissingObjectException e) {
+            // ignore exception, also not existing commits can be banned
+          } catch (IncorrectObjectTypeException e) {
+            result.notACommit(commitToBan, e.getMessage());
+            continue;
+          }
+
+          final Note note = ourNoteMap.getNote(commitToBan);
+          if (note != null) {
+            result.commitAlreadyBanned(commitToBan);
+            continue;
+          }
+
+          final String noteContent = reason != null ? reason : "";
+          final ObjectId noteContentId =
+              inserter
+                  .insert(Constants.OBJ_BLOB, noteContent.getBytes("UTF-8"));
+          ourNoteMap.set(commitToBan, noteContentId);
+          result.commitBanned(commitToBan);
+        }
+
+        if (result.getNewlyBannedCommits().isEmpty()) {
+          return result;
+        }
+
+        final ObjectId ourCommit =
+            commit(ourNoteMap, inserter, currentUserIdent, baseCommit, result,
+                reason);
+
+        updateRef(repo, revWalk, inserter, ourNoteMap, ourCommit, baseNoteMap,
+            baseCommit);
+      } finally {
+        revWalk.release();
+        inserter.release();
+      }
+    } finally {
+      repo.close();
+    }
+
+    return result;
+  }
+
+  private PersonIdent createPersonIdent() throws IncompleteUserInfoException {
+    final String userName = currentUser.get().getUserName();
+    final Account account = accountCache.getByUsername(userName).getAccount();
+    if (account.getFullName() == null) {
+      throw new IncompleteUserInfoException(userName, "full name");
+    }
+    if (account.getPreferredEmail() == null) {
+      throw new IncompleteUserInfoException(userName, "preferred email");
+    }
+    return new PersonIdent(account.getFullName(), account.getPreferredEmail());
+  }
+
+  private static ObjectId commit(final NoteMap noteMap,
+      final ObjectInserter inserter, final PersonIdent personIdent,
+      final ObjectId baseCommit, final BanCommitResult result,
+      final String reason) throws IOException {
+    final String commitMsg =
+        buildCommitMessage(result.getNewlyBannedCommits(), reason);
+    if (baseCommit != null) {
+      return createCommit(noteMap, inserter, personIdent, commitMsg, baseCommit);
+    } else {
+      return createCommit(noteMap, inserter, personIdent, commitMsg);
+    }
+  }
+
+  private static ObjectId createCommit(final NoteMap noteMap,
+      final ObjectInserter inserter, final PersonIdent personIdent,
+      final String message, final ObjectId... parents) throws IOException {
+    final CommitBuilder b = new CommitBuilder();
+    b.setTreeId(noteMap.writeTree(inserter));
+    b.setAuthor(personIdent);
+    b.setCommitter(personIdent);
+    if (parents.length > 0) {
+      b.setParentIds(parents);
+    }
+    b.setMessage(message);
+    final ObjectId commitId = inserter.insert(b);
+    inserter.flush();
+    return commitId;
+  }
+
+  private static String buildCommitMessage(final List<ObjectId> bannedCommits,
+      final String reason) {
+    final StringBuilder commitMsg = new StringBuilder();
+    commitMsg.append("Banning ");
+    commitMsg.append(bannedCommits.size());
+    commitMsg.append(" ");
+    commitMsg.append(bannedCommits.size() == 1 ? "commit" : "commits");
+    commitMsg.append("\n\n");
+    if (reason != null) {
+      commitMsg.append("Reason: ");
+      commitMsg.append(reason);
+      commitMsg.append("\n\n");
+    }
+    commitMsg.append("The following commits are banned:\n");
+    final StringBuilder commitList = new StringBuilder();
+    for (final ObjectId c : bannedCommits) {
+      if (commitList.length() > 0) {
+        commitList.append(",\n");
+      }
+      commitList.append(c.getName());
+    }
+    commitMsg.append(commitList);
+    return commitMsg.toString();
+  }
+
+  public void updateRef(final Repository repo, final RevWalk revWalk,
+      final ObjectInserter inserter, final NoteMap ourNoteMap,
+      final ObjectId oursCommit, final NoteMap baseNoteMap,
+      final ObjectId baseCommit) throws IOException, InterruptedException,
+      MissingObjectException, IncorrectObjectTypeException,
+      CorruptObjectException, MergeException {
+
+    int remainingLockFailureCalls = MAX_LOCK_FAILURE_CALLS;
+    RefUpdate refUpdate = createRefUpdate(repo, oursCommit, baseCommit);
+
+    for (;;) {
+      final Result result = refUpdate.update();
+
+      if (result == Result.LOCK_FAILURE) {
+        if (--remainingLockFailureCalls > 0) {
+          Thread.sleep(SLEEP_ON_LOCK_FAILURE_MS);
+        } else {
+          throw new MergeException("Failed to lock the ref: "
+              + REF_REJECT_COMMITS);
+        }
+
+      } else if (result == Result.REJECTED) {
+        final RevCommit theirsCommit =
+            revWalk.parseCommit(refUpdate.getOldObjectId());
+        final NoteMap theirNoteMap =
+            NoteMap.read(revWalk.getObjectReader(), theirsCommit);
+        final NoteMapMerger merger = new NoteMapMerger(repo);
+        final NoteMap merged =
+            merger.merge(baseNoteMap, ourNoteMap, theirNoteMap);
+        final ObjectId mergeCommit =
+            createCommit(merged, inserter, gerritIdent,
+                "Merged note commits\n", oursCommit, theirsCommit);
+        refUpdate = createRefUpdate(repo, mergeCommit, theirsCommit);
+        remainingLockFailureCalls = MAX_LOCK_FAILURE_CALLS;
+
+      } else if (result == Result.IO_FAILURE) {
+        throw new IOException(
+            "Couldn't create commit reject notes because of IO_FAILURE");
+      } else {
+        break;
+      }
+    }
+  }
+
+  private static RefUpdate createRefUpdate(final Repository repo,
+      final ObjectId newObjectId, final ObjectId expectedOldObjectId)
+      throws IOException {
+    RefUpdate refUpdate = repo.updateRef(REF_REJECT_COMMITS);
+    refUpdate.setNewObjectId(newObjectId);
+    if (expectedOldObjectId == null) {
+      refUpdate.setExpectedOldObjectId(ObjectId.zeroId());
+    } else {
+      refUpdate.setExpectedOldObjectId(expectedOldObjectId);
+    }
+    return refUpdate;
+  }
+}

gerrit-server/src/main/java/com/google/gerrit/server/git/BanCommitResult.java

@@ -0,0 +1,54 @@
+// Copyright (C) 2012 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.server.git;
+
+import org.eclipse.jgit.lib.ObjectId;
+
+import java.util.LinkedList;
+import java.util.List;
+
+public class BanCommitResult {
+
+  private final List<ObjectId> newlyBannedCommits = new LinkedList<ObjectId>();
+  private final List<ObjectId> alreadyBannedCommits = new LinkedList<ObjectId>();
+  private final List<ObjectId> ignoredObjectIds = new LinkedList<ObjectId>();
+
+  public BanCommitResult() {
+  }
+
+  public void commitBanned(final ObjectId commitId) {
+    newlyBannedCommits.add(commitId);
+  }
+
+  public void commitAlreadyBanned(final ObjectId commitId) {
+    alreadyBannedCommits.add(commitId);
+  }
+
+  public void notACommit(final ObjectId id, final String message) {
+    ignoredObjectIds.add(id);
+  }
+
+  public List<ObjectId> getNewlyBannedCommits() {
+    return newlyBannedCommits;
+  }
+
+  public List<ObjectId> getAlreadyBannedCommits() {
+    return alreadyBannedCommits;
+  }
+
+  public List<ObjectId> getIgnoredObjectIds() {
+    return ignoredObjectIds;
+  }
+}

gerrit-server/src/main/java/com/google/gerrit/server/git/IncompleteUserInfoException.java

@@ -0,0 +1,23 @@
+// Copyright (C) 2012 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.server.git;
+
+public class IncompleteUserInfoException extends Exception {
+  private static final long serialVersionUID = 1L;
+
+  public IncompleteUserInfoException(final String userName, final String missingInfo) {
+    super("For the user \"" + userName + "\" " + missingInfo + " is not set.");
+  }
+}

gerrit-server/src/main/java/com/google/gerrit/server/git/MergeException.java

@@ -15,7 +15,7 @@
 package com.google.gerrit.server.git;
 
 /** Indicates the current branch's queue cannot be processed at this time. */
-class MergeException extends Exception {
+public class MergeException extends Exception {
   private static final long serialVersionUID = 1L;
 
   MergeException(final String msg) {

gerrit-sshd/src/main/java/com/google/gerrit/sshd/SshModule.java

@@ -36,6 +36,7 @@ import com.google.gerrit.server.util.RequestScopePropagator;
 import com.google.gerrit.sshd.args4j.AccountGroupIdHandler;
 import com.google.gerrit.sshd.args4j.AccountGroupUUIDHandler;
 import com.google.gerrit.sshd.args4j.AccountIdHandler;
+import com.google.gerrit.sshd.args4j.ObjectIdHandler;
 import com.google.gerrit.sshd.args4j.PatchSetIdHandler;
 import com.google.gerrit.sshd.args4j.ProjectControlHandler;
 import com.google.gerrit.sshd.args4j.SocketAddressHandler;
@@ -49,6 +50,7 @@ import com.google.inject.servlet.RequestScoped;
 import org.apache.sshd.common.KeyPairProvider;
 import org.apache.sshd.server.CommandFactory;
 import org.apache.sshd.server.PublickeyAuthenticator;
+import org.eclipse.jgit.lib.ObjectId;
 import org.kohsuke.args4j.spi.OptionHandler;
 
 import java.net.SocketAddress;
@@ -120,6 +122,7 @@ public class SshModule extends FactoryModule {
     registerOptionHandler(Account.Id.class, AccountIdHandler.class);
     registerOptionHandler(AccountGroup.Id.class, AccountGroupIdHandler.class);
     registerOptionHandler(AccountGroup.UUID.class, AccountGroupUUIDHandler.class);
+    registerOptionHandler(ObjectId.class, ObjectIdHandler.class);
     registerOptionHandler(PatchSet.Id.class, PatchSetIdHandler.class);
     registerOptionHandler(ProjectControl.class, ProjectControlHandler.class);
     registerOptionHandler(SocketAddress.class, SocketAddressHandler.class);

gerrit-sshd/src/main/java/com/google/gerrit/sshd/args4j/ObjectIdHandler.java

@@ -0,0 +1,47 @@
+// Copyright (C) 2012 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.sshd.args4j;
+
+import com.google.inject.Inject;
+import com.google.inject.assistedinject.Assisted;
+
+import org.eclipse.jgit.lib.ObjectId;
+import org.kohsuke.args4j.CmdLineException;
+import org.kohsuke.args4j.CmdLineParser;
+import org.kohsuke.args4j.OptionDef;
+import org.kohsuke.args4j.spi.OptionHandler;
+import org.kohsuke.args4j.spi.Parameters;
+import org.kohsuke.args4j.spi.Setter;
+
+public class ObjectIdHandler extends OptionHandler<ObjectId> {
+
+  @Inject
+  public ObjectIdHandler(@Assisted final CmdLineParser parser,
+      @Assisted final OptionDef option, @Assisted final Setter<ObjectId> setter) {
+    super(parser, option, setter);
+  }
+
+  @Override
+  public int parseArguments(Parameters params) throws CmdLineException {
+    final String n = params.getParameter(0);
+    setter.addValue(ObjectId.fromString(n));
+    return 1;
+  }
+
+  @Override
+  public String getDefaultMetaVariable() {
+    return "COMMIT";
+  }
+}

gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/BanCommitCommand.java

@@ -0,0 +1,118 @@
+// Copyright (C) 2012 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.sshd.commands;
+
+import com.google.gerrit.common.errors.PermissionDeniedException;
+import com.google.gerrit.server.git.BanCommit;
+import com.google.gerrit.server.git.BanCommitResult;
+import com.google.gerrit.server.git.IncompleteUserInfoException;
+import com.google.gerrit.server.git.MergeException;
+import com.google.gerrit.server.project.ProjectControl;
+import com.google.gerrit.sshd.BaseCommand;
+import com.google.inject.Inject;
+
+import org.apache.sshd.server.Environment;
+import org.eclipse.jgit.lib.ObjectId;
+import org.kohsuke.args4j.Argument;
+import org.kohsuke.args4j.Option;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.ArrayList;
+import java.util.List;
+
+public class BanCommitCommand extends BaseCommand {
+
+  @Option(name = "--reason", aliases = {"-r"}, metaVar = "REASON", usage = "reason for banning the commit")
+  private String reason;
+
+  @Argument(index = 0, required = true, metaVar = "PROJECT",
+      usage = "name of the project for which the commit should be banned")
+  private ProjectControl projectControl;
+
+  @Argument(index = 1, required = true, multiValued = true, metaVar = "COMMIT",
+      usage = "commit(s) that should be banned")
+  private List<ObjectId> commitsToBan = new ArrayList<ObjectId>();
+
+  @Inject
+  private BanCommit.Factory banCommitFactory;
+
+  @Override
+  public void start(final Environment env) throws IOException {
+    startThread(new CommandRunnable() {
+      @Override
+      public void run() throws Exception {
+        parseCommandLine();
+        BanCommitCommand.this.display();
+      }
+    });
+  }
+
+  private void display() throws Failure {
+    try {
+      final BanCommitResult result =
+          banCommitFactory.create().ban(projectControl, commitsToBan, reason);
+
+      final PrintWriter stdout = toPrintWriter(out);
+      try {
+        final List<ObjectId> newlyBannedCommits =
+            result.getNewlyBannedCommits();
+        if (!newlyBannedCommits.isEmpty()) {
+          stdout.print("The following commits were banned:\n");
+          printCommits(stdout, newlyBannedCommits);
+        }
+
+        final List<ObjectId> alreadyBannedCommits =
+            result.getAlreadyBannedCommits();
+        if (!alreadyBannedCommits.isEmpty()) {
+          stdout.print("The following commits were already banned:\n");
+          printCommits(stdout, alreadyBannedCommits);
+        }
+
+        final List<ObjectId> ignoredIds = result.getIgnoredObjectIds();
+        if (!ignoredIds.isEmpty()) {
+          stdout.print("The following ids do not represent commits"
+              + " and were ignored:\n");
+          printCommits(stdout, ignoredIds);
+        }
+      } finally {
+        stdout.flush();
+      }
+    } catch (PermissionDeniedException e) {
+      throw die(e);
+    } catch (IOException e) {
+      throw die(e);
+    } catch (IncompleteUserInfoException e) {
+      throw die(e);
+    } catch (MergeException e) {
+      throw die(e);
+    } catch (InterruptedException e) {
+      throw die(e);
+    }
+  }
+
+  private static void printCommits(final PrintWriter stdout,
+      final List<ObjectId> commits) {
+    boolean first = true;
+    for (final ObjectId c : commits) {
+      if (!first) {
+        stdout.print(",\n");
+      }
+      stdout.print(c.getName());
+      first = false;
+    }
+    stdout.print("\n\n");
+  }
+}

gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/DefaultCommandModule.java

@@ -35,6 +35,7 @@ public class DefaultCommandModule extends CommandModule {
     // SlaveCommandModule.
 
     command(gerrit).toProvider(new DispatchCommandProvider(gerrit));
+    command(gerrit, "ban-commit").to(BanCommitCommand.class);
     command(gerrit, "flush-caches").to(FlushCaches.class);
     command(gerrit, "ls-projects").to(ListProjects.class);
     command(gerrit, "ls-groups").to(ListGroupsCommand.class);