Gitolite权限:如何使用“-"事物? [英] Gitolite permissions: How use the "-" thing?

问题描述

我正在尝试设置我的Gitolite权限，但我不确定如何使用-.

I'm trying to set up my Gitolite permissions but I'm not really sure how to use the - thing.

情况:我有两个小组. @gatekeepers和@devs.我希望这两个组都能够在除master分支之外的所有远程分支中工作.他们应该能够pull master分支.

Situation: I have two groups; @gatekeepers and @devs. I want both groups to be able to work in all remote branches except the master branch. They are supposed to be able to pull the master branch though.

到目前为止，我有这个功能，但是我很肯定它不起作用:

So far I have this, but I'm positive that it doesn't work:

repo foo
    - master = @devs @gatekeepers
    RW+     = @devs @gatekeepers

如果我对它的理解正确，那么这将禁止这些小组对master分支做任何事情(读或写).

If I understand it correctly, this disallow the groups from doing anything at all (reading or writing) to the master branch.

正确执行此操作的方法是什么?

What is the way to do this properly?

推荐答案

出于规定的目的(不允许IIUC强制掌握)，问题中的原始代码很好；确实的确阻止了对上述两个小组的掌握.

For the stated purpose (which IIUC is disallow push to master), the original code in the question is fine; it does indeed prevent push to master to both groups mentioned.

添加deny-rules选项使其无法克隆.

Adding the deny-rules option makes it so no one can even clone.

回顾:deny-rules选项使之成为可能，因此拒绝规则也适用于pre-git访问检查.这就意味着，(如文档所说)，refexe被忽略了-实际上，您甚至都不知道将推送什么ref，即使它是推送操作也是如此.

Recap: the deny-rules option makes it so that deny rules are honored for the pre-git access check also. This means, (as the doc says), refexes are ignored -- in fact you don't even know what ref will be pushed, even if it is a push operation.

这篇关于Gitolite权限:如何使用“-"事物?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！