Introduce receive.denyDeletes
Occasionally, it may be useful to prevent branches from getting deleted from a centralized repository, particularly when no administrative access to the server is available to undo it via reflog. It also makes receive.denyNonFastForwards more useful if it is used for access control since it prevents force-updating by deleting and re-creating a ref. Signed-off-by: Jan Krüger <jk@jk.gs> Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
parent
aebd173ffa
commit
a240de1137
@ -1188,6 +1188,10 @@ receive.unpackLimit::
|
|||||||
especially on slow filesystems. If not set, the value of
|
especially on slow filesystems. If not set, the value of
|
||||||
`transfer.unpackLimit` is used instead.
|
`transfer.unpackLimit` is used instead.
|
||||||
|
|
||||||
|
receive.denyDeletes::
|
||||||
|
If set to true, git-receive-pack will deny a ref update that deletes
|
||||||
|
the ref. Use this to prevent such a ref deletion via a push.
|
||||||
|
|
||||||
receive.denyNonFastForwards::
|
receive.denyNonFastForwards::
|
||||||
If set to true, git-receive-pack will deny a ref update which is
|
If set to true, git-receive-pack will deny a ref update which is
|
||||||
not a fast forward. Use this to prevent such an update via a push,
|
not a fast forward. Use this to prevent such an update via a push,
|
||||||
|
@ -11,6 +11,7 @@
|
|||||||
|
|
||||||
static const char receive_pack_usage[] = "git-receive-pack <git-dir>";
|
static const char receive_pack_usage[] = "git-receive-pack <git-dir>";
|
||||||
|
|
||||||
|
static int deny_deletes = 0;
|
||||||
static int deny_non_fast_forwards = 0;
|
static int deny_non_fast_forwards = 0;
|
||||||
static int receive_fsck_objects;
|
static int receive_fsck_objects;
|
||||||
static int receive_unpack_limit = -1;
|
static int receive_unpack_limit = -1;
|
||||||
@ -23,6 +24,11 @@ static int capabilities_sent;
|
|||||||
|
|
||||||
static int receive_pack_config(const char *var, const char *value, void *cb)
|
static int receive_pack_config(const char *var, const char *value, void *cb)
|
||||||
{
|
{
|
||||||
|
if (strcmp(var, "receive.denydeletes") == 0) {
|
||||||
|
deny_deletes = git_config_bool(var, value);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
if (strcmp(var, "receive.denynonfastforwards") == 0) {
|
if (strcmp(var, "receive.denynonfastforwards") == 0) {
|
||||||
deny_non_fast_forwards = git_config_bool(var, value);
|
deny_non_fast_forwards = git_config_bool(var, value);
|
||||||
return 0;
|
return 0;
|
||||||
@ -185,6 +191,12 @@ static const char *update(struct command *cmd)
|
|||||||
"but I can't find it!", sha1_to_hex(new_sha1));
|
"but I can't find it!", sha1_to_hex(new_sha1));
|
||||||
return "bad pack";
|
return "bad pack";
|
||||||
}
|
}
|
||||||
|
if (deny_deletes && is_null_sha1(new_sha1) &&
|
||||||
|
!is_null_sha1(old_sha1) &&
|
||||||
|
!prefixcmp(name, "refs/heads/")) {
|
||||||
|
error("denying ref deletion for %s", name);
|
||||||
|
return "deletion prohibited";
|
||||||
|
}
|
||||||
if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
|
if (deny_non_fast_forwards && !is_null_sha1(new_sha1) &&
|
||||||
!is_null_sha1(old_sha1) &&
|
!is_null_sha1(old_sha1) &&
|
||||||
!prefixcmp(name, "refs/heads/")) {
|
!prefixcmp(name, "refs/heads/")) {
|
||||||
|
@ -103,6 +103,17 @@ unset GIT_CONFIG GIT_CONFIG_LOCAL
|
|||||||
HOME=`pwd`/no-such-directory
|
HOME=`pwd`/no-such-directory
|
||||||
export HOME ;# this way we force the victim/.git/config to be used.
|
export HOME ;# this way we force the victim/.git/config to be used.
|
||||||
|
|
||||||
|
test_expect_failure \
|
||||||
|
'pushing a delete should be denied with denyDeletes' '
|
||||||
|
cd victim &&
|
||||||
|
git config receive.denyDeletes true &&
|
||||||
|
git branch extra master &&
|
||||||
|
cd .. &&
|
||||||
|
test -f victim/.git/refs/heads/extra &&
|
||||||
|
test_must_fail git send-pack ./victim/.git/ :extra master
|
||||||
|
'
|
||||||
|
rm -f victim/.git/refs/heads/extra
|
||||||
|
|
||||||
test_expect_success \
|
test_expect_success \
|
||||||
'pushing with --force should be denied with denyNonFastforwards' '
|
'pushing with --force should be denied with denyNonFastforwards' '
|
||||||
cd victim &&
|
cd victim &&
|
||||||
|
Loading…
Reference in New Issue
Block a user