Gitolite权限:如何使用“-"事物? [英] Gitolite permissions: How use the "-" thing?
问题描述
我正在尝试设置我的Gitolite权限,但我不确定如何使用-
.
I'm trying to set up my Gitolite permissions but I'm not really sure how to use the -
thing.
情况:我有两个小组. @gatekeepers
和@devs
.我希望这两个组都能够在除master
分支之外的所有远程分支中工作.他们应该能够pull
master分支.
Situation: I have two groups; @gatekeepers
and @devs
. I want both groups to be able to work in all remote branches except the master
branch. They are supposed to be able to pull
the master branch though.
到目前为止,我有这个功能,但是我很肯定它不起作用:
So far I have this, but I'm positive that it doesn't work:
repo foo
- master = @devs @gatekeepers
RW+ = @devs @gatekeepers
如果我对它的理解正确,那么这将禁止这些小组对master分支做任何事情(读或写).
If I understand it correctly, this disallow the groups from doing anything at all (reading or writing) to the master branch.
正确执行此操作的方法是什么?
What is the way to do this properly?
推荐答案
出于规定的目的(不允许IIUC强制掌握),问题中的原始代码很好;确实的确阻止了对上述两个小组的掌握.
For the stated purpose (which IIUC is disallow push to master), the original code in the question is fine; it does indeed prevent push to master to both groups mentioned.
添加deny-rules
选项使其无法克隆.
Adding the deny-rules
option makes it so no one can even clone.
回顾:deny-rules
选项使之成为可能,因此拒绝规则也适用于pre-git访问检查.这就意味着,(如文档所说),refexe被忽略了-实际上,您甚至都不知道将推送什么ref,即使它是推送操作也是如此.
Recap: the deny-rules
option makes it so that deny rules are honored for the pre-git access check also. This means, (as the doc says), refexes are ignored -- in fact you don't even know what ref will be pushed, even if it is a push operation.
这篇关于Gitolite权限:如何使用“-"事物?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!