My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 2557: Create reference / Push permissions not enforced
2 people starred this issue and may be notified of changes. Back to list
Status:  Submitted
Owner:  ----
Closed:  Mar 2014


Sign in to add a comment
 
Reported by m...@ldiamond.net, Mar 17, 2014
************************************************************
***** NOTE: THIS BUG TRACKER IS FOR GERRIT CODE REVIEW *****
***** DO NOT SUBMIT BUGS FOR CHROME, ANDROID, INTERNAL *****
***** ISSUES WITH YOUR COMPANY'S GERRIT SETUP, ETC.    *****
***** THOSE ISSUE BELONG IN DIFFERENT ISSUE TRACKERS!  *****
************************************************************

Affected Version: 2.8.2 - 2.8.3

What steps will reproduce the problem?
1. Create a project
2. Make sure you don't have create reference or push access on refs/heads/*
3. Create a new branch with a new commit and push to refs/heads/branch

What is the expected output? 

Prohibited by Gerrit (like in 2.8.1)



What do you see instead?

[new branch] ....


Please provide any additional information below.

The create reference and push access are broken in 2.8.2 and 2.8.3. Anyone can push new branches with new commits in them.


Mar 17, 2014
Project Member #1 dougk....@gmail.com
I cannot reproduce this on 2.8.3.  Question, is your user in the Administrators group?
Mar 17, 2014
#2 m...@ldiamond.net
Yes, the user is in administrator group, however, the group is set to "deny" for create reference.

The issue was introduced here: https://gerrit-review.googlesource.com/#/c/54048

I'm working on a patch. 

It may be considered a "feature" by some (admins don't need the right since they can give it to themselves) but I want to prevent admins from making mistakes when pushing branches. Our setup only allows people (admins included) to create branches under refs/heads/feature/*
Mar 18, 2014
#3 m...@ldiamond.net
The fix is really simple. https://gerrit-review.googlesource.com/55233
Mar 26, 2014
Project Member #4 david.pu...@sonymobile.com
(No comment was entered for this change.)
Status: Submitted
Labels: FixedIn-2.8.4
Sign in to add a comment

Powered by Google Project Hosting