We now correctly honor OWN +1 on reference names other than refs/* to
delegate ownership (aka access control management) to a subnamespace
within the larger reference namespace of the project.
This permits a project owner to hand out control over a particular
namespace to another group, e.g. refs/heads/qa/* can be delegated
fully to the QA group, allowing its members to manage the Submit
and Push Branch access control rules only within that subspace.
The client UI is still really crude here. For example, it allows
you to try to change global project settings, but then throws back
the server exception when the server rejects your edit. It also
allows you to try to delete access rights which you can't delete,
and again just throws back the server error message. We really
could be smarter here in the future, but the client doesn't have
the RefControl processing logic required to understand which rows
it can change, and which it cannot.
Change-Id: I83c607eaea92d9fd7e40ed93f38b2c4478ec842f
Signed-off-by: Shawn O. Pearce <sop@google.com>
Reviewed-by: Nico Sallembien <nsallembien@google.com>
d9d7fe02b0