Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/gitblit-org/gitblit-tbacl-plugin

Simple plugin to enforce teamname-branchname ACLs
https://github.com/gitblit-org/gitblit-tbacl-plugin

Last synced: 7 days ago
JSON representation

Simple plugin to enforce teamname-branchname ACLs

Host: GitHub
URL: https://github.com/gitblit-org/gitblit-tbacl-plugin
Owner: gitblit-org
License: apache-2.0
Created: 2014-06-03T18:07:15.000Z (over 10 years ago)
Default Branch: master
Last Pushed: 2014-06-14T13:30:55.000Z (over 10 years ago)
Last Synced: 2023-03-22T23:11:10.913Z (almost 2 years ago)
Language: Java
Size: 215 KB
Stars: 2
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

README

## Gitblit Team-Branch ACLs

*REQUIRES 1.5.0*

This plugin requires enforces a relationship between teams and target branches; i.e. the user pushing commits must be a team member to push to the team branches. Pushes outside the team branches sandbox are rejected unless the pushing user is an owner or administrator.

For example, if *joe* wants to push to the *master* branch he must be a member of the `master` team.

Or if team namespaces are enabled, *joe* can push to the *qa/master* branch if he is a member of the `qa` team.

**NOTE:**
Only administrators or owners can push refs outside the branch namespace (e.g. tags).

### Installation

This plugin is referenced in the Gitblit Plugin Registry and you may install it using SSH with an administrator account.

ssh host plugin refresh
ssh host plugin install tbacl
ssh host plugin ls

Alternatively, you can download the zip from [here](http://plugins.gitblit.com) manually copy it to your `${baseFolder}/plugins` directory.

### Setup

There is no required setup but there are some optional settings you may want to configure.

#### tbacl.useTeamNamespaces

DEFAULT: **false**, *strict team<->branch mapping*

*tbacl.useTeamNamespaces* = true will require that non-admins and non-owners push to a team branch namespace. This is a little more flexible than the default strict teamname<->branchname requirement.

For example, *qa* team members are allowed to push to:

- refs/heads/qa/master
- refs/heads/qa/develop

But **not** to:

- refs/heads/qa

And *coders* team members are allowed to push to:

- refs/heads/coders/master
- refs/heads/coders/develop

But **not** to:

- refs/heads/coders

#### tbacl.applyToPersonalRepos

DEFAULT: **false**, *personal repositories are skipped*

*tbacl.applyToPersonalRepos* = true will apply the branch<->team requirement to personal repositories.

### Building against a Gitblit RELEASE

ant && cp ./build/target/tbacl*.zip /path/to/gitblit/plugins

### Building against a Gitblit SNAPSHOT

/path/to/dev/gitblit/ant installMoxie
/path/to/dev/tbacl/ant && cp ./build/target/tbacl*.zip /path/to/gitblit/plugins