1

Nobody should be able to write to the profiles/recruiter directory in the repository, except for a sync user that pushes changes there:

repo    test
    RW                                = @contributors gitsync
    RW  VREF/NAME/profiles/recruiter/ = gitsync
    -   VREF/NAME/profiles/recruiter/ = @all

This works so far. Now I only want to have that restriction on the master branch, so that contributors can push any stuff to feature branches. But this does not work:

repo    test
    RW                                       = @contributors gitsync
    RW  master VREF/NAME/profiles/recruiter/ = gitsync
    -   master VREF/NAME/profiles/recruiter/ = @all

Even if I add master to the first rule it does not work:

repo    test
        RW                                      = @contributors
        RW  master                              = @contributors
        RW  master VREF/NAME/profiles/recruiter/ = klausi
        -   master VREF/NAME/profiles/recruiter/ = klausi_test

The klausi_test user is then not allowed to push stuff in the profiles/recruiter directory to some foobar branch.

I also tried gitolite disallow access for directory on master branch but not on user branch , but that also did not work. Any hints?

Community
  • 1
  • 1
klausi
  • 491
  • 5
  • 17
  • But in my answer http://stackoverflow.com/a/11900083/6309, I added also `master` to the first rule. `RW master = @contributors gitsync`. Can you try and add `master` in that first rule? – VonC Oct 09 '14 at 11:40
  • Even if I add master to the first rule it does not work. – klausi Oct 09 '14 at 12:12
  • What version of gitolite are you using? – VonC Oct 09 '14 at 12:47
  • Maybe updating to the latest would help to learn more about why the VREF isn't working, because of https://github.com/sitaramc/gitolite/commit/3154e46c93f8561633908e5c6b6e35003ae6c25e (I just had a closer look, this is just to add information message, so not so helpful in your case) – VonC Oct 10 '14 at 08:23
  • The access command though could help: https://github.com/sitaramc/gitolite/blob/3154e46c93f8561633908e5c6b6e35003ae6c25e/src/commands/access – VonC Oct 10 '14 at 08:25

1 Answers1

1

I had to figure out something like this recently, and I think I figured out how using the refex-expr feature. I believe this is a feature in 3.6.2. The following setup should work.

repo test
    RW                                           = @contributors gitsync
    RW  master                                   = @contributors
    RW  VREF/NAME/profiles/recruiter/            = @contributors
    -   master and VREF/NAME/profiles/recruiter/ = @contributors

Note that you need to enable the refex-expr feature in your .gitolite.rc file.

thylacine222
  • 113
  • 6